Feb
17
2021
--

Spectral raises $6.2M for its DevSecOps service

Tel Aviv-based Spectral is bringing its new DevSecOps code scanner out of stealth today and announcing a $6.2 million funding round. The startup’s programming language-agnostic service aims to automated code security development teams to help them detect potential security issues in their codebases and logs, for example. Those issues could be hardcoded API keys and other credentials, but also security misconfiguration and shadow IT assets.

The four-person founding team has a deep background in building AI, monitoring and security tools. CEO Dotan Nahum was a Chief Architect at Klarna and Conduit (now Como, though you may remember Conduit from its infamous toolbar that was later spun off), and the CTO at Como and HiredScore, for example. Other founders worked on building monitoring tools at Elastic and HP and on security at Akamai. As Nahum told me, the idea for Spectral came to him and co-founder and COO Idan Didi during their shared time at mobile application build Conduit/Como.

Image Credits: Spectral

“We basically stored certificates for every client that we had, so we could submit their apps to the various marketplaces,” Nahum told me of his experience at Counduit/Como. “That certificate really proves that you are who you are and it’s super sensitive. And at each point at these companies, I really didn’t have the right tools to actually make sure that we’re storing, handling, detecting [this information] and making sure that it doesn’t leak anywhere.”

Nahum decided to quit his current job and started to build a prototype to see if he could build a tool that could solve this problem (and his work on this prototype quickly discovered an issue at Slack). And as enterprises move from on-premises software to the cloud and to microservices and DevOps, the need for better DevSecOps tools is only increasing.

“The emphasis is to create a great developer experience,” Nahum noted. “Because that’s where we started from. We didn’t start as a top down cyber tool. We started as a modest DevOps friendly, developer-friendly tool.”

Image Credits: Spectral

One interesting aspect of Spectral’s approach, which uses a machine learning model to detect these breaches across programming languages, is that it also scans public-facing systems. On the backend, Spectral integrates with tools like Travis, Jenkins, CircleCI, Webpack, Gatsby and Netlify, but it can also monitor Slack, npm, maven and log providers — tools that most companies don’t really think about when they think about threat modeling.

“Our solution prevents security breaches on a daily basis,” said Spectral co-founder and COO Idan Didi. “The pain points we’re addressing resonate strongly across every company developing software, because as they evolve from own-code to glue-code to no-code approaches they allow their developers to gain more speed, but they also add on significant amounts of risk. Spectral lets developers be more productive while keeping the company secure.”

The company was founded in mid-2020, but it already has about 15 employees and counts a number of large publicly-listed companies among its customers.

Mar
08
2018
--

New DDoS extortions hit the Internet

 A 1.3 Tbps DDoS attack – essentially a massive torrent of data aimed at a single target – nearly took down network provider Akamai on March 1. While the attack itself is notable more interesting is what was hidden inside the attack itself.
The attack used a memcached exploit which is a legitimate service on many servers. The service is set to accept data, using the User Datagram… Read More

Feb
07
2018
--

Akamai has laid off 400 workers or 5 percent of global workforce

 Akamai, the Cambridge Massachusetts content delivery network and network services provider, announced they had laid off 400 people in their earnings call with analysts yesterday.
On the call, Akamai CEO Tom Leighton indicated that the 400 people represented 5 percent of the company’s 8000 worldwide workforce. “As part of our effort to improve operational efficiency, we reduced… Read More

Oct
04
2016
--

Akamai buys Soha Systems to add more security to its cloud networking business

cyber-security-data-sharing Consolidation continues to work its way through the world of enterprise startups. Today Akamai announced that it has acquired Soha Systems in an all-cash deal. Soha provides enterprise secure access as a service. Akamai is not disclosing the value of the deal, saying it was immaterial for the company. The news comes less than a week after Akamai announced that it acquired an… Read More

Feb
17
2016
--

New Akamai Tool Aims To Bring Bots Under Control

Green cartoon robot holding various colored wires. Akamai released a new Bot Manager tool today designed to give companies finely tuned control over Bot traffic on their websites.
The numbers vary, but research has shown that about half of traffic on the web comes from bots. Bots are small programs that interact with a website and can be used for good or ill, depending on your perspective, says Renny Shen, senior marketing manager for the… Read More

Powered by WordPress | Theme: Aeros 2.0 by TheBuckmaker.com