&#13

Developer protection system Snyk has obtained Fugue, marking its fifth acquisition about the last 12 months and a half.

The transfer, announced Thursday, marks Snyk’s entry into the cloud stability marketplace. By incorporating Fugue, a startup specializing in cloud infrastructure stability and compliance, Snyk strategies to empower developer-initially cloud stability posture administration (CSPM). It would be the “industry’s very first CSPM made by and for builders,” in accordance to Snyk’s announcement. Phrases of the acquisition were being not disclosed.

Fugue, dependent in Frederick, Md., was established in 2013 and focuses on security for the cloud development lifecycle that contains infrastructure-as-code (IaC) abilities. Snyk reported the acquisition will help the evolving job of developers by supporting them “safe their code ahead of deployment, retain its safe integrity even though managing, and much better understand the precise locations to deliver fixes again in the code.”

Doug Cahill, vice president and group director of cybersecurity at Organization Method Group (ESG), a division of TechTarget, noted the two companies’ shared determination to open supply communities.

Chris Steffen, investigate director at Organization Administration Associates, said the acquisition will increase Snyk’s IaC abilities with the benefits of Fugue’s cloud safety.

“Presented the importance of DevSecOps in the cloud, the integration of the two organizations will offer more protection alternatives for developers as they produce workloads for the cloud space,” Steffen explained to SearchSecurity.

In the same way, ESG senior analyst Melinda Marks said the growing use of IaC has launched extra risk simply because developers are rapidly employing templates and scripts to provision infrastructure. If there is a code flaw or misconfiguration, she reported, it can expose customer or organization facts if deployed in production.

“Fugue has been centered in this location, setting up resources for builders to assist them use policy-as-code, automated testing and posture administration to lessen misconfigurations,” she explained in an e-mail to SearchSecurity. “Snyk has been addressing IaC security with a module as element of its remedy, but it is really wonderful to see them purchase Fugue so they can present a much more full resolution to assistance builders securely use IaC.”

In Oct, Snyk purchased CloudSkiff, which also focuses on IaC as properly as drift detection. Other new acquisitions by Snyk incorporate open source compliance and protection tool FossID past May well and AI seller Manifold in January 2021. In 2020, Snyk obtained software program assessment startup DeepCode.