May
13
2021
--

BluBracket nabs $12M Series A to expand source code security platform

BluBracket, an early-stage startup that focuses on keeping source code repositories secure, even in distributed environments, announced a $12 million Series A today.

Evolution Equity Partners led the round, with help from existing investors Unusual Ventures, Point72 Ventures, SignalFire and Firebolt Ventures. When combined with the $6.5 million seed round we reported on last year, the company has raised $19.5 million so far.

As you might imagine, being able to secure code in distributed environments came in quite handy when much of the technology world moved to work from home last year. BluBracket co-founder and COO Ajay Arora says that the pandemic forced many organizations to look carefully at how they secured their code base.

“So the anxiety organizations had about making sure their source code was secure and that it wasn’t leaking, from that standpoint that was a big tailwind for us. [With companies moving to a] completely remote development workforce, and with code being so important to their business as intellectual property, they needed to get that visibility into what vulnerabilities were there,” Arora explained.

Even prior to the pandemic, the company was finding they were gaining traction with developers and security pros by using a bottom up approach offering a free community version of the software. Having that free version as a top of the funnel for their sales motion was also helpful once COVID hit full force.

Today, Arora says the company has multiple thousands of developers, DevOps and SecOps users across dozens of organizations using the company’s suite of products. The big reference company right now is Priceline, but he says there are other big names that would prefer not to be public about it.

The company currently has 30 employees, with plans to double that by the end of the year, and he says that building diversity and inclusion into the hiring process is part of the company’s core values, and part of how the executive team gets measured.

“We’re big believers in putting our money where our mouth is and one of the OKRs for me and my co-founder [CEO Prakash Linga], or one of the things that we’re actually compensated for, is how well we are doing in building diversity and inclusion on the team,” he said. He adds that the recruiters that they are using are also being held to the same standard when it comes to providing a diverse set of candidates for open positions.

The company launched in 2018 and the founding team came from Vera, a startup that helped secure documents in motion. That company was sold to HelpSystems in December 2020 after Arora and Linga had left to start BluBracket.

Feb
19
2020
--

BluBracket scores $6.5M seed to help secure code in distributed environments

BluBracket, a new security startup from the folks who brought you Vera, came out of stealth today and announced a $6.5 million seed investment. Unusual Ventures led the round with participation by Point72 Ventures, SignalFire and Firebolt Ventures.

The company was launched by Ajay Arora and Prakash Linga, who until last year were CEO and CTO respectively at Vera, a security company that helps companies secure documents by having the security profile follow the document wherever it goes.

Arora says he and Linga are entrepreneurs at heart, and they were itching to start something new after more than five years at Vera. While Arora still sits on the Vera board, they decided to attack a new problem.

He says that the idea for BluBracket actually came out of conversations with Vera customers, who wanted something similar to Vera, except to protect code. “About 18-24 months ago, we started hearing from our customers, who were saying, ‘Hey you guys secure documents and files. What’s becoming really important for us is to be able to share code. Do you guys secure source code?’”

That was not a problem Vera was suited to solve, but it was a light bulb moment for Arora and Linga, who saw an opportunity and decided to seize it. Recognizing the way development teams operated has changed, they started BluBracket and developed a pair of products to handle the unique set of problems associated with a distributed set of developers working out of a Git repository — whether that’s GitHub, GitLab or BitBucket.

The first product is BluBracket CodeInsight, which is an auditing tool, available starting today. This tool gives companies full visibility into who has withdrawn the code from the Git repository. “Once they have a repo, and then developers clone it, we can help them understand what clones exist on what devices, what third parties have their code, and even be able to search open source projects for code that might have been pushed into open source. So we’re creating what we call a blueprint of where the enterprise code is,” Arora explained.

The second tool, BluBracket CodeSecure, which won’t be available until later in the year, is how you secure that code including the ability to classify code by level importance. Code tagged with the highest level of importance will have special status and companies can attach rules to it like that it can’t be distributed to an open source folder without explicit permission.

They believe the combination of these tools will enable companies to maintain control over the code, even in a distributed system. Arora says they have taken care to make sure that the system provides the needed security layer without affecting the operation of the continuous delivery pipeline.

“When you’re compiling or when you’re going from development to staging to production, in those cases because the code is sitting in Git, and the code itself has not been modified, BluBracket won’t break the chain,” he explained. If you tried to distribute special code outside the system, you might get a message that this requires authorization, depending on how the tags have been configured.

This is very early days for BluBracket, but the company takes its first steps as a startup this week and emerges from stealth next week at the RSA security conference in San Francisco. It will be participating in the RSA Sandbox competition for early security startups at the conference, as well.

Powered by WordPress | Theme: Aeros 2.0 by TheBuckmaker.com