Prioritizing which vulnerabilities to fix is a challenge for software developers, and the complexities of modern apps and the software supply chain have only made things more difficult. SentinelOne, a global leader in AI security, is partnering with Snyk, the leader in developer security, to ease the burden by integrating Singularity Cloud Workload Security, its real-time Cloud Workload Protection Platform (CWPP) with the Snyk Developer Security Platform.

The integration will correlate the cloud runtime threat detections identified by SentinelOne with vulnerabilities found by Snyk in container images, enabling cloud security, application security, and developer teams to more effectively collaborate and address the root cause of these issues.

Future enhancements to the integration will also give security teams the means to manage application risk in the cloud by further expanding on the combined code-to-cloud context of SentinelOne and Snyk, which will, in turn, simplify prioritization and remediation focus for developers.

“Developers are under increasing pressure to build applications faster, but they must also partner with their security teams to secure them across both their build and runtime environments,” said Ely Kahn, Vice President of Product Management for Cloud Security and AI/ML, SentinelOne. “This integration of SentinelOne and Snyk provides consolidated visibility into vulnerabilities and threats from both platforms, which customers can use to better understand container security risks and take informed actions to resolve them.”

Security teams typically have visibility into runtime threats but lack context when it comes to vulnerabilities in code and container images. Conversely, developers have a view into code and build-time vulnerabilities but need insight into runtime threats and deployed environments. These two disparate views need to be fused throughout the application lifecycle so that high-risk issues can be quickly eliminated and neither team wastes time on issues of little importance.

Take the case of a privilege escalation vulnerability in the Linux Kernel (CVE-2022-0492) that allows attackers to escape containers, establish persistence on the host, and elevate privileges to execute malicious attacks. SentinelOne’s Behavioral AI engine detects such runtime container escapes, but typically, the same image is used to deploy multiple containers. As a result, it is essential for security teams to know which vulnerabilities are present in the images for proper root cause analysis so developers understand which vulnerabilities to fix first. The integration of SentinelOne and Snyk delivers these insights in a unified, contextual way that drives enhanced security outcomes.

SentinelOne’s Singularity Cloud Workload Security product takes a proactive stance in detecting runtime threats such as ransomware, zero-day exploits, and file-less attacks, providing immediate automated responses. In parallel, Snyk plays a crucial role in aiding developers to identify, prioritize, and resolve vulnerabilities in their code. The integration of SentinelOne and Snyk's technologies enables security and application development teams to work in concert. They can now automatically link container vulnerabilities found by Snyk at the build stage with runtime threats that SentinelOne detects, enhancing the collaboration among CloudSec, AppSec, and developers.

This combined effort allows for a more streamlined process in identifying and remedying the root causes of threats associated with container images. It also enables teams to hunt proactively for threats and to automate responses, thereby curtailing the proliferation of attacks. Moreover, integration supports continuous feedback and monitoring mechanisms, essential in precluding vulnerabilities from moving into the production environment. It also assists in verifying configurations during runtime, reinforcing the security of the production environment.

“With software supply chains increasing in complexity, development and security teams need as much context as possible to be able to effectively address risk,” said Sarit Kozokin, VP of Product Management, Snyk. “Together, Snyk and SentinelOne provide complete visibility from code to cloud, ultimately empowering enterprises to achieve greater control and visibility into their security programs, facilitating improved management and the scaling of developer security initiatives.”

By MediaBUZZ