UPDATED 21:25 EDT / MAY 17 2023

SECURITY

Kubernetes and Sigstore founders launch new software supply chain company Stacklok

Kubernetes co-founder Craig McLuckie and Sigstore founder Luke Hinds today announced the launch of a new software supply chain company called Stacklok, after the company raised $17.5 million in venture capital funding ahead of its reveal.

Stacklok is pitched as giving the power of open-source security technologies access to developers so that they can secure software supply chains. The company is building open-source software that caters to an emerging need for developers to understand their open-source dependencies better and take control of their development practices.

In a lengthy blog post, McLuckie (pictured, right) highlights the need collectively to address the threats posed by advanced persistent threats to the software industry and the open-source community by emphasizing the importance of supply chain security. McLuckie suggests that the resolution lies in cryptography that ensures information privacy and integrity, although he does note that determining whether an entity is trustworthy remains challenging.

Stacklok builds on the success of Sigstore, founded by Hinds (left). It’s an open-source project to improve software supply chain security by enabling the easy adoption of cryptographic software signing, backed by transparency log technologies. Supported by organizations that include Google LLC, Red Hat Inc., GitHub Inc., Chainguard Inc. and Sonatype Inc., Sigstore captures crucial provenance during software creation and records it in a tamper-resistant ledger, allowing organizations to display their work transparently and adhere to policies.

“It is my belief that it is truly going to ‘take a village’ to address the deep challenges that are emerging to the open-source technologies that power the world and the proprietary technologies that power our industries,” McLuckie said in the blog post. “It is also my belief that the only way to make substantial, sustained progress against some of the deepest challenges in this space are through open-source collaboration.”

TechCrunch reported that Accel Partners LLC led the Series A round, with Madrona Venture Group LLC also participating. McLuckie was a former entrepreneur in residence at Accel and, in a nontraditional move, Stacklok skipped seed funding and went directly to a Series A round.

Photo: Stacklok

A message from John Furrier, co-founder of SiliconANGLE:

Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.

  • 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
  • 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.