Snyk Enters $77B Cloud Security Arena

February 18, 2022

Snyk has bought Fugue, a cloud security and compliance company helping global teams to protect their cloud environments so they can prioritize rapid innovation. This milestone marks Snyk’s entry into the cloud security market, a fast growing segment of cybersecurity predicted to be worth $77.5 billion by 2026 according to MarketsandMarkets.

The companies did not disclose financial terms of the deal.

Headquartered in Frederick, Maryland, Fugue, like Snyk, was founded with a fundamental commitment to the power of open source for increasingly scalable and secure software development. While numerous Cloud Security Posture Management (CSPM) tools today can detect vulnerabilities in deployment, Fugue’s Unified Policy Engine is unique in its ability to connect cloud posture back to configuration code, using one set of policies in order to manage compliance and security throughout the entirety of the software development lifecycle (SDLC).

By joining forces with Snyk, Fugue’s current capabilities will soon extend the Snyk Developer Security Platform, enabling the industry’s first CSPM designed by and for developers. Snyk customers will be the first to benefit from an unmatched feedback loop, allowing developers to secure their code before deployment, maintain its secure integrity while running, and better understand the precise places to provide fixes back in the code. The newly combined Snyk and Fugue teams are fully aligned in this shared vision to support more of the world’s modern global DevOps shops.

In these forward thinking enterprises, where the promise of DevSecOps is embraced and championed throughout the entire organization, each developer’s role has additionally evolved to now include the continued security of applications after they are deployed. More and more of the world’s developers, which IDC predicts to number over 43 million by 2025, find themselves fully responsible for the ongoing performance and security of their code once it’s running.

In the near-term, a new Snyk solution will unite and then extend Snyk’s Infrastructure as Code (IaC) and Fugue’s cloud security capabilities, designed specifically with these DevSecOps teams in mind. This will include:

Developer First CSPM: effective detection of security vulnerabilities in modern cloud workloads; automated into developer workflows enabling an efficient process for capturing and testing issues early.

Comprehensive Visualization of Cloud Landscape: interprets cloud resources, showing details as well as connections/relationships with other resources to provide the context that enables effective risk assessment, triaging and prioritization.

Fully Integrated Insights: security insights in deployed app are connected to developer security workflows, enabling improved vulnerability prioritization based on exploitability. This lowers signal to noise ratio by highlighting biggest risks while deprioritizing issues with a mitigation already in place.

“Welcoming the talented Fugue team as our newest Snykers is a fantastic way to kick off 2022,” said Peter McKay, CEO, Snyk. “Together, we’ll collectively reimagine what cloud security can and should look like for today’s modern DevSecOps teams, ensuring more secure innovation can flourish worldwide.”

“As we join forces with Snyk today, our founding mission – security by and for developers – doesn’t change, but expands exponentially with the scope of the opportunity in front of us,” said Josh Stella, Co-founder & CEO, Fugue. “We’re excited to now reach more developers in more places, helping them to not only build our future, but also successfully secure it.”

The acquisition of Fugue is Snyk’s fifth in the last 18 months, following the successful integrations of CloudSkiff, FossID, Manifold and DeepCode. This latest corporate development follows the company’s late 2021 announcement of over $600 million in Series F investment.