Enterprise security startup Cycode secures $4.6 million in funding to protect source code from theft, leakage and manipulation
Cycode, a Tel Aviv, Israel-based enterprise security startup Cycode, has raised $4.6 million in seed fund to deliver industry’s first source code control, detection and response security solution. The round was led by YL Ventures with participation from security industry leaders including Mike Fey (CEO of D2iQ and former president & COO of Symantec), Andy Grolnick (former president & CEO, LogRhythm), Justin Somaini (former CSO, SAP) and Eyal Gruner (founder & CEO, Cynet).
Founded and led by former Symantec security architect Lior Levy (CEO) and security researcher and serial entrepreneur Ronen Slavin (CTO), Cycode’s mission is to protect source code, the building blocks of an organization’s software, and the highly valuable intellectual property (IP) contained in it, from the growing risk of theft, leakage and manipulation.
The Cycode source code control, detection and response platform is currently in limited availability to qualified customers. General availability will begin in early 2020.
As organizations depend increasingly on software for competitive advantage, the IP contained in source code has become an attractive target for cybercriminals. Not only does source code expose trade secrets and closely held IP, such as business logic, proprietary algorithms and machine learning models, it also comprises information that can be used to discover, locate and attack an organization’s systems and data. High-profile incidents at technology leaders Apple, Tesla and Samsung, and at financial services firms Goldman Sachs, KCG and Susquehanna International, demonstrate just how damaging and far-reaching the consequences of such attacks can be.
Nonetheless, source code protection remains a gaping void in cybersecurity. “Organizations today depend on development teams composed of local and remote employees, contract developers and other third parties working across on-premise and cloud source control management systems. Easy access across these many fragmented repositories is crucial to keep developers productive and delivering,” says Cycode CEO and co-founder Lior Levy. “Unfortunately, security teams lack the visibility and control they need to protect these processes. Today, it’s impossible for security teams to answer the most basic questions about their organization’s source code – Where are all of the copies of my source code stored? Which pieces of it are stored where? Who has access to it?”
Cycode, the first solution to address this security gap, intends to set the industry standard in source code protection. Cycode’s source code control, detection and response solution utilizes the startup’s patent-pending Source Path Intelligence Engine to deliver rapid, comprehensive and seamless visibility into an organization’s source code inventory. It quickly connects all of the organization’s source code management systems (SCM) and code repositories, cataloging source code inventory and the paths source code takes between users, devices and repositories during development and distribution across the extended enterprise.
Justin Somaini, former CSO of SAP, highlights the delicate balance the Cycode solution strikes: “Gaining visibility and control of your source code is a huge challenge. Being able to secure this important asset is critical, yet it can’t come at the cost of developers being able to do their jobs. The tools we use to manage source code today were built to help developers manage code, not secure it. Cycode gives IT Security teams comprehensive visibility into the inventory and movement of source code without integration headaches and without impacting developer productivity.”
Once implemented, the Cycode solution automatically detects and alerts organizations to anomalous access, movement and usage and allows responses through the execution of new security controls or by adjusting existing ones.