Snyk Launches Heroku Add-On

LONDON, February 8, 2018

Snyk, a leading solution for addressing vulnerabilities in open source libraries, today announced it is launching its Heroku add-on in general availability. The add-on will allow Heroku developers to confirm their open source dependencies are secure in an easy and fully integrated manner.

Snyk will continuously monitor for newly disclosed vulnerabilities in deployed applications and offer fixes for such vulnerabilities, as part of its free and premium plans. The solution provides the security assurance that enables developers and organizations to move quickly and with more confidence to advanced cloud platforms, such as Heroku, unlocking greater agility and efficiency.

“We see the adoption of platform-as-a-service (PaaS) platforms, like Heroku, growing rapidly, offloading most server security concerns from developers and letting them focus on the application layer,” said Guy Podjarny, CEO, Snyk Ltd. “To increase application security while preserving agility, our partnership with Heroku expands automated vulnerability patching and fixing into the application layer, embedded into the platform itself. This will give developers a complete solution for vulnerable open source dependencies, preventing blind spots.”

Snyk helps companies use open source code and stay secure. Going beyond alerts, Snyk’s solution continuously fixes known vulnerabilities in open source libraries, relying on a unique proprietary vulnerability database. The open source security solution allows developers to secure their dependencies quickly and independently, so addressing issues creates minimal distraction.

About Snyk

Snyk is a developer-first security solution that helps you use open source code and stay secure. Building on its unique vulnerability database, Snyk continuously finds and fixes known vulnerabilities and license violations in open source dependencies. Snyk integrates into the developer workflow, integrating with source control (e.g. GitHub, BitBucket, GitLab), hooking into your CI/CD pipelines and continuously monitoring PaaS and Serverless apps in production.