Snyk announced some high-profile partnerships with Docker and IBM Cloud plus updates to its security platform at its first-ever SnykCon event, which, like everything else this year was virtual because of the ongoing pandemic.

The security unicorn, fresh off its DeepCode acquisition and a $200 million Series D funding round that pushed its valuation past $2.6 billion, today launched Snyk Code. This new static application security testing product, based on DeepCode’s semantic code analysis, provides security visibility and remediation for cloud-based applications. It covers the application code, open source libraries, container infrastructure, and infrastructure as code.

“With Snyk Code, we aim to rethink Dev-first, code security,” Snyk co-founder and President Guy Podjarny said. “How do we make SaaS Dev first?”

The company’s mission has always been to look at security through a developer lens, and this includes a different perspective on application security, Podjarny added. “We need to rethink application security into what we call cloud-native application security.”

In addition to the new platform launch, Snyk also announced partnerships with Docker, IBM Cloud, and Datadog.

Docker named Snyk as its exclusive provider of security insights for Docker Official Images and other future content certification programs. This means developers can scan these images using Snyk’s vulnerability risk assessment at each step in the container-based app development and deployment process. It’s important for DevSecOps because, according to Snyk’s research, only 41% of application development teams scan all of their containers for vulnerabilities.

The security vendor also announced that the Snyk Intel vulnerability database will integrate into Datadog’s user interface and IBM Cloud to further boost enterprise workload security. This will help developers automatically find, prioritize, and fix vulnerabilities in open source dependencies and containers.

“Cloud-native development has huge advantages for organizations in terms of efficiency and time to market, but it can be challenging to securely build, deploy, and manage applications,” said IBM Cloud GM Phil Buckellew in a statement. “The key is to provide automated tools that help teams detect vulnerabilities, analyze security configurations, and manage changes at the very outset of development — rather than discovering security issues at runtime.”

The Snyk Intel vulnerability database also integrates into Red Hat CodeReady Dependency Analytics, a hosted service on Red Hat OpenShift that provides vulnerability and compliance analysis for applications. Additionally, Docker, the Linux Foundation, Rapid7, and Trend Micro all use the Snyk Intel vulnerability database behind the scenes to enable secure software development.