Snyk acquires FossID software composition analysis tool


Snyk announced its acquisition of FossID, a software composition analysis tool that analyzes code for open source licenses and vulnerabilities.

Based in Sweden, FossID was founded with a mission to provide developers with a solution that detects all free and open source software (FOSS) footprints in code bases, from entire components to snippets to bonds. licensing and compliance issues.

Founded in 2016, FossID was established based on the experience of the team working with FOSS since 2001, particularly with the complexity of open source software used in legacy and modern embedded applications.

With strong adoption by clients of Fortune 500 organizations in industry verticals such as automotive, financial services, manufacturing, technology, and telecommunications, FossID has built a solid reputation with developers using C / C ++.

By partnering with Snyk, FossID’s capabilities will be integrated into Snyk’s software composition analysis (SCA) product, Snyk Open Source, extending the mindset and experience of security and compliance for businesses. developer licenses to teams around the world currently using C / C ++.

With more than six million developers using C / C ++ to build their applications today, 1 including teams modernizing legacy applications and building new integrated Internet of Things (IoT) applications, FossID technology enables Snyk to reach a significantly larger percentage of the current 27 million developers across the globe2 in 2021 and beyond.

This includes:

  • Unmanaged code, including snippet detection: FossID’s solution identifies vulnerabilities in all forms of open source, including snippet detection (a few lines of code copied from the open source software package). This has historically been difficult and is a critical issue for developers looking to take on more of their security responsibilities within their organizations.
  • 2 PB of source code collected by machine: FossID’s comprehensive knowledge base contains the equivalent of over two petabytes (PB) of source code harvested per machine from all currently known open source repositories in the world.
  • AI-powered analysis: FossID’s AI technology automatically eliminates false positives, saving development teams time and money and ultimately shipping applications faster and more securely than their competitors.
  • Developer friendly license compliance: FossID’s License Compliance Engine is able to automatically inspect applications quickly and accurately for license and copyright information, thanks to its patent-pending AI-based software solution that ‘is supported by an audit-quality database of over 1,900 licenses.

“With FossID’s powerful capabilities to find, remediate and monitor vulnerabilities in all forms of open source software, Snyk is now accelerating our vision to bring security to all developers around the world,” said Peter McKay, CEO of Snyk.

“Together with this world-class team, we look forward to reaching millions of other developers around the world, enabling them to build applications securely while staying one step ahead of their competition. “

“As FossID employees today become Snykers, I believe our founding mission – to help companies achieve maximum open source adoption efficiency – evolves and expands with the scope of the opportunity. that’s available to us, ”said Oskar Swirtun, Co-Founder and CEO, FossID.

“This is an ideal fit for the Snyk and FossID teams, and we are proud to play a pivotal role in this next phase of the Snyk journey. “

The acquisition of FossID is Snyk’s third in the past six months, following the successful acquisitions of Manifold in January 2021 and DeepCode in October 2020. This latest business development follows the company’s announcement in March 2021 of a $ 300 million investment in Series E and its resulting expansion into Asia-Pacific Japan (APJ).

Thanks in part to several key automotive and semiconductor customers, FossID further brings Snyk a strong customer base both in Europe and in the APJ.


Comments are closed.