“Security must be placed in the hands of software developers”

Snyk’s new CTO examines some of the biggest challenges facing the security industry today and why silos need to be broken down.

Adi Sharabani is the CTO of Snyk, a Boston-based cybersecurity company specializing in cloud computing.

Prior to joining Snyk, Sharabani was managing director at Symantec – which was acquired by Broadcom in 2019 – which ran its endpoint solutions business.

Sharabani joined Symantec through the acquisition of Skycure, a mobile threat defense company, which he co-founded in 2012. Prior to founding Skycure, he was a security strategy leader for IBM software products.

In his current role, he is responsible for setting the short and long term vision for Snyk’s security platform. He also oversees Snyk Labs, “where ideas are born and incubated to fuel our future innovation.”

He told SiliconRepublic.com that he needs to work closely with Snyk users to understand their pain points. “Having seen first-hand in my previous roles the need to upend the old security playbook, I’m excited to lead Snyk’s strategy of empowering developers to not only build our digital future, but to shape it. to secure.”

“Fast delivery of secure software has never been more important”

What are the biggest challenges you face in today’s IT landscape?

DevOps teams operating in silos, external to platforms and security personnel, create challenges, not only for the teams but also for those who use their applications, and ensuring security reduces development time in too many cases .

As such, security is extra work, even drudgery, and not prioritized from the start of an application, creating vulnerability to future breaches. It’s a chaotic way for DevOps teams to work.

We solve this problem by creating a developer-focused security platform. This ensures developers build security into their ongoing development process.

Otherwise, developers must continually backtrack to ensure apps are secure, which is both inconvenient and potentially dangerous. This focus on understanding developers is why they are so important to advancing our technology strategy.

What do you think of digital transformation?

We are living in a wave of digital transformation that is making every business a software development company. From financial services to media and entertainment, or from travel and e-commerce to healthcare and banking, our work and our lives have gone digital. For this reason, fast delivery of secure software has never been more important.

Unless we move the security needle forward, this data will be poorly protected. To do this, security must be placed in the hands of software developers.

Security needs to evolve to align with technology, which is a challenge, but putting developers at the heart of security is our best chance to keep pace. Snyk’s platform gives developers the ability to develop securely, freeing them from the shackles of external security procedures. By making security developer-first, it’s built into the software, eliminating the need to backtrack to protect, which is often done too late.

On a positive note, digital transformation has changed the way Snyk employees work for good. Physical presence is no longer a requirement for us, or even an amplifier, of our ability to do our best. We’ve found that digital and virtual collaboration has accelerated productivity in many ways, democratizing meetings and voices to create a more inclusive and egalitarian environment. I don’t see us going back.

How can sustainability be approached from an IT perspective?

Companies are the main contributors to climate change, whether they specialize in IT or not. Therefore, it is up to us to take responsibility and lead the charge for sustainability in our respective industries.

This must be done with authenticity and transparency. Otherwise, we will only deceive ourselves and the communities we serve and protect. I believe sustainability should be fully integrated into how we build our overall business strategy and plans, design and manufacture products, engage our networks, go to market and measure our success.

Our entire ecosystem must be able to partner with us to generate long-term social, environmental and financial returns.

What big tech trends do you think are changing the world?

I believe decentralization of security will change DevOps. Security, in many cases, exists independent of where it is needed and where decisions are made, creating a challenge for development teams.

Developers who need to prioritize security in their operations find it difficult inside silos, as security solutions lack the agility to engage with them holistically. Security should not be located in a separate team but as an extension of the development and operations team.

We help transfer security ownership from independent teams to a developer-focused security platform designed to serve them. This puts security in the hands of the people who have the most power to implement it.

The extent to which security can reach in the development process then has no limits while giving teams the freedom they want. I believe that decentralization will further open up the business world to provide security for their development process, and its convenience and benefits can no longer be ignored. It’s certainly very exciting and game-changing DevOps.

How can we address the security challenges your industry is currently facing?

We need to put developers at the heart of our strategies. Ultimately, they are the ones responsible for creating and maintaining applications and software – and when vulnerabilities are exploited, they are very often blamed.

As such, they need our support more than ever to advance security in line with digital transformation. Listening to their pain points and needs should determine how we overcome security challenges.

10 things you need to know straight to your inbox every weekday. Sign up for the brief dailythe summary of essential science and technology news from Silicon Republic.