Israeli-founded developer-first application security platform — launched 2015 by Guy Podjarny, Assaf Hefetz and Danny Grander (all ex-IDF Unit 8200), HQ Boston with offices in Tel Aviv, Ottawa, Zurich and London; CEO Peter McKay since July 2019; peaked at $8.5B valuation in September 2021, marked down to $3.7B by BlackRock in mid-2023; $196.5M Series G in December 2022 at $7.4B; revenue $278M (2024), hit $300M+ ARR with Snyk Code (DeepCode-powered SAST) at $100M ARR on its own; multiple layoff rounds 2022-2023; CEO favors a Wall Street IPO in 2026
Snyk is the category-defining "developer-first" application security platform — invented the SCA-in-the-IDE workflow that's now table stakes for modern AppSec, and remains the most-recognised AppSec brand in the engineering-team buyer conversation. The company was founded in 2015 in Tel Aviv and London by Guy Podjarny (CEO until 2019, then President / Chairman; left in 2023 to start AI software startup Tessl — which itself raised $125M), Assaf Hefetz and Danny Grander — all three are alumni of Unit 8200, the IDF's SIGINT intelligence unit that has produced an outsized share of Israeli cybersecurity founders. Snyk is now headquartered in Boston with offices in Tel Aviv, Ottawa, Zurich and London. Peter McKay has been CEO since July 2019. The funding trajectory is one of the more dramatic in enterprise cybersecurity: Snyk hit a peak valuation of $8.5 billion in September 2021 at the tail end of the SaaS bull market; closed a $196.5 million Series G in December 2022 at a markdown to $7.4 billion; was then marked down to $3.7 billion by BlackRock in mid-2023 (T. Rowe Price marked it to $6.9B in the same period — wide spread); and a private equity firm reportedly offered to acquire Snyk in 2024 at a price below $3 billion, which Snyk rejected. Despite the multiple compression, the underlying business has continued to scale: revenue $147M (2022) → $220.1M (2023, +50%) → $278.4M (2024, +26.5%) → over $300M ARR by late 2024; the DeepCode-powered Snyk Code (SAST) product alone hit $100M ARR, representing roughly a third of total revenue. The company has $435M in cash, is reportedly close to break-even with no further cash burn projected in 2025, and CEO Peter McKay has stated he favors a Wall Street IPO in 2026. Multiple layoff rounds (June 2022: 30 staff; October 2022: 200 staff / 14% of workforce; April 2023: 128 staff) shaped the company through the difficult 2022-2023 period. For Indian engineering and AppSec teams the right framing is: Snyk remains the right call for Series B+ Indian SaaS teams preparing for SOC 2 / ISO 27001 audits or selling to global enterprise buyers — the developer-experience advantage over SonarQube / Veracode / Checkmarx is real; the wrong call for early-stage Indian startups (free Dependabot / Trivy / OWASP plugins cover the basics) and for buyers who specifically need vendor-stability certainty before the 2026 IPO resolves.
Snyk is a developer-first application security platform that integrates security scanning directly into the developer's daily workflow — in the IDE (VS Code, JetBrains, Visual Studio, Eclipse), in the CLI, in Git pull requests (GitHub / GitLab / Bitbucket / Azure DevOps), and in CI/CD pipelines. The product surface covers four primary domains: Snyk Open Source (SCA) — scanning open-source dependencies for known CVEs, with auto-fix PRs that bump packages to the nearest secure version; Snyk Code (SAST) — static application security testing powered by the AI engine from DeepCode (acquired 2020), now Snyk's fastest-growing product; Snyk Container — Dockerfile and base-image vulnerability scanning; and Snyk IaC — infrastructure-as-code security scanning for Terraform, Kubernetes YAML, CloudFormation and Helm charts. The "developer-first" thesis that Snyk pioneered — give security results directly to engineers in tools they already use rather than in PDF reports to security teams — is now table stakes across the AppSec category.
The company was founded in 2015 in Tel Aviv and London by Guy Podjarny, Assaf Hefetz and Danny Grander. All three founders are alumni of Unit 8200, the IDF's signals-intelligence unit — the same unit whose alumni network has produced Check Point, Palo Alto Networks (partial), CyberArk, Wiz, Lemonade and many other category-defining Israeli cybersecurity companies. Podjarny started as CEO, served until July 2019, then transitioned to President and Chairman of the Board; in 2023 he stepped away to start an AI software startup called Tessl, which itself raised $125M. Peter McKay (ex-Veeam, ex-VMware) has been CEO since July 2019 — through both the bull-market peak and the difficult 2022-2023 multiple compression. Snyk is now headquartered in Boston with offices in Tel Aviv, Ottawa, Zurich and London.
The funding and valuation trajectory tells the broader 2021-2024 SaaS-multiple-compression story unusually well. Snyk hit a peak valuation of $8.5 billion in September 2021 at the tail end of the zero-interest-rate SaaS bull market. By December 2022 the company closed a $196.5 million Series G at a markdown to $7.4 billion — still a meaningful raise but $1.1 billion below the peak. In mid-2023, public-market mark-to-market valuations from BlackRock dropped Snyk to $3.7 billion; T. Rowe Price marked it to $6.9 billion in the same period (the wide spread between two top-tier institutional investors itself signals real disagreement about Snyk's terminal value). In 2024, a private-equity firm reportedly offered to acquire Snyk for a price below $3 billion, which Snyk rejected. Through the same period the company executed three layoff rounds: 30 staff in June 2022, 200 staff (14% of workforce) in October 2022, and 128 staff in April 2023.
The underlying business has continued to scale through the multiple compression. Snyk reported revenue of $147M in 2022, $220.1M in 2023 (+50% YoY) and $278.4M in 2024 (+26.5% YoY), with reports of crossing $300M+ ARR by late 2024. Critically, Snyk Code — the SAST product powered by the AI engine from the DeepCode acquisition (2020) — hit $100M ARR on its own, representing roughly a third of Snyk's total revenue. The company has ~$435M in cash on the balance sheet, is reportedly close to break-even with no further cash burn projected through 2025, and CEO Peter McKay has publicly stated he favors a Wall Street IPO in 2026 as the regulatory and economic environment stabilises.
The original product. Scans open-source dependency trees (npm, pip, Maven, Gradle, Composer, NuGet, Go modules, Cargo, Yarn, pnpm) for known CVEs. Auto-fix PRs bump vulnerable packages to the nearest secure version. Indian SaaS teams find this dramatically reduces audit-prep effort vs running OWASP Dependency-Check manually.
Static analysis powered by the AI engine from the 2020 DeepCode acquisition. Detects security flaws in your own code (SQL injection, XSS, path traversal, hardcoded secrets, insecure crypto). $100M ARR product on its own. Notably faster and lower-false-positive than SonarQube / Veracode / Checkmarx for most modern web stacks.
Dockerfile + base-image scanning. Identifies vulnerabilities in OS packages, recommends base-image upgrades. Integrates with container registries (ECR, GCR, ACR, Docker Hub, Harbor, Quay). Critical for Indian Kubernetes-first engineering teams shipping container-based workloads.
Infrastructure-as-code security scanning for Terraform, Kubernetes YAML, CloudFormation, Helm, ARM. Catches misconfigurations (open security groups, public S3 buckets, missing encryption) before they reach production cloud. Important for Indian fintech / BFSI cloud-architecture compliance.
VS Code / JetBrains / Visual Studio / Eclipse plugins surface security issues as you type. CLI for local + CI integration. Git PR integration shows security results inline in pull-request review — the "developer-first" UX that built Snyk's category leadership.
Generates compliance-ready reports for SOC 2 Type II, ISO 27001, PCI DSS, NIST. Critical for Indian SaaS preparing audits to sell to global enterprise buyers. Saves substantial AppSec-engineer time vs assembling evidence by hand.
Snyk does not publish full enterprise pricing; teams over the Free tier go through sales. Live rates from snyk.io/plans and third-party trackers:
For Indian buyers, all pricing is in USD with 18% IGST applicable; no INR billing option. For a typical 20-developer Indian SaaS engineering team on Team tier, the all-in monthly cost is approximately $500/month (~₹43,000) with IGST. Indian Series B+ SaaS teams typically migrate to Enterprise around 50+ developers or when adding Snyk Code (SAST) + Container + IaC products beyond just SCA — annual contract values then cluster at ₹40 lakh – ₹2 crore/year. Free alternatives that Indian early-stage teams commonly start with: GitHub Dependabot (free SCA / auto-fix PRs), Trivy (free OSS container scanning), OWASP Dependency-Check, npm audit, tfsec / Checkov for IaC.
Snyk is the wrong call when: you're an early-stage Indian startup at pre-Seed / Seed and budget is constrained (start with free Dependabot + Trivy + OWASP + npm audit); you specifically need full SAST + DAST + IAST coverage at enterprise scale (Veracode and Checkmarx have broader compliance certifications for some regulated buyers); you're a vendor-stability-first procurement org and want to wait for the 2026 IPO to resolve before signing multi-year contracts (the $8.5B → $3.7B valuation arc and multiple layoff rounds are real signals); or you're a tiny dev team that just needs basic dependency vulnerability alerts (GitHub Dependabot is free and good enough).