AI meets DevSecOps: Snyk launches agentic orchestrator to tame security chaos

Large language models are rewriting the rules of DevSecOps and cybersecurity -- introducing powerful new capabilities along with equally complex risks. As AI begins to generate and defend its own code, the challenge isn't just speed or scale; it's maintaining control in a landscape where unpredictability is the new normal.

At the AI Security Summit, Snyk Ltd. introduced Evo, an agentic security orchestrator built to confront that challenge head-on. Unlike traditional tools that react after vulnerabilities surface, Evo uses autonomous agents to anticipate and neutralize AI-driven threats before they emerge.

"Evo by Snyk is the world's first agentic security orchestrator," said Manoj Nair (pictured), chief innovation officer of Snyk. "What does that mean? There are agentic orchestrators now. There are others in other industries, like marketing and customer experience -- they are individual agents. You want to give them just enough agency to be specialized like a superhero at a specific task. But the challenge was so big as we went about it that we said, 'This industry doesn't have agentic orchestrators specialized in security.'"

Nair spoke with theCUBE's Jackie McGuire at The AI Security Summit, during an exclusive broadcast on theCUBE, SiliconANGLE Media's livestreaming studio. They discussed how Snyk is aiming for high precision with Evo, turning security chaos into orchestrated defense for the age of intelligent, unpredictable software. (* Disclosure below.)

AI systems create new types of vulnerabilities by linking old infrastructure flaws with emerging AI risks. One of Evo's critical strengths is detecting and mitigating what Snyk calls "toxic flow attacks" -- where malicious prompt injections exploit trusted connections between agents or APIs, according to Nair.

"The speed of AI and these connections is chaining together risks from old problems plus new problems," he said. "Our agents are experts at doing unique things. The last part for non-determinism, and I don't think we see a lot of people talk about it, you think about how do you defeat something that breaks the rules of code? You go before the code's generated."

Evo embeds continuous observation and guardrails throughout the AI lifecycle -- from design and testing to deployment. Inspired by the OODA loop (observe, orient, decide, act) used by top fighter pilots, Evo helps teams detect, interpret and respond to AI threats faster than attackers can act, Nair added.

Here's the complete video interview, part of SiliconANGLE's and theCUBE's coverage of The AI Security Summit: