DEVOPSdigest

Snyk announced the expansion of its current partnership with Google Cloud to advance secure code generated by Google Cloud’s generative-AI-powered collaborator service, Gemini Code Assist.

By using Snyk’s solutions alongside Gemini Code Assist, customers can incorporate AI-driven code creation to develop secure applications faster.

Snyk Code, static application security testing (SAST) built by and for developers, can now be integrated with Gemini Code Assist to provide global developer and security teams with even greater trust in the code they’re generating – both by human developers as well as AI. Snyk Code helps to ensure the security of AI-assisted coding without interfering with the enhanced productivity Gemini Code Assist provides. Security teams that use Snyk can also confidently use its security capabilities alongside Code Assist.

"The recent explosion of generative AI solutions has already revolutionized modern software development, with the promise of further accelerating software innovation worldwide,” said Danny Allan, Chief Technology Officer, Snyk. “We’re excited to deepen our relationship with Google Cloud with this latest milestone – together, we understand the crucial importance of secure application development and we look forward to helping more enterprises worldwide to continue their pace of innovation securely.”

Other key highlights of Snyk’s support for Gemini Code Assist include:

- Security at the Speed of AI: To maintain developer speed and agility, Snyk’s DeepCode AI scans code within seconds rather than hours, analyzing source code directly and performing multi-file, interfile and data flow analysis in real time for fast and accurate results within the integrated development environment (IDE). Based on both AI as well as human security experts, DeepCode AI finds and learns new vulnerabilities and insecure coding patterns.

- Better together: Developers can set up Snyk in just a few clicks by navigating to the release notes within Google Cloud’s IDE extension for VSCode or IntelliJ. Snyk’s DeepCode AI will test all code written in the IDE, whether that code was written by human developers or an AI coding assistant such as Gemini Code Assist. Developers have access to actionable remediation advice in-line with their code to help them fix security vulnerabilities in near real-time.

- Contextual Information on Snyk Usage: Snyk will help to further train Gemini Code Assist on its security scanning products and vulnerability database to help improve how developers find and fix common vulnerabilities. Users will be able to request best practices on how to bring Snyk into existing development environments and workflows, which can help them set up and operationalize Snyk’s tools faster.

- Deep Integration: Later this year, Gemini Code Assist will integrate deeply with Snyk leveraging Snyk’s platform to scan the developers code to help developers find, understand and fix vulnerabilities faster right from the Gemini Code Assist Extension

“Our AI-powered software development assistant allows developers to build software with higher velocity, quality and security,” said Gabe Monroy, VP, Developer Experience, Google Cloud. “With our upcoming integration of Snyk scanning capabilities into Gemini Code Assist, developers will be able to build secure applications, while seamlessly identifying and fixing vulnerabilities without leaving the IDE.”