Open-source software support company Tidelift Inc. today revealed that it has raised $27 million in new funding to improve open-source health and security.

Dorilton Ventures led the Series C round with Kaiser Permanente, Atlassian Ventures, General Catalyst and Foundry Group also participating. Including the new funding, Tidelift has raised $67 million to date, according to data from Crunchbase. Previous rounds include $25 million in January 2019 and $15 million in May 2018.

Founded in 2017, Tidelift assists organizations in effectively managing the open-source code behind modern applications. The company does so by providing tools, data and strategies to drive an organizationwide approach to improve the health and security of the open-source code powering applications.

Tidelift offers a subscription service that delivers customers enterprise-grade support. Unlike other commercial support subscriptions, Tidelift provides the service from their “maintainer partners,” a network of open-source maintainers that ensure the open-source supply chain meets enterprise standards.

The company’s service covers support for hundreds of open-source software packages across the JavaScript, Java, Python, PHP, .NET and Ruby language ecosystems.

In a blog post, Donald Fischer (pictured), co-founder and chief executive of Tidelift, argues that open-source software is so pervasive that it can become invisible.

“But software is a human artifact. People make it,” Fischer wrote. “In the case of the libraries, frameworks and packages that make up most of the code in modern applications, the overwhelming majority of the people behind that code never signed up to be part of some organization’s ‘software supply chain.'”

This is where Tidelift steps in with a solution that pays open-source maintainers to validate that their packages meet defined, production-ready standards comprehensively.

“Against a backdrop of increasing security threats and more stringent government software security standards, Tidelift is uniquely positioned to work with our open-source maintainer partners to help maximize the value organizations get from open-source while reducing risk,” Fischer said in a statement. “Our recent survey further supports this with findings showing 35% of respondents from large organizations believe open source software supply chain security is the most urgent issue for application development teams.”

Tidelift has found success with an expanding customer base, including Federal National Mortgage Association, Bloomberg L.P., Hughes Network Systems LLC, Adobe Inc., NASA Jet Propulsion Laboratory, IEEE, the U.S. Geological Survey and the U.S. Air Force.

In January, Fischer spoke with Dave Vellante, host of theCUBE, SiliconANGLE Media’s livestreaming studio. He discussed the state of open-source security and how Tidelift’s solution solves the issue for enterprise while simultaneously supporting the developer community:

Photo: SiliconANGLE