Myrror Security, an Israeli company that works on application security for companies using open source packages, has come out of stealth today by announcing its $6 million in Seed funding. The round was led by Blumberg Capital and Entrée Capital and will help secure the Software Development Life Cycle (SDLC) process for companies amid a growing wave of software supply chain attacks that leverage open source dependencies and CI/CD pipelines.
The frequency of software supply chain attacks has rapidly increased, marking a 740% increase in 2022 compared to the first high-volume SolarWinds attack four years earlier. The most available vector for these attacks is through embedded open source components, typically as OSS (Open Source Software) makes up 70-90% of modern software. The Myrror Security platform united two essential pillars needed to manage threats in modern software supply chains: detection of malicious packages and CI/CD attacks and prioritization of known vulnerabilities.
“The integration of unverified open source components into the software development process creates a massive attack risk on the one hand and a large amount of false positives for security teams on the other,” explained Yoad Fekete, co-founder and CEO of Myrror Security. “Until now, there has not been a solution on the market that is able to tackle both of these problems effectively. We founded Myrror Security to help security teams protect their organizations from attacks and sort through their clutter of alerts before code goes into production, without requiring any technical behavior change.”
Myrror uses a Breach Detection solution, binary-to-source code analysis capabilities with AI matching techniques to detect known and unknown threats such as malicious packages or code or CI/CD breaches in real-time.
“The use of open source components such as third-party dependencies, tools and systems in application development has been an asset for developers who share and build on each other’s progress, but it comes with significant risks – especially in the form of supply chain attacks, the consequences of which spread well beyond the targeted organization,” added Zohar Alon, President of Myrror Security. “Myrror Security solves this pain by looking at the root of the SDLC security challenge with a cutting-edge binary-to-source analysis solution that is way ahead of the market .”
Headquartered in Tel Aviv, Myrror Security is backed by Blumberg Capital and Entrée Capital, as well as prominent cybersecurity entrepreneur Zohar Alon. In addition to the above services, it also provides comprehensive remediation plans to ensure that companies can quickly and efficiently secure their applications.