ETH spin-off Invariant Labs acquired by Snyk, the leading company in secure AI software development
Invariant Labs, a deep-tech spin-off from ETH Zurich, has been acquired by the cybersecurity company Snyk – less than a year after its founding. The move highlights both the rapid rise of AI-native software and the critical need for robust security innovation.
Addressing the next frontier of cybersecurity
As AI systems evolve from passive tools into autonomous agents, new classes of security threats have emerged. Invariant Labs, a Zurich-based spin-off co-founded in 2024 by computer science Professors Martin Vechev and Florian Tramèr and three of their graduates, was one of the companies to sound the alarm on these threats – publishing insights on Model Context Protocol (MCP) vulnerabilities and discovering and naming attack terminology such as “tool poisoning”.
Agentic AI is widely seen as a major development in the field, but it brings with it significant safety and security challenges. Invariant Labs has been working on solutions to tackle precisely these issues – technologies that are now being incorporated into Snyk’s platform to strengthen protection at the core of AI systems.
“Agentic AI is the next big thing. But it comes with serious safety and security concerns. Invariant Labs developed technology that directly addresses these risks.”Prof. Martin Vechev, Head of the Secure, Reliable and Intelligent Systems Lab at ETH Zurich and co-founder of Invariant Labs
From research to industry-shaping security tools
Invariant Labs developed Guardrails, a transparent and contextualised security layer for large language models (LLMs) and AI agents. Their methods combine static scans of agent tools, run-time behavior, incident data and human annotations to allow developers to detect and mitigate threats in real-time.
The founding team – Marc Fischer (CEO), Dr Mislav Balunović (former CTO) and Luca Beurer-Kellner (Chief Scientist) – are all former doctoral students in Vechev's SRI Lab and long-time collaborators with Vechev on AI security research. Less than a year after formal spin-off registration in 2024, their work attracted the attention of Snyk.
The acquisition is not just a business milestone - it’s a strategic investment in ETH’s innovation ecosystem. The Invariant Labs team will continue working from Zurich, contributing to both the local deep-tech momentum and Snyk’s new research unit, Snyk Labs. "This move also opens up exciting new opportunities for ETH students," says Martin Vechev. He adds that they are planning to enable Master’s theses and joint research with Snyk, focusing on emerging AI security challenges. This could also benefit ETH Zurich, making it more attractive for those who want to work on exciting new tech topics.
A shared mission to secure the AI-native future
Snyk’s acquisition of Invariant Labs marks a major expansion of their AI Security capabilities, complementing the recent launch of the Snyk AI Trust Platform. As Chief Innovation Officer Manoj Nair puts it: “With Invariant Labs, we’re accelerating our ability to identify, prioritise and neutralise the next generation of AI threats before they reach production.”
The Invariant Labs team brings a deep understanding of agent systems as a new class of software – one that requires fundamentally different approaches to achieve robust security. This perspective aligns closely with Snyk’s mission and was a key driver behind the acquisition.
“We understand agent systems as a new type of software that requires novel and innovative approaches to provide strong security guarantees. We’re excited to join the Snyk team as this understanding is also core to their mission.”Marc Fischer, CEO and co-founder of Invariant Labs
ETH innovation with global impact
The acquisition of Invariant Labs follows Snyk’s earlier purchase of DeepCode in 2020, another ETH Zurich spin-off co-founded by Professor Martin Vechev. This development underscores the real-world impact of research from Vechev’s lab and demonstrates how academic innovation at ETH Zurich is shaping the field of AI security.
Snyk’s acquisition also reflects the value of long-standing collaboration between ETH researchers, students, and industry partners. As AI systems become increasingly powerful and integral to modern software, such partnerships are essential for advancing trustworthy and secure technologies.
About Invariant Labs: Invariant Labs is a security research lab dedicated to building robust, reliable, and secure AI agents. As an ETH Zurich spin-off and ETH AI Center affiliated startup, which focuses on securing and safeguarding AI applications.
About Snyk: Snyk, the leader in secure AI software development, empowers organisations to build fast and stay secure by unleashing developer productivity and reducing business risk. The company’s AI Trust Platform seamlessly integrates into developer and security workflows to accelerate secure software delivery in the AI Era. Snyk delivers trusted, actionable insights and automated remediation, enabling modern organisations to innovate without limits. Snyk is redefining secure AI-driven software delivery for over 4,500 customers worldwide today.