Strategic acquisitions can shift the cybersecurity landscape. Snyk's recent acquisition of Helios, a trailblazer in runtime data, is one such watershed moment. The combination of the two companies will enable Snyk to incorporate Helios's run-time data collection and app-discovery capabilities to expand its platform's scope and power.
I had an opportunity to speak with Peter McKay, CEO of Snyk, as well as Eli Cohen, CEO of Helios, about the merger and the potential impact it will have on customers.
Understanding the Rationale
A press release from Snyk shared, “The current market landscape leaves mature security teams wanting as traditional AppSec vendors are unable to correlate build-time security scans with live runtime security signals, while runtime forensics vendors lack crucial developer understanding.”
According to Peter McKay, CEO of Snyk, Helios emerged as an ideal solution, expediting Snyk's vision from "code to cloud back to code" and addressing the dire need for efficient prioritization.
McKay described the core motivation behind acquiring Helios. The cybersecurity sector, particularly developer security, is fragmented. Snyk's journey in building a comprehensive security platform revealed a critical gap: the need for runtime data to enhance prioritization and remediation of security issues.
“This has been what every company has been asking for: ‘Just give me visibility into what I need to prioritize first and how to fix these issues in an automated and efficient way,’ and so that's the driver,” explained McKay.
Helios: The Perfect Match
Eli Cohen, co-founder and CEO of Helios, views the acquisition as a unique opportunity. He told me that Helios was founded from the synergy of engineering and product expertise and aimed to revolutionize application security. The partnership with Snyk provides an avenue to amplify their impact, aligning perfectly with their vision and cultural ethos. Cohen highlighted the complementary nature of both companies: Helios's expertise in runtime data and Snyk's prowess in static code analysis.
A Vision for the Future
The amalgamation of Snyk and Helios isn't just about technology; it's about people and shared visions. McKay emphasized the importance of the team behind the technology. Snyk's long-term strategy involves not just acquiring new technologies but integrating teams from acquisitions and—most importantly—fostering and maintaining their entrepreneurial spirit and innovative drive. This approach has been pivotal in Snyk's growth, ensuring that each acquisition isn't just a technological addition but a cultural and visionary alignment that enhances the company’s mission.
The Bigger Picture: Cybersecurity Integration
I have been around long enough to see the cyclical nature of cybersecurity as things ebb and flow from a diverse collection of bespoke tools and best practices to a unified platform solution and back again.
An interesting trend in cybersecurity right now is the shift towards integration. Companies realize that security is not just about isolated components; it's about a holistic view. Snyk and Helios exemplify this by combining runtime data with other security aspects to provide a unified security perspective. This integration is crucial in an era where the threat landscape is rapidly evolving and becoming increasingly complex.
The Role of AI and Future Challenges
AI's role in application development is accelerating, creating a disparity between development speeds and security team capabilities. McKay underscored the need for embedded, automated security solutions to bridge this gap. The Helios acquisition is a strategic move in this direction, enabling Snyk to tackle the challenges posed by AI-enhanced development processes.
McKay talked about the trend across the industry to shift left—to build security into products earlier in the development cycle and throughout the software development process. He stressed the need to be more proactive. “Every developer is now using a generative AI solution. They're developing code faster and faster—it’s like developers on steroids now. So, that disparity between developers and security continues to get further out of whack. The need for you to embed security, automate security, and automate the fixes is the only way a security team can ever keep up.”
McKay added, “That pace is getting exponentially faster. The only way to do this is you’ve got to embed it in, and you’ve got to feed that runtime information in to know of the thousands of issues I have to fix; which are the 20 I should fix right now? That's where the Helios team comes in.”
The Snyk-Helios merger is a significant milestone for cybersecurity. It represents a fusion of vision, technology, and culture aimed at addressing the evolving challenges in application security.
As the landscape shifts towards integrated security solutions, this acquisition places Snyk at the forefront, ready to redefine the standards of application security in an AI-driven world.