Snyk Revenue Tied to Developer Activity
Snyk
The real upside is turning security spend from a negotiated seat upgrade into usage that grows on its own as developers ship more code. Snyk already showed it can raise contract value by folding more products into the bundle, and the next step is charging in ways that rise with scan volume, repository count, cloud coverage, and AI coding activity, so everyday development work automatically creates more billable activity.
-
Snyk has used bundling before. It started with open source scanning, then added containers, code analysis, infrastructure as code, and cloud. Those additions helped move Snyk from $250M ARR in 2023 to about $326M by February 2026, even as older open source scanning matured.
-
Usage pricing fits the product workflow better than pure seat pricing. Every new repo, build, pull request, container image, and AI generated code path creates more scans and more remediation work. That makes expansion look less like a sales rep pushing a bigger plan, and more like AWS style spend growing with customer activity.
-
The strategic need is sharper because Snyk now faces bundle pressure from both sides. GitHub and cloud security platforms can tuck scanning into tools teams already buy, while AI native players like Endor Labs and Semgrep are tying value to repository scope, scan volume, and AI workflows. More automatic expansion helps defend against that pressure.
From here, the winners in AppSec are likely to be the vendors whose revenue meter is attached directly to developer activity and AI code generation. If Snyk can make cloud and AI security feel like natural extensions of the core workflow, each added workload can increase both product adoption and account spend with much less friction than the old seat based model.