Trend Micro Incorporated has released a new, co-built SaaS solution with Snyk, the leader in cloud-native application security.
The first of its kind, it’s designed to provide continuous insight into open-source vulnerabilities for enhanced risk management to drive data-driven decisions.
“Together Snyk and Trend Micro are investing in the future of the cybersecurity industry, where security and development teams effectively work together to make their organizations safer,” said Geva Solomonovich, Global Alliances CTO for Snyk. “Adding Snyk’s developer-first security technology to Trend Micro’s Cloud One allows more customers to tackle open-source risk on a single platform, minimizing the need to manage multiple vendors and tools. We look forward to our continued collaboration with Trend Micro to foster more innovative, effective ways to solve key security concerns for our customers.”
“With this one solution, we’re able to solve several problems and use technology to bridge internal gaps,” said Kevin Simzer, chief operating officer for Trend Micro. “This offering can save over 650 hours of development time per application through increased automation, helps to manage risk and liability with license requirements, and gives security teams visibility into a part of our functional code base that has not been accessible before.”
Trend Micro Cloud One – Open-Source Security by Snyk is the newest Cloud One service and the first partner addition to the platform, which is available through the channel as well as AWS Marketplace.
This is the first service that provides visibility into open-source software vulnerabilities for security operation teams. The use of these open-source code components is exploding thanks to the speed, flexibility, extensibility and quality they offer application development teams. According to Snyk, 80% of application code today is open source.
In their Market Guide for Software Composition Analysis, Gartner stated that “Open-source software is used in nearly all organizations. This introduces risks from readily exploitable vulnerabilities; an expanded attack surface through which malware and malicious code can gain access, compromising proprietary code and infrastructure; and legal and intellectual property exposures.”
Snyk has observed 2.5x growth in open-source vulnerabilities over the past three years making it more necessary than ever to deliver security further into the DevOps pipeline. However, process gaps, mismatched toolsets and communication challenges between SecOps and DevOps are commonplace.