Case Study: Depop achieves automated vulnerability management at scale with Snyk

Depop rolls out an automated vulnerability management program using Snyk

Depop, the UK-based retail marketplace, needed a better way to manage vulnerabilities across its Scala microservices and many separate repositories. Its ad hoc process for tracking CVEs and dependency issues wasn’t scalable, and the team wanted an automated approach for open source dependencies, containers, and infrastructure as code. To address this, Depop turned to Snyk.

Using Snyk Open Source, Snyk Container, Snyk Infrastructure as Code, the Snyk CLI, and the Snyk Intel Vulnerability Database, Depop integrated automated security scanning across its SDLC and imported all projects in about a month, achieving 100% codebase coverage. Snyk helped the company detect and remediate thousands of vulnerabilities, run over 1,000,000 tests, and cut mean time to fix by 43 days while scaling AppSec support to nearly 100 developers.

Depop

Charlie Stocker

Security Engineer