Security Experts:

Connect with us

Hi, what are you looking for?


Application Security

Source Code Security Firm Cycode Launches With $4.6 Million in Funding

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cycode provides a platform designed for source code control, detection and response. The solution should help organizations concerned about the exposure of intellectual property (IP) found in source code. While the platform can be used by organizations in any industry, the startup says it can be particularly useful to entities in the financial, healthcare and high-tech sectors, for which their software represents a core component of their products and services.


Cycode claims it has no competitors as no other company provides solutions capable of protecting source code from every angle. The company believes source code cannot be fully protected with existing solutions, such as source code management (SCM), cloud access security broker (CASB), or data loss prevention tools.

Cycode’s Source Code Control, Detection and Response Platform is designed to address the challenges of securing source code that is increasingly distributed across the cloud and hosting services such as GitHub and BitBucket, and SCM products such as Microsoft’s Team Foundation Server.

Cycode’s platform can be quickly deployed by integrating it through an API with existing systems, such as Team Foundation Server, GitLab, BitBucket and GitHub. Once deployed, the solution should provide security teams visibility and control over the entire source code inventory to help prevent source code leaks, theft and manipulation, without having a negative impact on development.

The platform automatically monitors source code for suspicious access, path and usage behaviors, and users receive alerts and notifications in case an issue is detected. Security teams can use Cycode to quickly adjust SCM configurations and security controls in case of an incident. They can also set up alerts so that they are notified if their company’s source code is found on the public or dark web.

Cycode says its Source Code Control, Detection and Response Platform is currently available only to qualified customers, but it should become generally available in early 2020.

The company was founded by former Symantec security architect Lior Levy, who will serve as the company’s CEO, and researcher and serial entrepreneur Ronen Slavin, who will serve as CTO. It has secured $4.6 million in seed funding from YL Ventures, Mike Fey (CEO of D2iQ, and former president and COO of Symantec), Andy Grolnick (former president and CEO of LogRhythm), Justin Somaini (former CSO of SAP), and Eyal Gruner (founder and CEO of Cynet).

“Gaining visibility and control of your source code is a huge challenge,” said Somaini. “Being able to secure this important asset is critical, yet it can’t come at the cost of developers being able to do their jobs. The tools we use to manage source code today were built to help developers manage code, not secure it. Cycode gives IT Security teams comprehensive visibility into the inventory and movement of source code without integration headaches and without impacting developer productivity.”

Related: WhiteHat Security Launches New Software Testing Products

Related: Code Analysis Firm Semmle Launches With $21 Million in Funding

Related: Application Security Firm ShiftLeft Raises $20 Million

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.