Israeli cybersecurity tech startup Scribe Security lands $7M in funding to protect software supply chain

The days of developing software from scratch are long gone. Over the past decades, the vast majority of developers today don’t develop software from the ground up but instead, rely on third-party resources when creating software.

By using pre-built software libraries and open source components, software engineers can expedite their software development and reduce production costs, bringing the end products to market faster. However, using these pre-built libraries comes with a price and is therefore subject to security vulnerability.

While we know that in the physical supply chain, a vulnerable component is enough to ruin the end product of a whole variety of devices it is placed in, the same holds true for software. Corrupted open source repositories and testing environments make software vulnerable to embedded spyware, ransomware, and worse, without the designer knowing. Now one Israeli cybersecurity tech startup is on a mission to address these challenges and provide end-to-end software supply chain security for enterprises.

Enter Scribe Security, a Tel Aviv, Israel-based provider of a SaaS platform founded by IDF cyber-warfare veterans to secure software across various supply chains. Software developers and their companies can now rely on Scribe to maintain integrity, authenticity, and their reputation anywhere their software is distributed.

Today, Scribe Security announced it raised more than $7 million in a seed round to help bring its end-to-end solution to a market that is thirsty for innovation in this domain. The round was led by Elron Ventures and joined by Tal Ventures, YYM Ventures, and others.

Scribe was founded in 2021 by cyber and cryptography experts CEO Rubi Arbel, CTO Daniel Nebenzahl, and VP R&D Guy Chernobrov. Arbel is a cyber expert, served as a senior commander in 8200, and was the former VP Aviation at Argus Cyber Security.

Chernobrov previously served as Chief Security Architect for Matzov – IDF’s defensive cyber center, led innovative cyber development projects, and was the IDF’s Liaison Officer to CERDEC, US Army. Nebenzahl Led the Matzov research division for 11 years, where he was responsible for the development of innovative cyber and cryptography technologies and played a major role in strategic national cyber initiatives.

In a statement, Scribe Co-founder & CEO, Rubi Arbel, said: “Attackers today are experts at identifying hidden opportunities in the software’s delivery life cycle. We protect against software supply chain attacks carried out by dependency manipulation, third-party software components, or during the code-delivery process.”

Scribe is developing an innovative platform tailored for the modern software development process. It allows organizations to develop, distribute, and maintain, code produced within the organization, while also verifying code components’ integrity, provenance, authenticity, and reputation. Their solution provides organizations with visibility and assurance of the entire software development life cycle from early design stages to final deployment.

“Cyberattacks on the software supply chain may be carried out by dependency manipulation, a third-party software component, or during the code-delivery process,” said Scribe Co-founder & CEO, Rubi Arbel. “Software supply chains have become an attractive attack vector for a wide range of threat actors. Experts predict that almost half of all organizations globally are likely to suffer from such attack consequences by 2025.”

Scribe’s platform allows for rapid deployment and easy use throughout the organization’s development process. This “shift left” approach will enable developers and DevOps teams to ensure that the software they are using and building is trustworthy. [At the same time, software vendors will be able to vouch for the integrity of the software and create trust on the part of their clients.]

“We believe that the threat to the organization’s software supply chain is steadily increasing,” said Zohar Rozenberg, Venture Partner at Elron Ventures. “While a growing percentage of the code is being developed outside the organization, the attack surface is highly complex. With no single entity that had visibility and the ability to secure the code end to end, this is a super complicated issue. We believe that Scribe is serving a market with huge potential and has the right team to take on this complex task.”