Snyk raises $530M at $8.5B valuation to help developers detect vulnerable code

Snyk Ltd., whose software is used by developers at tech giants such as Google LLC to fix vulnerable software code, today said that it has closed a $530 million funding round co-led by Sands Capital and Tiger Global.

Snyk is now worth $8.5 billion, more than triple its valuation at the start of the year. The startup shared a number of data points about its growth on the occasion that help explain the valuation jump. Most notably: Annual recurring revenue is up 154% from a year ago. 

Snyk is the developer of a popular tool that alerts software teams if the code they’re working on contains a cybersecurity issue. The open-source version of Snyk’s tool is used by millions of developers worldwide, including at major tech firms such as Google, Salesforce.com Inc. and Atlassian Corp. Plc. The startup also offers paid products with additional vulnerability detection features that have so far been adopted by about 1,200 organizations.

Automating vulnerability scanning during the development process has two main benefits. The first is that it lowers the risk of data breaches by allowing companies to resolve cybersecurity issues before rather than after they become part of their applications. Snyk’s other major selling point is that it improves productivity by reducing the amount of time developers must spend fixing insecure applications.

Snyk is one of several companies with tools that can automatically find vulnerable code. According to the startup, one of the factors that set its software apart is a detection engine described as up to 50 times faster than the competition. The increased detection speed reduces the amount of time that developers have to wait on vulnerability scans to complete, which makes it practical to scan code for security issues more often.

A key reason behind the popularity of code security tools is that there are numerous ways vulnerabilities can find their way into a software project. The more complex the project, the higher the chance of cybersecurity issues emerging.

A typical enterprise application incorporates multiple open-source components, any of which can potentially contain a vulnerability. Moreover, even if an open-source component isn’t known to be vulnerable when it’s first added to an application, a new cybersecurity issue could be discovered by researchers in the future. Compounding the challenge is that a company’s own, proprietary code is equally susceptible to cybersecurity issues.

Snyk is investing heavily to expand adoption of its products. The startup has hired more than 320 employees since the start of the year to support growth initiatives, it disclosed today, and plans to have more than 800 workers worldwide by the end of 2021.

Snyk’s growth strategy has thus far placed a particular emphasis on feature development. The startup started out with a set of features for detecting vulnerable application code and, in August 2020, added a tool for identifying vulnerabilities in infrastructure configuration settings. Snyk extended its focus yet again earlier this year by acquiring FossID AB, whose software checks if developers use the open-source components they incorporate into their applications in compliance with those components’ licensing terms.

The $530 million round announced today will allow Snyk to continue expanding into new market segments. Chief Executive Officer Peter McKay (pictured) told CRN that the startup will make acquisitions to accelerate its roadmap. The executive detailed that Snyk is considering, among other acquisition targets, firms with machine learning products.

“This new investment, together with the rapid adoption of our platform and growing customer base, validates our developer security vision,” McKay said in a statement today. “When security starts with the world’s expanding pool of developers – estimated to reach 45 million by 2030 –  organizations of all sizes will be able to truly reap the rewards of digital transformation, while also making the world’s software safer.”

Of the $530 million raised in the funding round, more than $300 million will go to Snyk, while the remainder is made up of secondary sales involving shares sold by Snyk’s investors. The startup has raised $775 million in funding to date.

Photo: SiliconANGLE