We are thrilled to announce our investment in Snyk, which is a developer-first security solution that helps companies use open source code and stay secure. We couldn’t be more excited to be leading this new round of capital again with Canaan Partners and including Heavybit, FundFire, and Peter Mckay (Co-CEO of Veeam) (see Techcrunch for more coverage).
Our initial journey goes way back as we were investors in Guy Podjarny’s previous company, Blaze.io, which sold to Akamai in 2012. For the next few years we collaborated on several co-investments and what ultimately attracted us to Guy’s new company (along with co-founders Danny Grander and Assaf Hefetz), was their bold vision to create a new platform for securing open source components with a dev-first focus. At the time we seeded Snyk in late 2015, open source library usage was growing significantly and solutions were either security first which slowed down dev or dev first but not with enough security built in. With the movement towards continuous integration and deployment, it was clear a new solution was needed.
In a little over two years, Snyk has gone from “founder market fit” to “product market fit” and this new round will allow the company to build out is product offering and expand its Fortune 500 customer base.
With over 120,000 developers using the platform, 100,000 projects protected, 350,000 downloads per month, and notable partnerships with Heroku, JFrog and Microsoft Sonar, Snyk has proven it can get developers to fully adopt a security solution, and the importance of having the strongest database of known vulnerabilities in open source
Funding rounds are always a great opportunity to look back and see how the company’s initial thesis has held up and what has improved or changed. See below for Snyk’s initial vision from late 2015, much of which remains the same today; developer velocity increasing, security isn’t dev-friendly, how do you bridge the gap, esp. in open source world where much of it is third party code.
There have clearly been some tweaks to the model since then, but what is most exciting for us is watching Snyk go from idea and vision in a non-existent market to one where the question of how developers are securing open source components is becoming mainstream. And given some high profile security breaches like Equifax in Sept. 2017 where it was due to unpatched open source vulnerabilities, you can see why the interest in solutions like Snyk’s are gaining rapid adoption.
While the need for dev-friendly open source security may seem obvious today, especially with the stats above, how did we frame our initial investment? Here‘s what got us Continue reading "Snyk, from first check to leader in dev-friendly open source security"