UPDATED 12:51 EST / OCTOBER 13 2020

SECURITY

Code risk scanning startup Apiiro emerges from stealth with $35M round

Apiiro LLC, a new code security startup founded by Microsoft Corp. veterans, emerged from stealth mode morning this morning with $35 million in funding courtesy of Kleiner Perkins and Greylock.

Apiiro offers a software platform that companies can use to find security issues in their applications faster. Often, vulnerable code is only found after it’s released to production, which can create an opening for hackers. Apiiro’s platform promises to improve security by enabling enterprises to catch vulnerable code before it’s deployed and notify developers in time.

The Code Risk Platform, as the offering is called, works by plugging into the code management tools used by a company and creating an inventory of software development assets. This process allows the Apiiro’s algorithms to identify sensitive application components such as databases. When a developer changes part of an application, the Code Risk Platform analyze the modifications to determine if they may introduce a weakness into a sensitive component.

Apiiro can detect security issues such as weak encryption and interface elements that may be vulnerable to malware injection. It can also detect regulatory  compliance violations, like if an application processes customer information in a way that doesn’t fully meet the requirements set forth by GDPR. All these issues are flagged during the software development process, which allows developers to change vulnerable code early before it can become a more serious problem.

Besides looking at the code, Apiiro’s platform also evaluates developer behavior as part of how it identifies risks. The platform takes into account factors such as whether a piece of vulnerable code was written by a senior developer or a new hire when it determines the severity of problems.

Apiiro co-founders Idan Plotnik and Yonatan Eldar worked at Microsoft as engineering executives before launching the startup. Plotnik, Apiiro’s chief executive, had earlier founded Aorato, a hybrid cloud security startup that Microsoft acquired for a reported $200 million in 2014. 

The concept of embedding security scanning directly into the software development workflow has also been implemented in other forms. Snyk Inc., which raised funding at a unicorn valuation last month, provides a tool that can scan applications for vulnerable open-source components. Another startup called BluBracket Inc. picked up $6.2 million earlier this year for its code safety offering.

Code security tools are drawing interest because they not only improve application security but also boost developer productivity by freeing up time. Historically, code security reviews were conducted largely by hand, which created extra work for software teams and delayed product releases. Injecting automation into the workflow allows companies to pursue their application projects in a more time-efficient manner. 

Photo: Unsplash

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU