Snyk, a leader in developer security, has officially launched its Snyk API & Web, a dynamic application security testing (DAST) solution designed to meet the growing security demands of modern, AI-powered software development. This new offering follows the acquisition of Probely’s DAST technology, which integrates into Snyk’s existing security platform to provide a comprehensive solution for developers and application security (AppSec) teams. As more businesses adopt generative AI for software development, APIs have become the critical connection between Large Language Models (LLMs) and applications. However, vulnerabilities within APIs expose not just applications, but entire software supply chains to risks. Snyk API & Web offers proactive measures to secure APIs and web endpoints, addressing these emerging threats.
API Security: A Critical Component in AI Development
With the rise of generative AI applications, particularly those powered by LLMs, APIs are now a core component that fuels these systems. However, API vulnerabilities can jeopardize the security of sensitive AI models, exposing organizations to significant risks.
threats include:
- API-based exploits that allow attackers to manipulate AI models
- Increased reliance on open-source tools and code, making vulnerabilities harder to track
- Exposure of critical data through poorly secured APIs
“Generative AI applications introduce new challenges in API security, making it essential for developers to secure these critical components,” said Katie Norton, analyst at IDC.
Snyk API & Web: A Comprehensive DAST Solution
The newly launched Snyk API & Web offers a robust security testing suite that focuses on API vulnerabilities and web endpoints, with a special emphasis on the security needs of generative AI applications. Key features of the solution include:
1. AI-Driven API Testing Engine
- Powered by GenAI and traditional AI/ML models, this engine helps automate the detection of vulnerabilities in APIs.
- It offers expanded coverage of the OWASP Top 10 API Security Risks, including critical issues like Broken Object Level Authorization (BOLA).
2. Code-Informed Dynamic Testing
- Integrates static and dynamic analysis for smarter vulnerability detection.
- By extracting vital information from the code, it configures DAST tests, identifies APIs, and generates their specifications for optimized scanning.
3. Unified Developer Security Platform
- Integrates DAST with other security testing techniques like SAST and SCA into a single interface.
- Real-time insights enable developers and AppSec teams to act quickly, ensuring vulnerabilities are detected and addressed across APIs, web endpoints, and code assets.
4. Enterprise-Grade Command-Line Interface (CLI)
- Designed for organizations with large asset portfolios.
- The CLI enables users to automate workflows within CI/CD pipelines, making it easier to manage scans, targets, and findings at scale.
Customer Response and Market Impact
Since the acquisition of Probely’s technology, Snyk has witnessed a 245% quarter-over-quarter growth in annual recurring revenue (ARR) from DAST bookings. This strong demand highlights the industry’s increasing need for integrated, AI-ready security solutions.
“Our customers are recognizing the value of a comprehensive, developer-first approach to API and web security,” said Manoj Nair, Chief Innovation Officer at Snyk. “With the rise of GenAI-assisted development, Snyk API & Web is enabling safer, more secure software development.”
Snyk’s new offering has already made waves with global customers. Luís Gomes, CISO at AUTODOC, shared: “Snyk has delivered exactly what AppSec teams have been waiting for—a powerful integrated solution that simplifies DAST while bringing needed innovation to the space.”
Looking Ahead: Innovating in DAST
Snyk is committed to further enhancing the DAST landscape with new features that will continue to revolutionize security testing. Future updates include:
- Advanced AI capabilities that allow for even smarter, more accurate testing of dynamic web and API endpoints.
- Centralized security management, enabling AppSec teams to monitor and manage web, API, and code assets in one unified dashboard.
Snyk’s launch of the API & Web DAST solution marks a significant step forward in securing AI-powered applications. As generative AI continues to reshape software development, protecting APIs and web endpoints becomes paramount. Snyk’s next-generation platform equips developers and AppSec teams with the tools they need to confidently build and secure intelligent systems, preventing vulnerabilities before they can be exploited.
