Developer security company Snyk has acquired cloud security and compliance company Fugue for an undisclosed sum of money. Fugue’s solutions assist worldwide teams in protecting their cloud environments so that they may focus on quick innovation. This is Snyk’s first foray into the cloud security sector.
Fugue, like Snyk, is based in Frederick, Maryland, and was formed with a strong belief in the potential of open source for more scalable and safe software development. While many Cloud Security Posture Management (CSPM) tools can detect vulnerabilities in deployment today, Fugue’s Unified Policy Engine would be unique in its ability to link cloud posture to configuration code, using a single set of policies to manage compliance and security throughout the software development lifecycle (SDLC).
Fugue’s present features will soon be extended to the Snyk Developer Security Platform. Customers of Snyk would be the first to benefit from a feedback loop, which will allow developers to protect their code before deployment, keep its secure integrity while in use, and better understand where to offer corrections back in the code. The newly joined Snyk and Fugue teams are completely united in their goal of supporting more sophisticated global DevOps shops.
“Welcoming the talented Fugue team as our newest Snykers is a fantastic way to kick off 2022,” said Peter McKay, Chief Executive Officer (CEO) at Snyk. “Together, we’ll collectively reimagine what cloud security can and should look like for today’s modern DevSecOps teams, ensuring more secure innovation can flourish worldwide.”
The acquisition of Fugue is Snyk’s fifth in the last 18 months, following the integrations of CloudSkiff, FossID, Manifold and DeepCode. This latest corporate development follows the company’s late 2021 announcement of over $600 million in Series F investment.
Cloud Security Developers
Each developer’s responsibility has additionally grown to also encompass the continuous security of applications after they are deployed in these forward-thinking companies, where the promise of DevSecOps is embraced and championed throughout the whole company.
More and more developers around the world, which IDC estimates will number over 43 million by 2025, are taking full responsibility for the performance and security of their code after it’s up and running.
In the near future, a new Snyk solution would bring together and enhance Snyk’s Infrastructure as Code (IaC) and Fugue’s cloud security capabilities, particularly for DevSecOps teams. This will include the following:
- Developer First CSPM – Security vulnerabilities in current cloud workloads are effectively detected, and the process is integrated into developer processes, allowing for an efficient procedure for collecting and testing concerns early.
- Comprehensive Visualization of Cloud Landscape – analyzes cloud resources, displaying specifics as well as connections/relationships to other resources in order to offer the context necessary for successful risk assessment, triaging, and prioritizing.
- Fully Integrated Insights – developer security procedures are linked to security insights in deployed apps, allowing for better vulnerability prioritization based on exploitability. This would reduce the signal to noise ratio by emphasizing the most serious threats and deprioritizing issues for which a solution is already in place.
“As we join forces with Snyk today, our founding mission – security by and for developers – doesn’t change, but expands exponentially with the scope of the opportunity in front of us,” said Josh Stella, Co-Founder and CEO of Fugue. “We’re excited to now reach more developers in more places, helping them to not only build our future, but also successfully secure it.”
