Phylum strengthens its mission to protect the software supply chains

Phylum strengthens its mission to protect the software supply chains ...

Phylum, a software supply chain security company, has raised $15 million in series A funding today. ClearSky is leading the round, with contributions from Atlassian Ventures, FirstIn, and industry-specific funds.

Several companies are developing standard and well-defined solutions that may be used as a reference for development teams. One of these companies is Phylum.

Aaron Bray, Louis Lang, and Peter Morgan have launched Phylum in 2020, despite an increase in open-source adoption and the associated dangers in the software supply chain. The company conceived Phylum with the goal premier of addressing the issues that remain unanswered when using traditional approaches.

ClearSky and Atlassian have agreed to cooperate in our goal of protecting the open-source ecosystem, thus organizations may continue to utilize open-source software''s benefits securely and efficiently, according to Peter Morgan, the founder and president of Phylum.

Modern software development

The combination of open source and devops makes it easier to use untrusted software via dependencies from unknown authors on the internet. This makes it more difficult for security teams to manage risk simultaneously.

The security quality approach in modern software development must undergo significant changes. Security specialists must customize their attention from features to individual modifications to fit into the development methodology. This transition may result in improved security quality, as well as regular feedback and improved compliance enforcement.

Phylum simplifies the identification of packages, analysing supply chain risk, and categorizing these risks into five areas, including: malware code, vulnerability, license, author, and engineering danger.

Phylum ingests and analyzes each package in an average time of only 11 minutes, completing risk analysis and malware detection to convict harmful packages. This method allows for the monthly classification and eradicatement of hundreds of unknown harmful packages.

The rise in supply chain component hacking has underscored the need to focus on more than just known software vulnerabilities. Phylums is committed to transforming the open-source risk management field here at ClearSky, according to Patrick Heim, a partner and CISO at ClearSky.

Future projections

With the release of version 2, Phylum''s clients are continuing to strengthen their go-to-market team and continue to develop new heuristics and machine learning algorithms to proactively identify hazards in open-source packages. This will be accomplished through the series A investment and the recent hiring of new chief revenue officer, Patrick Sheehan.

Phylum''s 200,000+ Atlassian cloud clients are expected to benefit, allowing them to focus on their projects rather than worrying about security concerns. According to Atlassian Ventures'' head, Phylum has benefited 200,000+ customers around the world.

You may also like: