Snyk is strengthening its AI Trust Platform with the acquisition of security research platform Invariant Labs. The company is thereby expanding its capabilities to protect agentic AI applications and Large Language Models against new threats.
Invariant Labs has developed Guardrails, a security layer for AI agents and Large Language Models. This technology takes context information into account, scans AI tools statically, and monitors behavior during execution. It also uses human annotations and incident databases to improve security.
According to Marc Fischer, CEO of Invariant Labs, this approach is necessary because agentic AI systems are a new category of software. “We must understand that agent-based AI systems are a powerful new class of software, especially autonomous ones, and demand greater oversight and stronger security guarantees than traditional approaches. We’re excited to join the Snyk team, as this mindset is deeply aligned with their mission,” he says. The acquisition will enable this technology to be made more widely available through Snyk’s AI Trust Platform.
Focus on agentic AI security
Invariant Labs has specialized in researching emerging security risks in AI applications over the past few years. The startup is recognized for its advanced research into threats specifically targeting autonomous AI agents and large language models. Their expertise fits seamlessly with the direction Snyk previously took with acquisitions for security management.
The company has become known for its research into tool poisoning and MCP vulnerabilities. These new threats specifically target AI agents that can control tools and services. They have also coined terminology for new attack methods, such as MCP rug pulls.
The timing of this acquisition is no coincidence. Companies are increasingly facing dangers such as unauthorized data exfiltration to AI agents and situations in which agents perform unintended actions.
Strengthening research capabilities
The acquisition primarily strengthens Snyk Labs, the research arm of the platform. Invariant Labs brings with it a team of security researchers who focus on the specific vulnerabilities of agentic AI systems. These systems have different requirements than traditional software because they can make decisions on their own.
For Snyk, the acquisition offers opportunities to strengthen its position in a growing market. CEO Peter McKay emphasizes that Snyk can now offer customers a single platform for both traditional application vulnerabilities and AI-specific risks.