An Israeli startup that helps protect companies’ software supply chains from hackers has just emerged from stealth with $34 million in funding.
OX Security was founded less than a year ago to ensure components used to build software are not infected with viruses, malware or other threats.
It is already being used by over 30 leading companies to secure their software supply chains, including Kaltura, an online video platform for media companies and brands.
It has developed its “Pipeline Bill of Materials” (PBOM), which includes the code of the final product and the procedures and processes that impacted the software during its development. OX Security researched the root causes of over 70 software supply chain attacks from the past year, and designed the PBOM to contain the information that would have been needed to prevent them.
Software supply chain attacks are on the rise. In 2020, hackers broke into the systems of SolarWind, an American software developer for businesses, and added malicious code into its entire software.
For months, 18,000 of its customers were vulnerable to hackers that could spy on them, though the actual number of customers who were hacked was fewer than 100. Many of these companies are high-profile clients, including multiple agencies in the US government and Fortune 500 companies.
OX Security also scans which security tools are in use, verifies they’re all connected and operational, and determines if additional tools are necessary. It then presents any security issues that were found, prioritized by their business impact.
“Developers and DevOps (development and IT operations) make constant changes to the software supply chain, adding new tools, open source components and SaaS services,” said Neatsun Ziv, OX Security’s CEO and Co-Founder.
“The OX Security platform gives DevSecOps teams real-time, end-to-end visibility into all aspects that impact software through the entire pipeline, so they have the necessary context and control to ensure security.”
OX Security was founded by Neatsun Ziv and Lior Arzi, two executives of Check Point, a global provider of cybersecurity solutions for governments and corporations. The startup’s funding round was led by Evolution Equity Partners, Team8, and M12, Microsoft’s venture fund, with participation from Rain Capital.