Trackd, an early stage startup founded by former NSA engineer Mike Starr, has secured $3.35 million in seed funding to build technology to automate the remediation of software vulnerabilities.
The company said the funding was led by Flybridge with additional investments from Lerer Hippeau, SaaS Ventures, and Expa.
Based in Reston, Virginia, Trackd is working on new technology to help tackle the vexing problem of vulnerability management and remediation. The company launched a beta product on Tuesday promising to help defenders apply patches without fear of disruption.
“The dirty little secret in the vulnerability remediation community is that fear of disruption due to patching… when patching broke things frequently,” Trackd chief executive Starr said in a note announcing the financing. “Times have changed, and only a very small percentage of patches cause disruption, but that perception and fear is difficult to overcome,” he added.
Starr said Trackd’s patch management platform records the experience of all patches applied by its users, anonymizes that data, and makes it available in real-time to all other users. If a patch is disruptive, that information is made available to other vulnerability remediation teams applying the same patch, allowing them to plan accordingly.
Conversely, if a patch is applied multiple times with no evidence of disruption, the teams responsible for vulnerability management can confidently use auto-patching to speed remediation with little to no impact on resources.
The company is currently working with design partners and beta customers on a platform that uses a lightweight agent to collect metadata about the operating system and all installed applications. The data is used to drive patching decisions and pinpoint any signs of disruptions or patch quality problems.
Related: VulnCheck Raises $3.2M Seed Round for Threat Intel
Related: Vulnerability Management Fatigue Fueled by Non-Exploitable Bugs
Related: CISA ‘Must Patch’ KEV List Puts Spotlight on Vuln Management Processes

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.
More from Ryan Naraine
- Oleria Scores $8M Seed Funding for ID Authentication Technology
- Aembit Scores $16.6M Seed Funding for Workload IAM Technology
- Project Zero: Samsung Mobile Chipsets Vulnerable to Baseband Code Execution Exploits
- Rapid7 Buys Anti-Ransomware Firm Minerva Labs for $38 Million
- Microsoft Pins Outlook Zero-Day Attacks on Russian Actor, Offers Detection Script
- Microsoft Warns of Outlook Zero-Day Exploitation, Patches 80 Security Vulns
- Adobe Warns of ‘Very Limited Attacks’ Exploiting ColdFusion Zero-Day
- Cloud Forensics Startup Mitiga Completes $45M Series A
Latest News
- Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager
- Zoom Paid Out $3.9 Million in Bug Bounties in 2022
- Oleria Scores $8M Seed Funding for ID Authentication Technology
- Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant
- News Analysis: UK Commits $3 Billion to Support National Quantum Strategy
- Malicious NuGet Packages Used to Target .NET Developers
- Google Pixel Vulnerability Allows Recovery of Cropped Screenshots
- Organizations Notified of Remotely Exploitable Vulnerabilities in Aveva HMI, SCADA Products
