Snyk Acquires FossID to Accelerate Global Developer Security Adoption


BOSTON, May 12, 2021 / PRNewswire / – Snyk, the leader in cloud-native application security, today announced its acquisition of FossID, a software composition analysis tool that scans code for open source licenses and vulnerabilities. Situated at Sweden, FossID was founded with a mission to provide developers with a solution that detects all free and open source software (FOSS) fingerprints in code bases, from entire components to snippets, license obligations and compliance issues.

Founded in 2016, FossID was established based on the experience of the team working with FOSS since 2001, especially with the complexity of open source software used in legacy applications as well as modern integrated applications. With strong customer adoption in Fortune 500 organizations across industry verticals such as automotive, financial services, manufacturing, technology, and telecommunications, FossID has built a solid reputation with developers using C / C ++. .

By partnering with Snyk, FossID’s capabilities will be integrated into Snyk’s Software Composition Analysis (SCA) product, Snyk Open Source, extending the mindset and experience of security and license compliance first and foremost to developers to teams around the world who currently use C / C ++. With over six million developers using C / C ++ to build their apps today1, comprising both teams modernizing legacy applications and building new integrated Internet of Things (IoT) applications, FossID’s technology enables Snyk to reach a significantly higher percentage of the current 27 million developers across the world. world2 in 2021 and beyond.

This includes:

  • Unmanaged code, including extract detection: FossID’s solution identifies vulnerabilities in all forms of open source, including snippet detection (a few lines of code copied from the open source software package). This has historically been difficult and is a critical issue for developers looking to take on more and more security responsibilities within their organizations.
  • 2 PB of source code collected by machine: FossID’s comprehensive knowledge base contains the equivalent of over two petabytes (PB) of source code harvested per machine from all currently known open source repositories in the world.
  • AI-based analysis: FossID’s artificial intelligence technology automatically eliminates false positives, saving development teams time and money and ultimately shipping applications faster and more securely than their competitors.
  • Developer friendly license compliance: FossID’s License Compliance Engine is able to automatically inspect applications with speed and accuracy for licensing and copyright information, thanks to its patent-pending AI-powered software solution that relies on a quality audit database of over 1900 licenses.

“With FossID’s powerful capabilities to find, remediate and monitor vulnerabilities in all forms of open source software, Snyk is now accelerating our vision to bring security to all developers around the world,” said Peter McKay, CEO of Snyk . “With this world-class team, we look forward to reaching millions of additional developers around the world, enabling them to build applications securely while staying one step ahead of their competition.

“As FossID employees today become Snykers, I believe our founding mission – to help companies achieve maximum efficiency in open source adoption – evolves and grows with the scope of the opportunity that emerges. now presents to us, ”said Oskar Swirtun, Co-Founder and CEO, FossID. “It’s a perfect solution for the Snyk and FossID teams, and we are proud to play a pivotal role in this next phase of the Snyk journey.”

The acquisition of FossID is Snyk’s third in the past six months, following the successful purchases of Collector in January 2021 and DeepCode in October 2020. This latest evolution of the company follows on from the company. March 2021 announcement of $ 300 million in series E investment and its resulting expansion into Asia Pacific Japan (APJ). In part thanks to several key automotive and semiconductor customers, FossID further brings Snyk a strong customer base both in Europe as well as in APJ.

To learn more about how native cloud adoption has both transformed the way organizations build modern applications and led to increased threats and security concerns, explore Snyk’s recently published Cloud Native Application Security Status Report here.

Support resources

About Snyk

Snyk, the leader in cloud-native application security, today empowers 2.2 million developers to create securely, with the goal of empowering every modern developer in the world to grow quickly and stay secure. . Only Snyk provides a platform to secure all critical components of today’s cloud native application development, including code, open source libraries, container infrastructure, and infrastructure in the form of code. Snyk’s developer-centric approach empowers tech-driven companies to advance security in today’s rapidly changing digital world. Snyk’s security platform is powered by its industry-leading proprietary vulnerability database, maintained by the expert security research team Snyk, which also powers the security solutions of strategic partners such as Atlassian, Datadog, Docker, IBM Cloud, Rapid7, Red Hat and Trend Micro. The company works with global customers of all sizes to enable developers to automatically integrate security into their existing workflows.

Appointed to 2020 Forbes cloud 100, the definitive ranking of the top 100 private cloud companies in the world, Snyk was also recently recognized by Comparably as the No. 3 for small and medium enterprises companies for the happiest employees in 2020.

For more information and to get started with Snyk for free today, visit


Related links

Leave A Reply

Your email address will not be published.