Everyone wants to talk about software supply chain risks these days, whether it’s security teams, developers, or government officials. No wonder VCs continue to build startups in this space despite the current economic climate. One of the newest members of this club is Arnica, a startup that takes a slightly broader view of supply chain security than most of its competitors and helps companies. The company announced today that it has raised $7 million in seed funding.
The round was led by Jule Ventures and First Race Venture Partners. A number of angel investors participated in this round, including Avi Shua (Founder and CEO of Orca Security), Dror David (Founder and CEO of Aqua Security) and Baruch Sadogursky (Head of Developer Relations at JFrog).
“As a former buyer of application security products, I tried more than a dozen solutions to secure my legacy company’s software supply chain, but came to a dead end. According to Nir Valtman, CEO and founder of Arnica, most products were expensive visibility dashboards driven by different definitions of “best practices.” “We decided to provide this visibility for free, to unlimited users forever. However, we went further and developed a comprehensive solution to not only identify risks based on historical and unusual behavior, but also to mitigate them. We do this by creating automated workflows that allow developers to be secure in the tools they already use with one click.” Using reduction.
The group argues that supply chain attacks succeed due to ineffective developer access management or failure to detect unusual identity or code behavior. So this is where arnica comes in. The behavior-based approach combines access management with a service that detects unusual developer behavior that may be the result of a breach.
“Each of our machine learning algorithms has thousands of features that identify the developer who wrote the pushed code,” Valtman explained. “When an anomaly is detected, a quick workflow begins with the developer to verify it in a simple and secure way. It is good not only for the company but also for the developers.
To avoid those misses, there’s also Secret Detect, a service that continuously monitors security and compliance, and tools to identify open source libraries used within an organization, which can compile a complete Software Bill of Materials (SBOM).
The company plans to use the new funding to accelerate its go-to-market and R&D efforts, while expanding its automated workflows and downsizing capabilities.
“Arnica’s agile, solution-oriented approach is a game changer for enterprise Div teams, adding value in a saturated market for security solutions,” said Brian Rosenzweig, partner at Jule Ventures. “Arnica goes beyond identifying security problems – every identified issue can be fixed with one click. This allows businesses to quickly protect their software supply chain from attacks, while behavior-based detection ensures it remains secure for the long term. Arnica’s proactive approach and advanced technology enable companies to avoid costly breaches without compromising efficiency.” It allows.