Category: Funding

According to a report by Deloitte in collaboration with the National Association of Chief Information Officers (NASCIO), American Chief Information Security Officers (CISOs) are grappling with significant challenges in protecting their organizations’ IT infrastructures from cyber attacks. A critical factor in this struggle is the ongoing financial constraint that limits their ability to invest in essential tools and services needed to effectively combat cyber threats.

CISOs universally prioritize the safeguarding of their company’s digital assets against cyber attacks. However, many find themselves inadequately supported, with a striking number receiving less than 1% of the total annual budget to tackle their organizations’ security challenges. This lack of funding severely restricts their ability to implement comprehensive security measures.

As a result, many CISOs can only focus on maintaining their infrastructure by addressing vulnerabilities and misconfigurations—issues that, if overlooked, can lead to dire consequences for their organizations. The situation has been exacerbated by the rise of artificial intelligence (AI)-driven threats, which expand the potential attack surface. State-sponsored hackers increasingly employ sophisticated techniques such as phishing, vishing, pharming, and vulnerability exploitation, making it more crucial than ever for organizations to bolster their defenses.

In a related development, a study conducted by Databarracks highlights a troubling trend in the United Kingdom, where cyber attacks have emerged as the leading cause of business shutdowns. The findings underscore the severe data loss experienced by UK businesses, reinforcing the urgent need for robust cybersecurity measures to mitigate the frequency and scale of such attacks.

Experts assert that, in both the American and UK contexts, it is imperative to allocate sufficient budgets for proactive security initiatives. CISOs must also communicate effectively with business leaders about the necessity of staying ahead of cybercriminals. Any complacency in this regard can swiftly lead to severe repercussions for a business, including operational downtime that is not easily recoverable. While cyber insurance can offer some level of protection, it should not be relied upon as a primary defense strategy.

In summary, the challenges faced by CISOs in both the U.S. and the U.K. highlight a pressing need for increased investment in cybersecurity. By securing adequate funding and fostering a proactive security culture, organizations can better defend against the evolving landscape of cyber threats.

The post American CISOs Face Budget Challenges in Cybersecurity Defense appeared first on Cybersecurity Insiders.

LayerX, the creator of the innovative LayerX Browser Security platform, has successfully closed $24 million in Series A funding. This round was spearheaded by Glilot+, Glilot Capital Partners’ early-growth stage fund, with contributions from Dell Technologies Capital and other backers. Lior Litwak, Managing Partner at Glilot Capital and Head of Glilot+, along with Yair Snir, Managing Partner at Dell Technologies Capital, are set to join LayerX’s board.

The influx of funds will bolster corporate development, enhancing talent recruitment and expanding the company’s global footprint. To date, the company’s funding total has reached $32 million. In today’s digital age, enterprise employees increasingly depend on browser-based tools and SaaS platforms. However, these essential tools also introduce significant security threats, such as data breaches, identity and password thefts, harmful browser add-ons, phishing websites, and more. Specifically designed to fortify browser-based operations on both managed and unmanaged devices, LayerX stands out in its field.

“We’ve transformed workforce protection for organizations without requiring the transition to a dedicated secure browser. Unlike other solutions, installed in a matter of minutes, the LayerX Browser Extension does not impact employee efficiency, speed, privacy or the browsing experience, ” said Or Eshed, co-founder and CEO, LayerX. “As the browser becomes more central to the employee, we anticipate it becomes more attractive to the attacker, particularly in the wake of GenAI tools used in browser-related activities,” he continues. “Today’s funding round is a testament to our increasing market opportunity and the innovation behind our platform’s user-friendly approach to a more secure browser experience.”

The LayerX Enterprise Browser Extension works seamlessly across all major browsers like Chrome, Firefox, and Edge, requiring no agents, VPNs, or changes to network settings. Upon deployment, security and IT departments can monitor user activities closely and address threats instantly, all without disrupting the user experience. LayerX effectively shields against all types of threats, whether they originate from user errors or external attacks. The platform’s AI technology meticulously examines browser-executed code, automatically generating detailed insights into user behavior.

“Since inception, LayerX showed super fast growth and adoption by the world’s leading enterprises. The company is at the forefront of defense for modern organizations. By protecting the browser, the central productivity application in organizations, from a wide range of new-generation security risks, LayerX can solve acute security problems that have remained unanswered until now,” said Kobi Samboursky, Founding and Managing Partner at Glilot Capital

“We believe that this novel solution for securing browsers will replace most SASE and SSE solutions prevalent today in organizations. At an estimated market size of $7 billion, the potential inherent in LayerX’s technology is tremendous.”

“Similar to other successful entrepreneurs in the cybersecurity field we’ve collaborated with, Or and David bring significant experience and knowledge in understanding the technical issues involved in threats to organizations and the motivations of attackers. Consequently, they recognize that effective security measures should adapt to real-world user behaviors, rather than the other way around,” said Yair Snir, Managing Director at Dell Technologies Capital.

“In a world where most computer operations are conducted through browsers, LayerX introduces a creative approach to corporate security that is user-friendly, robust, and easily implementable in large organizations. This approach transforms the browser from a major vulnerability to a strength, facilitating secure work across devices. Our investment in LayerX isn’t just driven by the promising opportunity but also by the potential impact of the company’s solution on organizations, regardless of where employees conduct their tasks.”

About LayerX
LayerX was founded in 2022 by Or Eshed, CEO, and David Weisbrot, CTO, who developed web attack and defense systems during their military service. In 2017, Eshed led the exposure of the largest attack campaign in history on the Chrome browser, which involved tens of millions of compromised browsers and even led to the capture and trial of the hackers. LayerX has Fortune 100 clients worldwide.

LayerX Enterprise Browser Extension natively integrates with any browser, turning it into the most secure and manageable workspace, with no impact on the user experience. Enterprises use LayerX to secure their devices, identities, data, and SaaS apps from web-borne threats and browsing risks that endpoint and network solutions can’t protect against. Those include data leakage over the web, SaaS apps and GenAI Tools, malicious browser extensions, phishing, account takeovers, shadow SaaS, and more.

The post LayerX Security Raises $24M for Innovative Browser Security Platform appeared first on Cybersecurity Insiders.

The cybersecurity landscape has undergone a dramatic transformation over the past few years, influenced by shifting threat vectors, technological advances, and changing market dynamics. For venture capital firms like Evolution Equity Partners, navigating these complexities is more crucial than ever. I recently had the opportunity to explore these topics with Richard Seewald, the Founder and Managing Partner at Evolution Equity Partners, a VC firm that has been successfully investing in cybersecurity companies for the last 25 years.

Big Picture Shifts in Valuations and Investments

Richard outlines how Evolution Equity Partners has been investing throughout all stages of the business cycle, including critical moments like the post-9/11 era, the 2008 financial crisis, and the post-COVID-19 scenario. These times were marked by significant shifts in investor confidence, interest rates, economic growth, and supply-demand imbalances. However, the opportunities and growth drivers around cybersecurity have remained persistent.

Seewald recalls that in the year 2000, the overall total addressable market for cybersecurity was around $5 billion. After the 2008 crisis, it rocketed to $50 billion. “We are on target to be at $250 billion as we reach the middle part of this decade,” he adds. To put it in perspective, a McKinsey report suggests that cybersecurity could be a $2 trillion market by the end of the decade. “It’s exactly at this point in the cycle that best-of-breed cybersecurity companies are built that are addressing next-generation attacks,” Richard emphasized.

When we look at recent history, we see that the emergence of companies like Crowdstrike, Okta, and Palo Alto Networks coincided with economic downturns, aligning with Seewald’s observations and confirming that periods of economic instability often act as a catalyst for innovation in the cybersecurity space.

Investment Opportunities in Cybersecurity Segments

When asked about the most attractive investment segments within cybersecurity, Richard took us through the firm’s experience in Machine Learning (ML) and Artificial Intelligence (AI). Evolution Equity made its first AI/ML investment in a company called Cognitive Security back in 2012, which later got acquired by Cisco. Richard further observes that machine learning and AI have evolved from just detection to response capabilities.

“One of the areas that we think is particularly compelling in the machine learning space today is protecting the developer environment,” Richard notes. In this context, he mentions an investment in Protect AI, helping organizations deliver secure and compliant ML models and AI applications. The focus is on protecting the AI and ML algorithms, applications, and models as the vulnerability and attack surface to hackers has significantly increased. This is a particularly salient observation as ML and AI are now being deployed across all major industry sectors including healthcare, finance, and more.

Adding Value Beyond Capital: The Evolution Equity Approach

Evolution Equity Partners’ investment philosophy extends beyond capital infusion. Richard cited the example of AVG Technologies, a company where the team at Evolution Equity Partners was instrumental in growing revenue from $4 million to almost $400 million within a decade.

“The playbook that we developed over the last two decades in helping growth-stage businesses in the cybersecurity space has now become institutionalized,” says Richard. He mentions that the firm operates centers of excellence around cybersecurity growth, staffed by professionals who have been integral in building cybersecurity businesses over the last two decades. This involves specialized know-how in product-led growth, operating metrics, and focusing on ROI-driven growth versus “growth at all costs”.

The Shifting Geographical Dynamics

Seewald dives into a fascinating aspect of cybersecurity investments—the geographical dimension. Contrary to popular belief, the cybersecurity investment world isn’t as U.S.-centric as one might think. While 80–90% of cybersecurity companies are U.S.-based, followed by Israel and the U.K., Seewald believes that Europe presents a burgeoning opportunity for cybersecurity startups. “We’ve been one of the most active investors in European cybersecurity over the last decade,” he says, noting investments or acquisitions in almost every major European country.

European cybersecurity companies often set up their headquarters in the U.K. due to an ecosystem that facilitates opportunities for them across Europe, similar to how U.S. cyber ecosystems are concentrated on the East and West Coasts. Companies from countries with significant defense budgets, such as the UK France and Germany, are creating exciting opportunities in the cybersecurity space.

“I am positive we are going to see a billion-dollar machine learning and AI company based on revenue, not just valuation, come out of Europe in the cybersecurity space over the next couple of years,” Seewald predicts. “The quality of universities in Europe is fostering an environment ripe for this sort of innovation.”

Israel, according to Seewald, holds a special place in the global cybersecurity landscape. “Israel is just a unique ecosystem in part because of the flywheel that exists around the cybersecurity entities in the country that produce talent that is well connected, experienced, and technically savvy,” he explains. Evolution Equity Partners has been a key investor in Israel, with recent investments in cybersecurity startups in Tel Aviv.

The Future Outlook

Seewald emphasizes that now is the opportune moment to invest in cybersecurity. “Companies that are born today will be the champions of tomorrow,” he asserts. For instance, during the 2008 financial crisis, companies like CrowdStrike were born, which later turned into market leaders. Seewald encourages cybersecurity entrepreneurs not to be disheartened by current economic fluctuations or contraction in the market. “This is an area that’s mission-critical to our world today. It’s our infrastructure, our companies, our governments that need protection. It’s our way of life,” he says, underlining the sector’s critical importance. “We’re pretty positive about the opportunity in this category over the next couple of years,” Richard asserts.

As we wrapped up our discussion, it was evident that the evolving cybersecurity landscape presents both challenges and opportunities. Evolution Equity Partners, with its depth of experience, is well-positioned to capitalize on these opportunities, steering cybersecurity companies through market cycles to become next-generation cybersecurity leaders.

As the demand for cybersecurity solutions continues to grow—driven by an expanding attack surface, regulatory mandates and an evolving threat landscape—now is an attractive moment for investors to engage deeply with this critical and expanding market. This isn’t merely about hedging against risks or short-term gains; it’s about contributing to building a safer, more secure digital world and protecting our way of life for decades to come.

Venture firms like Evolution Equity Partners serve as key pillars in the cybersecurity ecosystem, enabling innovation, fostering growth, and facilitating market adaptation. Their experiences and strategies offer crucial insights into how the investment community views cybersecurity — as a dynamic, high-growth sector with tremendous potential, not just now, but in the decades to come.

And for those looking to start the next cybersecurity success story: “Don’t be discouraged by any of the headline reports,” Seewald advises, “The right time to be building a cybersecurity company is now.”

Learn more about Evolution Equity Partners here: https://evolutionequity.com/

 

Image By vecstock

The post Investing in Cybersecurity’s Future: A Conversation with Richard Seewald of Evolution Equity Partners appeared first on Cybersecurity Insiders.

TEL AVIV, Israel, August 9, 2023: Sweet Security today announced $12 million in seed funding and the launch of its Cloud Runtime Security Suite. The round was led by Glilot Capital Partners with participation from CyberArk Ventures and angel investors including Gerhard Eschelbeck, former CISO at Google and Travis McPeak, who led product security at Databricks. Sweet was founded by retired Brigadier General, Dror Kashti, former CISO of the Israel Defense Forces (IDF), retired Colonel, Eyal Fisher, former head of the Cyber Department at Unit 8200 and Orel Ben-Ishay, former Head of the Cybersecurity R&D center at Unit 81. With a clear vision on how to best raise the bar for cloud defense, they built a cloud-native runtime security suite that enables security teams to stop cloud workload attacks, quickly and with surgical precision.

While leading the IDF’s digital transformation effort, Sweet CEO and co-founder Dror Kashti found that even though securing development environments is essential, current cloud runtime security solutions are insufficient for preparing a company for a breach. As critical as it is for companies to shift their cloud security left, attacks only unfold in runtime. Companies require technological “boots on the ground” to detect them. Existing detection tools either provide very limited functionality or aren’t optimized for the cloud. Defenders need cloud-native runtime protections that provide a full narrative for understanding and stopping attacks as they unfold.

Introducing Sweet – The Cloud Runtime Security Suite

Sweet’s Cloud Runtime Security Suite enables CISOs and security teams to level up their cloud security from partial to complete defense. Providing robust defenses across all stages of an attack, its feature set includes Detection & Response, Discovery and Prevention – all in runtime. Sweet’s runtime sensor takes under five minutes to deploy, immediately providing cloud-native cluster visibility. It streams key application data and business logic to its servers, using an innovative framework to profile workload behavior anomalies and contextualize them with traditional TTPs.

Sweet’s modern attack detection model and patent-pending auto learning technology enable immediate delivery of critical, comprehensive attack findings that allow mitigation before, during and after attacks occur.

As a result, Sweet provides CISOs with the technical underpinnings needed to be accountable for cloud security. It also enables them to refresh corporate SOC and IR processes for cloud native environments, enabling the organization to  ease into cloud adoption and digital transformation.

For security teams, Sweet provides a powerhouse set of runtime “must-haves”, providing a fully contextualized, at-a-glance attack narrative, backed up with extensive response capabilities, a detailed runtime topology and the ability to prioritize DevSecOps remediation efforts.

“As a large, cloud-first company, our business relies on our ability to protect our customers’ digital assets. We needed a runtime security suite that matched our scale, speed, and technology,” said Michael Shaulov, co-founder and CEO, Fireblocks. “Sweet’s technology provides real-time security detection & prevention capabilities to our cloud workloads and, importantly, with minimal business interruption. Its insights on connectivity, visibility to our cloud’s topology, and automatic classification of real-time threats is a force multiplier to our Security Operation Center and our DevSecOps teams.”

“Sweet’s vision for cloud runtime security is spot on, with a  deep understanding of how cloud attacks unfold, and critically, enables defenders to be much more effective at containing them,” said Srinath Kuruvadi, Managing Director, Head of Cloud Security, JPMorgan Chase & Co. “Attacks against cloud workloads are only going to increase in frequency and sophistication. The industry needs comprehensive security solutions to face them and Sweet is driving this shift with its extraordinary vision and expertise.”

“Investing in Sweet Security was a no-brainer,” said Kobi Samboursly, Founding Partner, Glilot Capital Partners. “First, it’s addressing an increasingly problematic cloud security gap – cloud runtime defense. Second, Dror, Eyal and Orel bring superpowers to the table: the depth and breadth of their cloud security expertise and their ability to build and mentor talented, high performing teams. Sweet is off to a great start and we look forward to supporting its success.”

‘Cybersecurity’ and ‘delightful’ are not words that normally go hand in hand, but we want our customers to use them in the same sentence when talking about our solution,” said Dror Kashti, co-founder and CEO, Sweet Security. “We feel our timing is right to make that happen. If SOC and IR teams don’t have to constantly tune their security products or sift through mountains of alerts, they’ll execute at a higher level, and they’ll be happier. Cloud detection and response may be complex, but it doesn’t have to be painful.”

About Sweet Security

Sweet’s Cloud Runtime Security Suite delivers first-to-market capabilities for defending cloud workloads, shifting cloud security right. Founded by retired, elite IDF commanders with prodigious expertise in offensive and defensive cloud security, Sweet’s approach elevates the ability of security teams to shut down cloud attacks when they occur, where they occur, with maximum precision and minimal business disruption. Sweet Security is backed by Glilot Capital Partners, CyberArk Ventures and an elite group of angel investors. For more information, please visit http://sweet.security

The post Sweet Security Lands $12 Million in Seed Funding to Shift Cloud Security Right with Runtime Security Suite appeared first on Cybersecurity Insiders.

When COVID-19 disrupted our work environments and triggered a massive shift to remote work, organizations faced the daunting task of securing corporate data and apps across thousands of disparate locations and devices.

Companies, employees, and IT departments were forced to quickly adapt to this new reality of a remote-first world. The issue was further exacerbated by traditional remote desktop solutions that proved inadequate for this new landscape. The blurring of personal and professional time, the rise of gig workers, offshore employees, and the need for businesses to secure this dynamic world of remote work, strained traditional remote desktop systems like Virtual Desktop Infrastructure (VDI) to their limits.

Traditional Remote Work Solutions Fall Short

Traditional VDI systems are ill-equipped to handle this shift, offering subpar user experiences due to latency, slowness and management overhead. Enterprise Browsers, although a more innovative solution, also have limitations around application use and network integration. Before Venn’s emergence, companies often resorted to shipping secure, corporate laptops to their remote employees or relied on complex, costly VDI technology to stay compliant with regulatory requirements. These solutions not only frustrate users but also fall short in terms of security, cost effectiveness and ease of use. This situation also leads to the security workaround paradox, where users, restricted by too many security constraints, seek alternate, less secure methods to get their work done. The urgent need for a better solution to secure remote work is evident.

A New Approach to Securing Remote Work

Recognizing the mounting issues associated with securing distributed workforces, David Matalon and his team at Venn Software sought to revolutionize remote work security. Having previously helped hundreds of organizations overcome compliance and security issues for remote workers, they understood the challenge at hand. With Matalon’s vision, the team started Venn, a radical and less costly alternative to VDI, and the first MDM (Mobile Device Management) solution for laptops. This vision resonated with investors, leading NewSpring Capital to support the product development and growth, resulting in a successful $29 million Series A funding round.

Recently awarded with a key patent (U.S. Patent No. 11,687,644) for a “Secure Visual and Computational Boundary for a Subset of Resources on a Computing Machine”, Venn’s approach is innovative: Remote work activity now lives in a company-controlled Secure Enclave installed on the user’s computer where all work data is encrypted and access is managed.

Similar to MDM for mobile devices, work applications run locally within a virtual wrapper, visually indicated by a Blue Border™, which intuitively demarcates protected work apps from private user applications. This method provides control over what work data can be transferred in and out of an application. This way, businesses can restrict activities like copying and pasting corporate data outside of work applications or saving a file onto a personal desktop. Even network traffic can be protected to ensure certain applications only connect to approved servers. With this approach, business activity is isolated and protected from personal use on the same device, safeguarding company data without having to control the entire device.

With Venn, employees can now use their personal computers for work without compromising security, effectively bringing BYOD (Bring Your Own Device) to laptops. This not only enhances the user experience but also drastically reduces the costs associated with maintaining separate devices or running complex virtual environments.

Matalon explains, “Instead of having to buy, manage, and lock down every PC and device, remote work can now easily be secured on any BYOD or unmanaged computer. Venn gives organizations more control, without the need for costly backend infrastructure.” The granting of the patent further strengthens the company’s intellectual property and ability to expand investments in Secure BYO-PC (Bring Your Own Personal Computer) technology.

With its key patent granted, a successful Series A funding round, and growing customer validation, Venn is ideally positioned for the next phase of growth. More than 700 companies, including major players like Fidelity, Guardian, and Voya, already trust Venn to meet stringent standards like FINRA, SEC, NAIC, and SOC 2. The focus now is on driving further innovation, expanding the reach of their Secure BYO-PC technology, and helping more organizations securely navigate the world of remote work.

As the boundaries between personal and professional devices continue to blur, and remote work becomes the new norm, the need for efficient, secure, and user-friendly remote work solutions has never been greater. With Venn, businesses now have a radically simplified, cost-effective alternative that meets these needs while enhancing the user experience – setting a new bar for the future of secure remote work.

To learn more, please visit: https://www.venn.com/patent-technology-mdm-for-laptops

The post Venn Redefines Remote Work Security with Innovative BYO-PC Solution appeared first on Cybersecurity Insiders.

TEL AVIV, Israel, May 24, 2023 — Memcyco, the real-time website impersonation detection and prevention solution, has completed a $10 million seed round led by Capri Ventures and Venture Guides. 

Brandjacking is among the most common forms of cyberattacks globally. Twenty percent of consumers collectively lost more than $2.6 billion in 2022 due to imposter scams, according to U.S. FTC Consumer Sentinel Network’s data book. Website impersonation (also known as “brandjacking”) draws users to fraudulent copies of a brand’s website to trick them into revealing personal and financial account information used to steal their identities and funds. 

Memcyco counters these assaults with an agentless Proof of Source Authenticity (PoSA™) technology that delivers Zero Day protection and real-time detection, helping to identify the attacks at the point of impact. PoSA™ provides the brands with full details of the attempted attack session to ensure complete visibility. It is also the first technology that issues a Red Alert to the brand’s users when they navigate to the spoofed website. PoSA™ uses artificial intelligence to study behavioral patterns in order to identify and alert organizations when irregular activity occurs.  

PoSA™ also includes a digital watermark displayed on the brand’s actual website that reassures customers of the website’s authenticity. Brands can easily integrate the watermark into their website and allow their users to customize it with their own secret, so that it is instantly recognizable and impossible to forge. This cultivates a secure environment and affinity for the brands’ customers, promoting digital trust. 

Memcyco is minimizing the cost of damages to both brands and their customers, reducing user education efforts, decreasing the snowball effect that prevents users from interacting with digital properties, and boosting brand reputation and trust among end users.

“At Memcyco, we have introduced a new paradigm for preventing website impersonation by providing multiple layers of protection for companies and their customers,” said Israel Mazin, CEO and co-founder of Memcyco. “This investment from such experienced leaders in cyber security delivers a strong vote of confidence in Memcyco’s ability to deliver a more secure and trustworthy digital ecosystem.”

“Everyone knows someone who has fallen victim to a phishing-based brandjacking scam,” said Alex Pinchev, Founder and Managing Partner at Capri Ventures. “Memcyco is the first company to provide a real-time solution to that problem, while existing approaches are mostly after-the-fact and leave organizations not knowing which users fell victim to the attack.”

“Memcyco’s leadership team is fully committed to protecting banks, eCommerce and other customers whose businesses depend on the trust and goodwill of their customers. We believe they will build the company to become the leading innovator in digital trust.” added Ben Nye, Managing Partner at Venture Guides.

About Memcyco

Memcyco was founded to create a world in which users can confidently interact with businesses online, and scammers are deterred from impersonating brands. Its real-time digital brandjacking protection solution helps brands counter impersonation fraud and its associated damage to businesses and their customers. Memcyco is trusted by leaders in financial services, eCommerce and other industries. 

Media contact:

avi@inboundjunction.com
Avi Krupman

The post Memcyco Raises $10M To Deliver Real-Time Brandjacking Protection appeared first on Cybersecurity Insiders.

The company also unveils seed investors, SBOM360, and distribution partnerships, validating approach to detecting software supply chain attacks

SARATOGA, Calif., February 7, 2023/BusinessWire/ – Lineaje, an emerging leader in software supply chain security management, today announced that it has closed a $7 million seed funding round led by Tenable Ventures, a corporate investment program of Tenable, the exposure management company. The round also includes participation from other industry-leading executives and cyber technology companies. The new injection of capital comes at a pivotal time as the company also announces SB0M360, a first-of-a-kind software supply chain management solution, as well as a new distribution partnership with Persistent Systems.

Setting the Stage for Growth, Secure Software Development and Better Runtime Security

Lineaje’s technology helps organizations secure their complete software supply chain whether they build, buy, or use software. Lineaje’s unique approach can determine the components of all software and expose each component’s multi-level dependency chain. Its cutting-edge fingerprinting technology can attest to the authenticity of the entire supply chain, eliminating supply chain compromises. Validating this approach, Tenable has selected Lineaje as one of three inaugural members of Tenable Ventures. Tenable Ventures is working with Lineaje to create shareable data models so that software supply chain data can create better runtime security that comprehends and secures built-in weaknesses in deployed software.

“Lineaje and Tenable share the same vision – to reduce customers’ exposure to attacks on their digital infrastructure,” said Matthew Olton, Senior Vice President, Tenable. “Lineaje’s ability to detect what’s in your software and assess and mitigate software supply chain risks gives organizations the assurance that the software they deploy to run their business will not be used to harm them.”

The round also includes participation from Dreamit Ventures, Veear Capital, Richard Clarke’s Belltower Fund Group, and other prominent cyber security executives. With the combined seed investment, Lineaje will accelerate its go-to-market strategy, invest in continued R&D, and expand its workforce.

“Developers trust open source and third-party packages that they include in their software assuming integrity of the software supply chain. Unfortunately, supply chain attacks have proven that this trust is misplaced,” said Lineaje CEO and Co-founder Javed Hasan. “Lineaje brings a trust but verify approach to the software supply chain by automatically attesting to the integrity of every component in your software and delivering high quality alerts when that verification is not achieved.”

Reducing Exposure with Assurance that Software is Built and Runs Securely

Gartner® predicts that “by 2025, 45% of organizations worldwide will experience attacks on their software supply chains, a three-fold increase from 2021.”  Lineaje’s flagship product, SBOM360, is the industry’s first software supply chain and software bill of materials (SBOM) manager. Customers can manage the software supply chain of all software – built or bought by a company. Using SBOM360:

  • Software Producers- CPOs, chief product security officers, open-source office managers and DevSecOps leaders – can create a fully managed and secure software supply chain, as well as publish accurate SBOMs with confidence.

  • Software Consumers – CISOs, CIOs, procurement officers – can evaluate all their vendors’ SBOMs and deploy third-party software with assurance. This enables them to create a managed and secure software supply chain.

  • Users can search ALL of their deployed software in seconds to find newly discovered vulnerabilities, indicators of compromise (IOCs) and deeply embedded components in seconds, reducing time to discovery and time to secure dramatically.

Lineaje has more than 150,000 SBOMs, managed by SBOM360, spanning custom applications, open source, packages, commercial off-the-shelf (COTS), mobile apps and containers, accelerating supply chain management progress for all its customers.

Expanding Software Supply Chain Protection Across Industries

Additionally, Lineaje is announcing new distribution agreements with Persistent Systems, a global digital engineering leader. Persistent Systems will resell SBOM360 and use SBOM360 to create and manage software supply chains of its customers.

“Lineaje’s SBOM360 is instrumental in assessing and managing the software supply chain of both new applications as well as legacy products. We are excited to take this first-of-its-kind offering to market globally,” said Nitish Shrivastava, SVP, Products, Persistent Systems. “In working with Lineaje, our goal is to spotlight how Persistent Systems ensures that components used in our built and managed software are secure.”

Gartner Press Release, Gartner Identifies Top Security and Risk Management Trends for 2022, March 7, 2022.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

About Lineaje

Lineaje provides Continuous Software Supply Chain Security Management to companies that build or use software. Destructive supply chain attacks, undetectable by existing cybersecurity tools, are growing rapidly, impacting thousands of companies through a single compromise. Lineaje secures companies from these attacks. Lineaje SBOM360 allows companies to centrally manage their entire software supply chain, which consists of applications they build or buy, thereby allowing them to govern SBOMs at an enterprise-wide level. SBOM360 also enables compliance with US Executive order 14028 and other international regulations that control the procurement of third-party software by federal agencies, defense departments and other government organizations.

Does your organization know ‘what’s in its software?’ Find out at https://www.lineaje.com/

Media Contact

Fabienne Dawson

Fabienne_dawson@lineaje.com

Touchdown PR

Alyssa Pallotti

lineaje@touchdownpr.com

The post Elite Roster of Cybersecurity Investors Backs Lineaje to Deliver Industry-first Supply Chain Security Solution appeared first on Cybersecurity Insiders.