Snyk

Hello Product Hunters, thanks for coming to check out our product! With a core mission of trying to make the open source ecosystem more secure, we are excited to launch our VSCode plugin VulnCost on Product Hunt. In short, VulnCost empowers developers to import more secure packages into their code and projects straight from the IDE. I'm Guy, the founder of Snyk. After founding a successful startup that was acquired by Akamai and serving as CTO of both companies, I discovered first-hand the challenges of modernizing security from the source - developers & common coding processes. Snyk strives to be a developer-first tool that integrates seamlessly with the tooling developers know and love from Github, to Docker, and even IDEs like VSCode and Intellij. By using VulnCost you will be able to immediately understand the security vulnerabilities you are introducing into your project, and even receive suggestions for more secure alternative packages and immediate fixes when available through a quick scan and pull request directly into your git processes. Today Snyk enables more than 400,000+ developers to scan and fix vulnerabilities in their open source libraries and containers, and this plugin is just one more way for us to make this even simpler and more accessible to all developers. We encourage you to check it out, and register for free to use Snyk and let us know what you think.

IMO this is *the* most important way to surface security vulnerabilities to developers: in context and at the time they are actually working on the code. A report that shows up in an inbox is just too far removed to encourage prompt action. Great work!

Looking forward to installing in VS and finding all sorts of vulnerabilities!