SEATTLE, May 1, 2024
/PRNewswire/ -- StepSecurity, a leader in protecting CI/CD
pipelines and infrastructure, announced today the closing of
its $3 million seed funding round led
by Runtime Ventures, with participation from Inner Loop Capital,
SaaS Ventures, DeVC, and several notable industry leaders as angel
investors.
StepSecurity raises $3M seed funding to secure CI/CD pipelines for
open-source and enterprise
Founded two years ago by cybersecurity leaders Varun Sharma and Ashish Kurmi, StepSecurity has
rapidly gained traction within both the open-source community and
enterprise sectors.
Over 3,000 open-source projects, including those from the
Cybersecurity and Infrastructure Security Agency (CISA), Google,
Microsoft, Datadog, Kubernetes, Node, and Ruby, use StepSecurity to
harden their CI/CD pipelines. StepSecurity also recently detected a
CI/CD supply chain attack in a Google open-source project.
StepSecurity's enterprise tier continues to gain traction,
serving customers in high-tech, crypto, and healthcare
industries. "Enterprises typically have robust application and
cloud security solutions. However, CI/CD, the crucial link between
these two environments, remains unprotected," said Varun Sharma, CEO of StepSecurity. "We analyzed
past CI/CD security breaches and built our platform using a
first-principles approach."
Michael Sutton, General Partner
& Co-Founder at Runtime Ventures, commented, "Attackers have
learned not only that the CI/CD pipeline represents the weak link
in application security, but also that a successful supply chain
attack can deliver an exponential impact. Supply chain attacks such
as SolarWinds and Codecov impacted thousands of entities given the
broad usage of the vulnerable applications. Security leaders have
learned the hard way that CI/CD security can no longer be ignored,
and StepSecurity is at the forefront of this paradigm shift."
The urgency of securing CI/CD environments has never been
clearer due to recent high-profile security breaches. Several
incidents, such as XZ Utils and SolarWinds, originated in CI/CD. As
a result, the Center for Internet Security (CIS), Cybersecurity and
Infrastructure Security Agency (CISA), National Security Agency
(NSA), and National Institute of Standards and Technology (NIST)
have released guidance and benchmarks urging enterprises to harden
their CI/CD environments.
StepSecurity plans to use these funds to invest in its
open-source community and expand its enterprise offerings.
StepSecurity already supports GitHub Actions and plans to expand
its product to cover other CI/CD environments, such as GitLab CI,
Harness, and Azure DevOps. The company is also actively hiring
across engineering, sales, and marketing to support its growth.
For more information or to get started with StepSecurity, please
visit https://stepsecurity.io
CONTACT: Jaya Ramsinghani
Email: jaya@stepsecurity.io
View original
content:https://www.prnewswire.com/news-releases/stepsecurity-secures-3-million-seed-funding-to-protect-cicd-pipelines-302132073.html
SOURCE StepSecurity