Code security scanner creator Spectral announces $6.2M in funding

by Emma


Israeli DevSecOps startup Spectral today announced $6.2 million in funding for its developer-first code security scanner. The seed round was led by Amiti and MizMaa, according to the company’s announcement.

“Scanning tools today take long minutes or even hours to run in a given pipeline,” said Dotan Nahum, co-founder and CEO of Spectral. “Developers just don’t have that kind of time, or the funds,” he explained in the announcement, noting that many providers of continuous integration solutions meter activity by the minute. “Some developers are so overwhelmed by slow, irrelevant and non-intuitive results that they stop using scanners altogether,” Nahum said.

According to the company, Spectral’s platform is a developer-facing solution that the company said monitors, crawls and protects organizations by discovering developer-facing systems such as Slack, npm, maven and logs, which often are not included in an organization’s threat modeling.

“We observe that with so many tech stacks, SaaS vendors and integrations, mistakes in private repositories end up appearing in public repos too,” Nahum said. “It’s these things — the things you don’t know that you don’t know about — that really keep you up at night.” Spectral, he noted, provides insights into these “blind spots.” Among those integrations are Travis, Jenkins and CircleCI, and the frameworks and products such as Webpack, Gatsby, Netlify and more, the company announced.

Its detectors, using machine learning-based analysis, can also scan any programming language, config files and other assets. Further, users can build their own custom detectors using SPEQL, a purpose-built query language, Spectral said.

“The pain points we’re addressing resonate strongly across every company developing software, because as they evolve from own-code to glue-code to no-code approaches, they allow developers to gain more speed, but they also add on significant amounts of risk,” Spectral co-founder and COO Idan Didi said. “Spectral lets developers be more productive while keeping the company secure.”

 



Source link

Related Posts

Leave a Comment