Software supply chain startup NetRise Inc. announced today that it has raised $10 million in new funding to accelerate its mission to address the critical security gap in detecting and responding to software supply chain risk.

Founded in 2020, NetRise specializes in software supply chain security with a platform that provides visibility into firmware and software components and allows organizations to identify and mitigate risks within their software ecosystems. The platform offers insights that traditional source code analysis might overlook to deliver a more thorough assessment of potential vulnerabilities.

The company’s core offering is focused on software bill of materials or SBOM management, with a platform that can generate, ingest and enrich SBOMs to provide a detailed inventory of software components. Doing so gives organizations the ability to understand the composition of their software, track dependencies and identify known vulnerabilities.

NetRise platform supports standard SBOM formats such as SPDX and CycloneDX, which help with the integration with existing tools and processes.

The company’s platform also offers continuous monitoring of software components, scanning various threat intelligence sources, including the National Vulnerability Database and the Cybersecurity and Infrastructure Agency’s Known Exploited Vulnerabilities catalog, to detect emerging threats. The result is that organizations are alerted to potential risks and allows for timely remediation.

Additionally, NetRise’s platform includes an artificial intelligence-powered tool called NetRise Trace that features advanced querying capabilities. The tool allows users to perform natural language searches across their software inventory, making it easier to locate specific components or vulnerabilities.

DNX Ventures led the growth funding round with participation by existing investors Miramar Digital Ventures, Sorenson Capital Partners LP, Squadra Ventures and Talons Ventures.

“More and more, depending on vendors, software libraries and compiled code is the norm and hackers know it,” said John Stewart, president of Talons Ventures and former Cisco Systems Inc. chief security and trust officer. “NetRise’s focus on identifying weaknesses and vulnerabilities within compiled code brings the critical needed insight into embedded and firmware-based systems.”

The new funding takes NetRise’s total funding to $24.8 million. Previous funding rounds include $8 million raised in April 2023.

Image: NetRise