Login

Why Snyk Trusts Auth0 to Deliver Security from the Ground Up

Fast, easy authentication delivers a nearly 100% conversion rate for new sign-ups

About

Snyk is a developer-first security company that helps software-driven businesses develop fast and stay secure. Snyk is the only solution that seamlessly and proactively finds and fixes vulnerabilities and license violations in open source dependencies and container images. Snyk's solution is built on a comprehensive, proprietary vulnerability database, maintained by an expert security research team in Israel and London. With tight integration into existing developer workflows, source control (including GitHub, Bitbucket, GitLab), and CI/CD pipelines, Snyk enables efficient security workflows and reduces mean-time-to-fix. For more information or to get started with Snyk for free today, visit https://snyk.io.

Industry

Software/Technology

Region

EMEA

Plenty of SaaS companies talk about how security is built into their platforms, but they still suffer from vulnerable code. Snyk is dedicated to changing that, one user at a time. The company’s platform helps developers build software securely across the cloud native application stack, reducing vulnerabilities and license compliance issues in their code. In just four years of existence, Snyk has acquired more than 400,000 developers as users, earned a valuation of over $2 billion, and won high-profile enterprise customers such as Google, Salesforce, and Auth0.

When Snyk decided to outsource their identity needs, they needed a partner that shared their developer-first mindset and could help the company scale rapidly. They turned to Auth0.

“Security and identity go hand in hand. And as a security product, this is one of the things we have to be really on top of.”

Tzahi FurmanskiEngineering Team Leader

Snyk Needed Security That Wouldn’t Slow Them Down

“Security and identity go hand in hand,” says Tzahi Furmanski, an engineering team leader on Snyk’s enterprise scale team. “And as a security product, this is one of the things we have to be really on top of.” Snyk started out using a custom-built identity and access management (IAM) solution. But as their product evolved to provide a richer web experience, it was clear their IAM solution needed to change, too.

“We implemented our own auth solutions in the past but found out very quickly that those can be very time-consuming,” according to Snyk senior software engineer Artur Kotliar. “Doing things like the security review for the process of recovering a forgotten password is something we don’t really want to manage on our own if we have an authentication provider we can rely on. And so we decided to use Auth0 instead of building it on our own.”

Snyk estimates that they save one to two engineers’ worth of time by using Auth0. And that’s not to mention saving on the legal consultants they’d need to ensure compliance with data privacy laws. “Snyk needs to comply with regulations like GDPR and CCPA,” Furmanski says. “And it’s really important for us that where we keep our users’ data is also complying with those regulations. So having Auth0 [as a compliant identity provider (IdP)] is definitely a big help.”

“Snyk needs to comply with regulations like GDPR and CCPA. And it’s really important for us that where we keep our users’ data is also complying with those regulations. So having Auth0 [as a compliant identity provider (IdP)] is definitely a big help.”

Tzahi FurmanskiEngineering Team Leader

Personalized Onboarding in Seconds

Snyk uses Auth0 for two primary use cases: the individual developers who are the end users and the enterprise connections with large customers. Each group has different identity requirements, but Auth0’s platform has no problem accommodating this diverse set of needs. “It’s really easy for us now to manage the identities of users coming in through different logins because of Auth0’s solution,” says Kotliar.

Enterprise B2B connections typically employ Single Sign On (SSO) or Azure AD. “Big enterprises have their own IdPs, and they want to have their own role-based permissions in their organization, and they want to decide for all their users what they should consume on different apps like Snyk,” Kotliar says.

B2C users, on the other hand, use social logins such as GitHub, Bitbucket, and Google. The advantage of this type of login is that it removes all barriers to conversion, as Snyk’s team can attest. “The first time I logged into Snyk, without any prior knowledge, it was super easy,” Furmanski says. “Just going on the website, choosing what social provider to log in through, and then being launched into the platform.” Kotliar agrees: “The whole process of onboarding users at Snyk takes just seconds. It’s really fast and really easy.”

This ease of use has given Snyk’s platform a conversion rate of nearly 100% for new sign-ups. Furthermore, the team is confident that if they need to add new login options to meet customer needs, it won’t present a problem.

“The whole process of onboarding users at Snyk takes just seconds. It’s really fast and really easy.”

Artur KotliarSenior Software Engineer

Building a More Secure Future for Everyone

The ethos of open-source software is built around developers helping each other by sharing knowledge. Snyk is dedicated to continually improving that ecosystem by making sure that this information is properly vetted. Now, they spend less time on identity and are focused on improving their product to be even more helpful.

Furmanski mentions a new integration that “alerts the developer as he writes the code, before it’s even merged, that ‘Look, you're using here something that has known issues and known vulnerabilities.'” He adds, “We're expanding our reach and strengthening our service to provide easier maintenance, easier prioritization, to help big customers navigate the trenches of vulnerabilities better.”

Snyk’s partnership with Auth0 allows them to innovate without being sidetracked by authentication issues. “By using Auth0 to handle our authentication needs, we’re able to focus on what we do best: providing our customers with the best solution for integrating security in their development lifecycle,” says Furmanski.

“By using Auth0 to handle our authentication needs, we’re able to focus on what we do best: providing our customers with the best solution for integrating security in their development lifecycle.”

Tzahi FurmanskiEngineering Team Leader

About Auth0

Auth0, a product unit within Okta, takes a modern approach to identity and enables organizations to provide secure access to any application, for any user. The Auth0 Identity Platform is highly customizable, and is as simple as development teams want, and as flexible as they need. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. For more information, visit https://auth0.com.

9K+

Enterprise customers

70+

Countries with Auth0

24/7

Support coverage

Get started →

Signing up is free. Experience Auth0 for yourself and see how we help companies of all sizes make their organizations safer.