Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybersecurity Funding

SourceClear Launches With Mission to ‘Redefine Security’ for Developers

SourceClear Raises $1.5M in Seed Funding from Investors, Including Frank Marshall and Box.com Chief Trust Officer

SourceClear Raises $1.5M in Seed Funding from Investors, Including Frank Marshall and Box.com Chief Trust Officer

SourceClear, a Seattle, Washington-based startup that is creating a software security platform for developers, announced on Tuesday that it has closed $1.5 million in seed funding that the company will use to support the launch of its SourceClear platform.

According to the company, its SourceClear platform is expected to be available in the coming weeks, and helps organizations identify which components they are using across their software portfolio, where they come from, what they do and which ones have security issues.

The platform integrates directly into development tools, features machine-learning capabilities and leverages big data analytics to help developers fix issues and stay protected against new threats.

SourceClear Report ScreenshotSourceClear’s Founder and CEO Mark Curphey founded OWASP, headed the software security program at Charles Schwab, led the information security tools team at Microsoft and was the Product Unit Manager for the Microsoft Developer Network (MSDN).

“Developers are literally the only people who can solve the epidemic in software security,” said Curphey. “Traditional security tools were built for security and IT people, and there has been poor adoption and high degrees of friction from developers. With the cloud, agile, open-source, mobile, devops, big-data, artificial intelligence and social platforms, developers are changing the world faster than ever before and security tools simply haven’t kept up. We are changing that. Developers love us, and our early funding is a strong vote of confidence in our vision.”

“Up to 80% of the source code in modern applications originates from reusable and open-source development frameworks and libraries,” the company explained. “Hackers have learned to analyze and exploit these components giving them access to far more data than hacking systems one-by-one. Hackers and governments are known to have modified open-source libraries which are then innocently installed by developers creating backdoors and vulnerabilities that can be exploited at will.”

SourceClear’s seed round, which the company said was over-subscribed, was led by a group of angel investors including Justin Somaini, Chief Trust Officer at Box.com; Frank J. Marshall, former VP of Engineering at Cisco Systems Inc.; Amos Michelson, Chairman of Kardium; and Mary Cirillo, board member at Thomson Reuters (TRI).

The company’s advisory board includes Somaini, privacy expert and author Siobhan MacDermott, CrowdStrike CEO and former McAfee global CTO George Kurtz, software security expert John Viega and user experience expert Charlie Claxton.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.