Synk is a developer-first solution that helps to automate finding & fix vulnerabilities in the dependencies. When a vulnerability is found, it helps to remediate the risk with automated patches and updates. For dependency flaws, it is used to block the vulnerable libraries in monitor Paas/Serverless apps and CI/CD. Synk is also known for restoring the visibility into license risk and open source security and to empower the developers to address it.
Achievements and funds raised by Synk:
Synk has 1M+ packages monitored and 120 K+ developers, and 100 k+ protected projects. It is that important for Synk to announce that their funding is raised to $22M in a series B funding. The overall company is delighted to raise such a huge fund in the year 2018 on September 25.
The fund demonstrates high confidence in the first approach of Synk. The forward-looking security experts and group of developers have a belief that they are ready to fix open source security. All these funds are responsible for growing their DevSec community.
This Series B funding has been led by Accel, GV and many existing investors of Heavybit, Boldstart ventures, and others. The round of funding has been taken place after the 7 months from the previous funding date.
The previous Series A fund has been raised on March 2018 for about $7 million. This shows how the company is growing measurably to not disclose its valuation but it reached the maximum value of $100million till today.
Synk is a growing startup that contains 200 paying customers and 1,50,000 users. Within the last nine months, the revenue has been increased to 5 times than usual.
Previously it used to have 130 paying customers in March 2018, but for the present month, there is a huge change in customer acquisition.
Features of Synk:
1. Their funds are been raised so as to increase the revenue and grow the startup into a big company.
2. Synk’s immediate notification on Ruby vulnerability leads to a quick update on front door applications Says-Tom Czarniecki.
3. It is totally brought up by the developers to the developers in order to reduce their complex burden on vulnerabilities.
4. It helps in providing the full dependency flexibility in the overall structure and helps in finding the vulnerabilities upon the open source dependencies.
5. It uses integrations, CLI, or API for adding projects that are to be tested for the newly disclosed vulnerabilities.
6. Against the Synk vulnerability database, dependencies are tested frequently.
7. In IDE it detects errors and provides them to the developers to fix them.
8. Slack and Email notifications are given to fix the vulnerabilities as soon as possible. While there are automatic GitHub requests given for every new vulnerability.
9. It helps to connect with Cloud Foundry, Heroku, AWS Lambda and many others to verify the deployed applications that are vulnerability free.
10. One click fix options are available while fixing the generated PR from CLI wizard and UI.
Synk is responsible for landscaping their enterprise services at present via the cloud and hybrid versions both in paid and free stages. Synk is equipped with many services to test the dependencies and help in identifying the vulnerability.
Initially, it started as an intelligent system that worked on source activity later on GitHub is commited with and synced with machine learning to detect vulnerabilities. It teams into human analysts which curate the real identities in vulnerabilities in Database.
Later, in the second level, analyses the source code repositories like GitHub and BitBucket for understanding the open source components and flag the vulnerabilities and auto-fix the right dependency through security team builds.