ServiceNow Inc. today announced that it has made a strategic investment in Snyk Ltd., a well-funded startup focused on helping developers detect and fix code vulnerabilities.
The Wall Street Journal reported that the investment is worth $25 million. Besides buying a stake in Snyk, ServiceNow has also built an integration for the startup’s vulnerability detection software. The integration will make it easier for the companies’ joint customers to fix security issues in their applications.
“For Snyk, this latest ServiceNow investment represents much more than pure capital,” said Snyk Chief Executive Officer Peter McKay. “First as a customer, then as a partner and now as a strategic investor, the ServiceNow team has proven their determination to shift enterprises away from slow, burdensome legacy cybersecurity approaches.”
NYSE-listed ServiceNow provides a cloud platform that companies use to provide technical support to employees and customers. The platform also offers features for a variety of other tasks, from detecting infrastructure malfunctions to onboarding new hires. ServiceNow’s revenue grew 21% year-over-year, to $1.83 billion, in the third quarter.
Snyk develops a set of popular tools for detecting vulnerabilities in software code. The startup’s tools are used by more than 2,500 organizations including Google LLC, Salesforce Inc. and other major technology companies. Snyk closed a $196.5 million funding round at a $7 billion valuation last month.
The integration that ServiceNow introduced today connects its platform to the startup’s Snyk Open Source tool. In the enterprise, many applications include software components sourced from the open-source ecosystem. Snyk Open Source automatically detects when such components contain vulnerabilities and alerts developers.
According to Snyk, the tool also detects issues related to software licensing. Open-source projects include a license that specifies how they may be used. Using Snyk Open Source, developers can determine whether an application project uses external components in an authorized manner and make code changes where necessary.
ServiceNow is integrating Snyk Open Source with its platform’s ServiceNow Vulnerability Response module. The module enables administrators to detect vulnerabilities in their companies’ software environments, as well as prioritize them by severity. The new integration is designed to help joint ServiceNow and Snyk customers resolve security issues in software applications faster.
“This new ServiceNow integration brings Snyk into a popular platform that governs how IT is serviced, resulting in thousands of enterprises being able to bolster their overall security posture through effective DevSecOps collaboration,” said Snyk chief product officer Manoj Nair.
Alongside its tool for detecting vulnerable open-source components, Snyk offers several other cybersecurity products. One product can detect security flaws in newly written software code immediately after it’s created. Snyk also helps companies find and fix vulnerabilities in infrastructure as code scripts, which developers use to configure cloud environments.