Company
Date Published
Aug. 7, 2024
Author
Liqian Lim (林利蒨)
Word count
1729
Language
English
Hacker News points
None

Summary

Snyk's goal is to empower developers to build fast but safely, and they've been a pioneer in the "shifting left" approach to security. With the increasing adoption of generative AI APIs or models by 2026, Snyk aims to help developers increase productivity with AI while maintaining trust in their code security. However, this shift also raises concerns about speed, transparency, and trust in AI-generated vulnerabilities and fixes. To address these concerns, Snyk focuses on outcomes and partnering with customers, achieving success as a Leader in both The Forrester Wave: Software Composition Analysis (SCA), Q2 2023, and the 2023 Gartner Magic Quadrant for Application Security Testing. Gartner's "4 Ways Generative AI Will Impact CISOs and Their Teams" report highlights common areas of concern, such as copyright violations, biased or incomplete responses, policy violations, and lack of transparency. Snyk recommends creating a governance framework, conducting regular employee training, and exploring modern security solutions to accompany AI coding assistants. The company's hybrid AI model combines symbolic AI, generative AI, and machine learning methods with extensive security-focused fine-tuning, reducing errors and increasing accuracy. This approach allows for fast and complete scans in the IDE, detecting issues and suggesting fixes, while introducing cognitive discretion and boosting precision in AI-powered tools.