Snyk is a developer-centric company whose raison d’être is to identify and patch vulnerabilities in open source security software. With about 50 engineers, Snyk VP Engineering Anton Drukh wants to maintain flexibility in how the team operates. The best way to ensure that is to give them as much insight into their own work as possible, and hence options. They also look at the state of open source security across the industry.
To get the most observable environment possible, Snyk deployed Logz.io to achieve end-to-end visibility into their production environment.
“We’re using the it to extensively monitor our services on a very deep applicative level…I like the way the company is masking the complexity I do not need to handle.”
Debugging Open Source
“Logz.io is taking the headache out of maintaining and running a very scalable Elasticsearch cluster, but still giving us all the flexibility to send in the data we want and get the most insightful feedback out of it.”
In this video, Anton Drukh, Snyk’s VP of Engineering, describes how the company uses Logz.io to proactively monitor their services, triggering alerts around performance degradation, and asserting overall validity of their environment.
More open source security scenarios
You can get more information on the open source security scene from Logz.io and Snyk. Check out our posts on open source HIDS and open source NIDS products, plus our post on managing open source vulnerabilities. Read Snyk’s take on shifting security left by shifting culture.