New cybersecurity company BlueFlag Security today launched with $11.5 million in funding to assist in the development of its software development lifecycle security and governance platform.

Founded by Raj Mallempati and Ken Schneider, BlueFlag Security offers a multilayered defense platform that integrates identity security with open-source software risk management and developer tool posture management. The company’s vision is to create a secure, efficient and reliable development environment where identities are safeguarded as rigorously as the code and tools themselves.

Mallempati was previously the chief operating officer at CloudKnox Security Inc., a startup acquired by Microsoft Corp. in 2021, before taking the role of chief operating officer for cloud infrastructure entitlement management at Microsoft. He left Microsoft in July 2022 to found BlueFlag. Ken Schneider spent 15 years at Symantec, including as head of Symantec Ventures, before spending four years as the managing director of Precode Labs.

The pair founded BlueFlag to tackle the need for a holistic approach to SDLC security at a time of rising software supply chain attacks. They argue that traditional security approaches, which have primarily concentrated on safeguarding against risks in open-source software or developer tools, fail to address the most critical threat vector within the SDLC: developer identities, both human and machine.

BlueFlag Security addresses the risk of excessive permissions, poor identity hygiene and risky account behavior to change the narrative by addressing the importance of identity security while providing a unified risk perspective across the SDLC to prevent software supply chain attacks.

“Our mission is to provide developers with a clean, trustworthy environment,” said Chief Executive Officer Mallempat. “The BlueFlag platform doesn’t just add another layer of protection; it introduces a fundamentally different philosophy that places identity security at the heart of SDLC security and governance.”

The BlueFlag platform leverages artificial intelligence-driven insights and an identity-first approach to create a unified defense against emerging threats. The platform anticipates and effectively neutralizes threats before they escalate into breaches.

Key features include “continuous compliance with secure by design,” a proactive stance on detecting, prioritizing and mitigating threats within the SDLC to safeguard against software supply chain attacks from the ground up. The platform offers SDLC security beyond code through a security framework that extends protection across developer identities, tools, and code, offering a unified perspective on risk within the SDLC.

Using AI and a machine learning-powered identity intelligence framework, BlueFlag Security also provides enhanced risk mitigation and compliance automation, which the company claims will set new standards in identity security.

Maverick Ventures Inc. and Ten Eleven Ventures LLC led the $11. 5 million seed round, with Pier 88 Investment Partners LLC also participating.

Image: DALL-E 3