ChannelLife India - Industry insider news for technology resellers
Story image

Socket secures USD $40m series B to combat supply threats

Wed, 23rd Oct 2024

Socket, a security platform company, has announced the successful completion of a USD $40 million series B funding round to enhance its efforts in preventing software supply chain attacks.

With over 90% of modern applications relying on open-source software, security has become a crucial concern, as traditional Software Composition Analysis (SCA) tools face challenges in managing the increase in supply chain attacks. Socket aims to address this issue by proactively monitoring open-source packages for malicious behaviours such as backdoors, typo-squatting, and obfuscated code.

The funding round was led by Abstract Ventures with participation from notable investors including Elad Gil, Andreessen Horowitz (a16z), and angel investors such as Bret Taylor from OpenAI, Phil Venables of Google, and Tobias Lütke from Shopify, among others. This round brings Socket's total funding to USD $65 million, which will be utilised to improve security for open-source software and expand the company's team across engineering, product, and design sectors.

Feross Aboukhadijeh, Founder and CEO of Socket, stated, "We've seen incredible momentum over the past year. Our technology has made it possible for leading AI, B2B, and finance companies to switch from legacy SCA solutions like Snyk to Socket. We're not just catching vulnerabilities — we're detecting and blocking malicious threats in real time."

Socket's platform supports six programming languages, including Java and Ruby. It handles critical functionalities such as license enforcement and reachability analysis, making it a comprehensive alternative to older tools. Amjad Masad, Founder and CEO of Replit, remarked, "As generative AI drives unprecedented speed in software development, the risk of malicious or vulnerable packages slipping through is higher than ever. Socket provides preventative protection, catching threats before they can compromise organisations and enabling developers to innovate without sacrificing security."

Dev Akhawe, Head of Security at Figma, encouraged exploring Socket, "If you haven't explored Socket yet, now's the time."

Socket's advancements have enabled it to block over 100 software supply chain attacks weekly, contributing to its rapid growth, and now it protects over 7,500 organisations and 300,000 GitHub repositories. Ramtin Naimi, Founder and Managing Partner at Abstract Ventures, commented, "Socket is revolutionizing how companies secure their software. As organizations face increasing software supply chain threats, Socket's preventative and developer-friendly approach is exactly what's needed. Socket's ability to rip-and-replace legacy SCA tools has already made Socket the go-to solution for leading companies that want to massively up-level their application security. We're proud to lead their Series B and support them in their mission to make open-source software safer for everyone."

Elad Gil, an investor and Co-founder of Color Health, praised Socket's approach, "Socket is taking an entirely new approach to one of the hardest problems in security in a stagnant part of the industry. It's rare to see a team ship this fast and deliver such a meaningful impact."

The company plans to use the funds to accelerate product development and hire new team members to meet the growing demand for their security platform. "We're building a world-class team to tackle one of the most urgent challenges in software today," said Feross Aboukhadijeh.

Zane Lackey, General Partner at Andreessen Horowitz and Co-founder at Signal Sciences, also commented on the team's expertise: "This team knows how to build products that developers love, they understand security, and they're tackling an urgent problem for a community they've been part of for more than two decades."

As threats from supply chain attacks become more sophisticated, companies are urged to move beyond reactive security strategies. Socket's mission focuses on stopping these attacks before they can infiltrate organisations, providing developers and security teams with the confidence to concentrate on their core work—building exceptional products.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X