Snyk CEO Peter McKay has a novel approach to filling the cybersecurity skills shortage — a problem of such magnitude that the White House noted the nearly half-million unfilled cybersecurity jobs following a meeting last week between President Joe Biden and tech giants like Amazon and Microsoft.

McKay’s solution: enlist the world’s 27 million software developers to secure code from the start.

As companies move their applications to the cloud, and developers push software updates on a daily or even hourly basis, security teams can’t keep up. “There isn’t enough security auditors, and the pace of these apps is increasing significantly, so our view is to build security in to the process,” McKay said. “Allow developers to continue to build at a rapid pace. Keep developer productivity increasing, but also being secure at the same time.”

McKay’s not discounting that the 500,000 cybersecurity jobs should be filled. In fact, that number is probably double around the world, he added. But it also requires a rapid, scalable solution as security breaches become larger and more costly. “So our view is that empowering the 27 million developers around the world to build it into their tools that they use every day, when they’re building these apps, is really the only way to do it in a scalable way.”

Companies spend hundreds of billions of dollars on security products that detect and mitigate threats in applications and software already in production, and the industry focuses on the supply-chain security problems in recent attacks like SolarWinds and the Colonial Pipeline ransomware attack, McKay said. “But you’ve got to solve these issues earlier in the process, because by the time they are in production, a lot of it is too late,” he added.

Snyk has always championed developer-focused security. Its initial product, when the company launched in 2015, let developers search for vulnerabilities in enterprise systems, with a particular focus on their open source software, and block the vulnerabilities. Over the years it grew into a more comprehensive application security platform, and it now finds and fixes flaws in containers, application code, and infrastructure as code. And it does this without having to train developers to use security products or learn security speak.

McKay describes Snyk’s software as TurboTax for security. “We don’t expect developers to learn security,” he said. “What we’ve done is we’ve embedded that all behind the scenes, integrated into all the tools that they use, so developers don’t have to be security experts.”

The Snyk platform identifies vulnerabilities in developers’ applications, shows them how to fix these issues, and in some cases auto-remediates the flaws, McKay explained.

“What we’ve done is we buried the complexity of security,” he added. “If you ask the developer: Would you rather build a secure app or a non-secure app if all things are equal? Of course they would want it to be secure. That’s what we’re trying to do — develop fast, stay secure.”

This message seems to resonate with enterprises and investors alike. The vendor recently closed a $300 million Series E funding round and has now raised a total of $470 million with a valuation of $4.7 billion. This means it quadrupled its valuation since the beginning of 2020.

It ended last year with 200% year-over-year revenue increase, and its customers include Google and Salesforce. Snyk says nearly 2 million developers use its platform.

“I was talking to a CIO today who had 12,000 developers around the world and I said, ‘Our goal at Snyk is to empower 27 million developers around the world to use Snyk, either the freemium version or the paid, to secure the digital world,’” McKay said. “And he said, ‘Well, that’s great because I have 12,000 I need to secure, so I’ll help you on that journey.’”