Be part of immediately’s main executives on-line on the Knowledge Summit on March ninth. Register right here.
In the present day, cybersecurity supplier Legit Security introduced it’s raised over $30 million in funding in a Sequence A spherical. The corporate has additionally introduced the launch of a SaaS-based software program provide chain safety answer out of stealth.
Legit Safety’s platform helps enterprises defend software program provide chains by routinely discovering pipelines, infrastructure, code, and different Software program Growth Life Cycle (SDLC) belongings, in addition to enabling corporations to visualise them in a single place to establish vulnerabilities and generate safety incident reviews.
The answer will provide safety groups and technical decision-makers a approach to enhance transparency over the software program provide chain and what vulnerabilities exist within the atmosphere.
The fact of provide chain assaults
The announcement comes as provide chain assaults are on the rise, with Gartner anticipating that by 2025, 45% of organizations worldwide may have skilled assaults on their software program provide chains, a threefold enhance from 2021.
Risk actors notice they’ll breach a single software program provider and acquire entry to the data of dozens of downstream organizations in a single fell swoop.
On the identical time, organizations can do little to defend in opposition to these assaults as a result of they don’t have management over the safety practices and procedures applied by third-party suppliers.
Nonetheless, Legit Safety is trying to deal with this problem by routinely figuring out SDLC belongings and highlighting vulnerabilities to the consumer to allow them to take motion to higher defend their important information belongings.
“Legit Safety protects software program provide chains from assault by routinely discovering and securing the pipelines, infrastructure, code and other people so that companies can keep secure whereas releasing software program quick,” mentioned CEO Roni Fuchs in an interview.
“Assaults to software program provide chains have elevated dramatically for the reason that SolarWinds assault and are estimated to be growing between 3x to 6x per 12 months. New safety options are wanted that may transcend code scanning to as a substitute safe the broader software program provide chain atmosphere,” he mentioned.
Automating software program provide chain visibility
Legit Safety’s launch locations it throughout the fast-growing supply chain security market, which is projected to develop from $903 million in 2021 to $1.23 billion by 2026. The market incorporates a spread of software program improvement lifecycle (SDLC) suppliers all vying to supply the definitive answer to provide chain assaults.
One of many group’s most related rivals is Chainguard, an answer that makes use of zero-trust ideas to assist organizations safe the availability chain and not too long ago raised $5 million in seed funding.
One other is Sonatype, a device that may routinely detect and repair open supply vulnerabilities, which not too long ago generated over $100 million in annual recurring income.
Nonetheless, Legit Safety goals to distinguish itself from current SDLC suppliers in various methods.
“The Legit Safety platform is exclusive in at the least three areas: the breadth and depth of our automated SLDC discovery and evaluation capabilities; the lots of of finest observe software program provide chain safety insurance policies that may be enforced in our product; and our Legit Safety Rating, which lets you measure and monitor the safety posture of groups and improvement pipelines,” Fuchs mentioned.
The funding spherical was led by Bessemer Enterprise Companions and TCV.