Case Study: Pearson achieves DevSecOps at scale with Snyk's automated dependency scanning

How Pearson Implemented DevSecOps With Snyk’s Automated Dependency Scanning

Pearson, the world’s largest education company, needed to shift security left and embed it into the software development lifecycle but had only a small DevSecOps team (about six engineers) to support roughly 300 development teams and hundreds of applications. To enable developer-led security and scalable dependency management, Pearson selected Snyk for automated dependency scanning and developer-first integration into CI/CD pipelines across diverse tech stacks.

Using Snyk, Pearson implemented a self-service rollout with templates, onboarding forms and training, plus Snyk’s automated remediation to prioritize fixes and reduce risk exposure. The result: DevSecOps at scale—hundreds of apps now scanned, centralized visibility and useful metrics for the small security team, and faster fixes (for example, 20–30 vulnerabilities often resolved by a single dependency upgrade), enabling Pearson to confidently track and improve security across the organization.

Pearson

Paul Graziano

DevSecOps Engineer