AI is writing code at machine speed. Now, your security can close the gap with the Snyk AI Security Fabric. Learn more about the industry’s first security layer for continuous defense across the entire SLDC here 👉 snyk.io/news/snyk-ai-securit…

AI agents are writing code, opening pull requests, and calling production APIs. They've become the fastest-growing class of developer, and they don't wait for a security review. That's why Snyk is proud to parter with Insecure Agents for AAuth Night: Moving Beyond OAuth. Becasue AAuth is one of the many building blocks in creating a secure agentic development ecosystem. Come find us there: July 1st in San Francisco, alongside AI Engineer World's Fair, 5:30-8:30PM PST Register here: luma.com/a2h25m60

Enterprises aren't short on enthusiasm for AI agents. They're short on confidence that those agents will do what they're supposed to do. Oliver Neuberger, Cybersecurity Practice Lead at our partner Accenture, frames the real question well: the potential is enormous, but deploying agents securely in the enterprise means building the right guardrails before something goes wrong, not after. Agentic Development Security puts those controls inside the workflow, where they can actually keep pace with what agents are creating, invoking, and executing. See how: snyk.io/evo

Join Snyk and Keycard for an all-you-can-build rooftop party at AI Engineer World's Fair! Next Tuesday, June 30th, we're gathering the boldest builders and security folks in the AI era. Expect vibe coding battles, a live AI red team challenge, and a happy hour to keep it going. See how your build holds up against the people redefining how we build and secure. RSVP before spots run out: lnkd.in/ejnJfnp7

43% of developers run two or more AI coding environments at once, 37% run more than three or more. More than half have MCP servers installed. 1 in 12 devs has a high or critical finding. The agentic development footprint is bigger than most orgs know. And it requires securing. That’s why we just launched Evo Agentic Development Security. Read the full report: snyk.io/lp/state-of-agentic-…

Untrusted inputs. Unbounded actions. Unverified output. That's the AI workforce risk no one was governing…until now. See Evo Agentic Development Security in action below. Full announcement here: snyk.io/news/snyk-launches-e…

Color me excited for @snyksec's new mission on Agentic Development Security It's an enforcement layer that operates inside the agent execution loop across three layers: 1. securing the agent supply chain before agents interact with it 2. governing agent behavior at runtime 3. validating code output at the moment of creation What the data behind agentic security looks like? Across nearly 9,700 developer environments: 43% of developers run two or more AI coding environments simultaneously. More than half have MCP servers installed which is the most instrumented environments had over 80 running at once. 1 in 12 developers with MCP servers has a high or critical finding in that supply chain. Nearly 1 in 4 developers has at least one skill installed, averaging 18 each. More than 1 in 10 of those skills reference external dependencies or externally hosted instructions. 13.4% of skills contain critical security flaws. 7.1% leak credentials. 1,476 malicious payloads are currently in the wild. All the data supports it - agentic developers and AI Security Engineers have no visibility into MCP configurations, skill provenance, or what agents do at runtime... The new Evo platform by Snyk fixes this!

A year ago, a developer wrote your code. Six months ago, a developer with an AI assistant. Today? An AI agent...autonomously…and nobody is watching. Evo Agentic Development Security changes that. snyk.io/news/snyk-launches-e…

Munich AI Builders 🤖 AI agents don't just generate text — they use tools, call APIs & make decisions. @chrfritz from @QAware is breaking down SAIF 2.0 & the new attack vectors this creates. July 2, Munich 🔒 👉 luma.com/aiseceng-sfge

Every generation has its fire. Ours is AI. The question has never been whether to use it — it's how you contain it. Evo is how you secure the burn.

Dallas AI hackers! Your city, your stage—We're sponsoring you to lead an AI Security Meetup and inspire your friends. bit.ly/4cxAE81

That's a wrap on AWS Summit NYC. 🗽 The theme was impossible to miss: agents are writing more of the code, and they're writing it fast. Every conversation at our booth circled the same question — who's securing what the agents ship? That's exactly what we came to show. Evo by Snyk discovers, monitors, and secures AI agents and the code, models, and dependencies they pull in — inside the AWS workflows your teams already run. Thanks to everyone who stopped by to talk through securing AI-generated code in the real world. The agents aren't slowing down and neither are we.

Open source maintainers keep the internet running. Most do it for free, alone, and without enterprise security tooling 🥵 That's what the @Snyk Secure Developer Program is for. Qualifying maintainers get the full Snyk AI Security Platform (the same platform Fortune 500s pay for) at no cost. Risk-based prioritization, automated fix PRs, early access to the Snyk Remediation Agent. All of it! Learn all about it here: snyk.io/blog/secure-develope…

Snyk is architecting a comprehensive AI security experience at the first-ever AI Security track at AI Engineer World's Fair. We've brought together speakers from NVIDIA, Anthropic, dbt Labs, Keycard, Accenture, Form3, and The Carlyle Group to architect sessions around one core belief: security doesn't start at deployment. It starts at inception. Join us at Moscone Center in San Francisco on June 30th. Learn more here: ai.engineer/worldsfair/sched…

😮 A dormant contributor's npm account nobody bothered to revoke just got the entire @mastra scope trojanized. 140+ packages, ~4M monthly downloads on @mastra/core alone, all carrying a fake "easy-day-js" dependency that drops a crypto-wallet stealer on install. Kudos to the Mastra team for quick response here to remediate 💜👏 Check your builds: npm ls easy-day-js Full write-up: snyk.io/blog/a-forgotten-con…