Enterprises’ code repositories contain trade secrets such as self-driving car algorithms that represent a valuable target for hackers. But protecting source code is difficult in a big company because files are often scattered among multiple locations and accessible by a large number of developers. 

Cycode Ltd. is taking it upon itself to address the challenge. The Tel Aviv-based startup exited stealth mode today with $4.6 million in funding and a security platform built for the specific purpose of protecting companies’ source code.

Cycode claims it’s filling a gap in the market. There are many existing software products for protecting intellectual property such as documents, but according to the startup, they don’t address the unique characteristics of source code. At the root of the challenge is that figuring out if a software component is being misused requires knowing the work habits of the developers who wrote it.

“Organizations today depend on development teams composed of local and remote employees, contract developers and other third parties working across on-premise and cloud source control management systems,” said Cycode Chief Executive Officer Lior Levy (pictured, right, next to co-founder Ronen Slavin.)  “Unfortunately, security teams lack the visibility and control they need to protect these processes.”

Cycode’s platform plugs into a company’s code management systems to understand how internal software teams operate. From there, the platform keeps an eye out for odd access requests and other unusual activity that breaks from the developers’ normal work patterns. Events such as an attempt to download code onto an unknown device trigger alerts to the security team.

The platform can detect more elusive breaches as well. Cycode is capable of spotting if a user attempts to manipulate a software component, as well as identify cases when company code shows up on the dark web or is unintentionally left on a publicly accessible system.

The startup’s pitch has won it the support of some notable investors. Cycode’s backers include prolific cybersecurity fund YL Ventures, former SAP SE Chief Security Officer Justin Somaini, former Symantec Corp. president Mike Fey and Andy Grolnick, who most recently served as the CEO of LogRhythm Inc.

Cycode plans to make its code security platform generally available early next year.

Photo: Cycode