What happened
Announced June 23, 2026 with GA on June 29, Snyk Evo ADS embeds a three-layer enforcement plane into the AI agent execution loop: (1) agent supply chain security — continuous discovery and risk scoring of MCP servers across developer environments (found 4,524 unique MCP servers across ~10,000 environments; 1 in 12 with high/critical findings); (2) agent behavior governance — real-time policy enforcement on agent actions before execution; (3) AI-generated code security — scanning generated code for vulnerabilities at inception, before commit.
Why it matters
Snyk's scan data shows 80% of developers run 2+ AI coding environments and 50.8% have live MCP server connections to production — ADS is the first major DevSecOps platform to govern the full agentic dev lifecycle rather than just scanning static output.
Applicability
DevSecOps and platform engineering teams deploying AI coding agents (Cursor, Claude Code, GitHub Copilot); evaluate for any organization with active MCP server usage in developer environments.