With billions of dollars spent on endpoint and runtime security, a cultural shift is happening because developers are taking up the security mantle to tame vulnerability from the onset.  

For the past six and a half years, developer security platform Snyk Ltd. has been building momentum within development communities around the world that are fast and agile, as well as secure at the same time, according to Peter McKay (pictured), chief executive officer of Snyk.

“You really need to move security testing into that developer environment from the IDE, the CI/CD all the way through,” he said. “The realization that we’ve got to go earlier and earlier and fix these issues well before we go into production and don’t wait till the very end … that’s really driving the market to this shift left.”

McKay spoke with Lisa Martin, host of theCUBE, SiliconANGLE Media’s livestreaming studio, during AWS re:Invent. They discussed Snyk’s developer security approach and its partnership with Amazon Web Services Inc. (* Disclosure below.)

Bridging the gap with the developer security approach

Given that prevention is better than cure, McKay believes that developing security along the way is crucial, because it fixes issues ahead of time. Snyk acts as the bridge between developer teams in engineering and security players because it embeds security into the software development life cycle.

For nearly 25 years, nobody ever thought developers would care about security, because it was owned by application security teams who deployed a waterfall development model, which is incredibly inefficient, according to McKay.

“We are a little bit different than some companies where they kind of follow decisions from headquarters. For us, we follow developers,” he stated.

With many applications shunning the cloud because of security issues, the AWS and Snyk partnership has resolved this issue for nearly two years.

“We’ve integrated our Intel database into AWS inspector,” McKay explained. “We work very collaboratively with AWS in both our technical roadmap and go-to-market side … we’re in the second inning of that game.”

With approximately 28 million developers around the world, McKay believes that they do not have to be security experts because Snyk hastens their speed with container security, drift technology, and code security or a stats solution.

“If you asked the developer, ‘Would you rather develop a secure app or an insecure app?’ if all things were equal, of course, they’d want it to be secure, but it needs to be easy. ‘Whatever you do, don’t slow me down!’” he concluded. 

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of AWS re:Invent. (* Disclosure: Snyk Ltd. sponsored this segment of theCUBE. Neither Snyk nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE