Snyk Launches Agent Security Solution to Protect the Full AI Lifecycle; Announces General Availability of Evo AI-SPM

Snyk introduced an Agent Security solution and made Evo AI-SPM generally available, positioning the work around governance controls for autonomous Artificial Intelligence (AI) agents across their development and production actions. The change matters because organizations deploy agentic coding systems while traditional security review processes do not keep pace with machine-speed code changes.

The announcement described a governance gap tied to autonomous software agents that write, modify, and deploy code at machine speed. Snyk cited its 2026 State of Agentic AI Adoption Report, stating that enterprises that believed they had AI under control discovered they did not, and that for every AI model deployed, enterprises introduced nearly three times as many untracked software components.

Snyk said Evo AI-SPM expanded the operational capabilities of the AI Security Fabric by governing autonomous agents from the moment they were introduced into software through every action they take in production. In its description, the enforcement architecture used a Discovery Agent to map the “code-first” attack surface and generate a live AI-BOM, a Risk Intelligence Agent to enrich inventory with metadata, hallucination and bias metrics, and contextual security signals, and a Policy Agent to translate plain-English governance intent into machine-enforceable security guardrails that execute during Continuous Integration (CI) pipelines.

Agent Security was described as an architecture that secures environment, artifact, and behavior, and also included runtime testing and application security components. “Agentic architectures turn governance into a software supply chain problem,” said Manoj Nair, Chief Innovation Officer at Snyk. In separate remarks, WEX’s Jason Langston, Director, Product Security at WEX, said, “One of the things that was exciting about Evo AI-SPM is the visibility. It only took an afternoon to set it up and less time to pull a report and have full visibility.” Snyk reported that Evo AI-SPM, including the Discovery Agent, Risk Intelligence Agent, and Policy Agent, and Application Programming Interface (API) & Web Testing were generally available, while Agent Scan and Agent Red Teaming were available in Open Preview and Agent Guard was available in Private Preview.