Snyk Launches Snyk API & Web to Reimagine DAST Innovation for AI Era

New Solution Born From Successful Integration of Probely Technology Furthers AI-Powered Enhancements

BOSTON – April 22, 2025 – Snyk, a leader in developer security, today launched Snyk API & Web, delivering the next-generation dynamic application security testing (DAST) solution designed to meet the growing demands of modern and increasingly AI-powered software development. The successful acquisition and integration of Probely's cutting-edge DAST technology into Snyk’s application security platform is a key milestone in unifying critical AppSec testing techniques into a single Developer Security platform.

As businesses increasingly leverage generative AI to power software development, APIs have become the critical bridge between LLMs (Large Language Models) and the applications they fuel. Vulnerabilities in these APIs can expose sensitive AI models to significant risks, jeopardizing the security of entire software supply chains. Snyk API & Web offers a robust solution for developers and AppSec teams to proactively discover, inventory and secure API vulnerabilities before they become threats.

“The rapid rise of generative AI applications has introduced new challenges in application security, particularly around the APIs that power these systems,” said Katie Norton, analyst at IDC. “The acquisition of Probely also enables Snyk to expand its offerings to support the security needs of generative AI applications, ensuring that developers can confidently build intelligent systems without exposing APIs to exploitation.”

The announcement of Snyk API & Web follows an overwhelming customer response to the expanded DAST capabilities introduced with Snyk’s acquisition of Probely. Since the deal closed in Q4 2024, Snyk has seen a 245% quarter over quarter growth in ARR booked from DAST, reflecting demand for integrated, AI-ready security solutions, delivered on a common platform. This customer response is fueling an increased level of innovation investment by Snyk, covering a number of areas of DAST development that have been lacking in the market.

“We’re excited that our customers have recognized the value in a comprehensive, developer-first approach to API Security Testing and Dynamic Testing of Web endpoints,” said Manoj Nair, Chief Innovation Officer, Snyk. “This signifies that more organizations are equipping their developer and AppSec teams to safely leverage the benefits of GenAI coding. We’re not only looking forward to more secure GenAI-assisted development, but also the ability to significantly revolutionize the DAST space with AI techniques that Snyk continues to deliver to the AppSec market.”

Snyk API & Web is already making a significant impact with global customers. Luís Gomes, CISO at AUTODOC, a leading European automotive parts company, stated: “Snyk has once again delivered exactly what AppSec teams have been waiting for – a powerful, integrated solution that not only simplifies DAST but also brings much-needed innovation to a stagnant space. We’re thrilled to be a part of this groundbreaking new offering.”

Innovating in DAST: A New Era for Secure Development

The future of DAST is about to change. Snyk API & Web is committed to delivering more than just basic security features. As part of our ongoing development efforts, Snyk is working towards an additional integration enabling AppSec teams to access a centralized view of Web, API, and Code assets all within a single interface. This aims to empower teams with real-time insights, bringing together static application security testing (SAST), software composition analysis (SCA), and DAST findings in one seamless dashboard.

Additionally, Snyk API & Web is planned to include enterprise-grade capabilities through a new Command-Line Interface (CLI) designed for organizations with extensive asset portfolios. This enhancement will allow users to programmatically manage scans, targets, and findings at scale, streamlining workflows and enabling automation across CI/CD pipelines.

Snyk’s commitment to innovation is further exemplified by two groundbreaking features that will expand what’s possible in the DAST market:

• AI-Driven API Testing Engine. Powered by the innovative use of GenAI in this context, Snyk's AI-powered API Security Testing engine will help Snyk modernize the way APIs are tested: to help better map the ever-growing API attack surface and automate the scanning of their vulnerabilities. The engine makes use of a combination of GenAI and traditional AI/ML models to expand Snyk's coverage of critical aspects in OWASP's Top 10 API Security Risks, particularly on issues derived from exploits on business logic, such as OWASP's #1 Risk, BOLA (Broken Object Level Authorization).

• Code-Informed Dynamic Testing. Snyk API & Web is able to correlate static and dynamic analysis for smarter, more accurate vulnerability detection. By extracting critical information directly from code, this feature automatically configures DAST tests, identifies APIs, and generates their specifications to optimize scanning accuracy and efficiency. This unified approach provides comprehensive coverage, ensuring no vulnerability goes unnoticed.

For more information on Snyk API & Web please visit https://snyk.io/product/dast-api-web/.