Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

04:10 PM
Dark Reading Staff
Dark Reading Staff
Products and Releases

BluBracket Unveils Code Security Suite, Announces $6.5M In Seed Funding

Startup also selected as a finalist in the RSA Conference Innovation Sandbox Contest.

PALO ALTO, Calif.--BluBracket, the leader in securing code for the enterprise, today introduced its product suite, representing the industry’s first comprehensive security solution for code in the enterprise. As a testament to its early technical lead in an important new category, BluBracket has been selected as a finalist in the prestigious RSA Conference Innovation Sandbox Contest, an annual competition featuring the year’s most innovative and promising cybersecurity startups.

“Just as we’ve seen hackers exploit tools like email, they are now exploiting code and code sharing tools like GitHub. For many companies their intellectual property is now encased within code, not documents. Until now there hasn’t been a tool to secure code that doesn’t interfere with developers’ productivity,” said Prakash Linga, CEO of BluBracket. “We are thrilled that we’ve already been named as an innovator by the 2020 RSAC Sandbox committee. We believe our technology, team and customers put us ahead in an important category, and we look forward to solving this critical need for our customers.”

Additionally, BluBracket has raised a $6.5 million seed round lead by Unusual Ventures, with participation by Point72 Ventures, SignalFire and Firebolt Ventures.

“Code is more valuable and distributed than ever, yet the tools used for cloud-native, modern software development don’t have the insight or control today’s enterprise demands,” said John Vrionis, founder and partner at Unusual Ventures. “At Unusual, we look for authentic founders who drive innovation through technology. When we saw the BluBracket vision, combined with the team’s experience, our decision was an easy one. We look forward to accelerating their vision to transform this important new category in cybersecurity.”

The critical need for code security.

BluBracket secures today’s most valuable and vulnerable enterprise asset—code. The world now runs on software. BluBracket makes it safe.

Today’s digital environment is collaborative, open and complex—with developers using code management and sharing sites like GitHub and Stack Overflow and including open source in more than 90 percent of all new applications. Source code is too valuable of an asset to leave exposed, with security and engineering teams having no visibility into where corporate code has been cloned, exposed or stolen.

As this code makes it way to the cloud, security becomes even more challenging as hackers have noticed these coding environments are an open door into the enterprise, with scores of high-profile breaches stemming from code from Uber, AWS, Starbucks, Capital One and many more.

“Open source code and tools have taken over the software development lifecycle,” said Jim Zemlin, executive director of the Linux Foundation and board member at BluBracket. “We’ve seen tremendous innovation driven by these changes, but we’ve also seen traditional models and tools struggle to keep up with the pace set by developers and devops. Code security that respects developers’ productivity is a critical need for companies who see software as the foundation of their competitive advantage.”

BluBracket built for—and with—enterprise leaders.

BluBracket has partnered with dozens of CISOs and CTOs over the last year to design its product suite, giving it an advantage born from real-world expertise. These companies represent a cross section of industries including financial services, transportation, entertainment and media, and travel and hospitality.

  • “At Compass, we use technology to drive competitive advantage in everything we do,” said Bill Martiner, Head of Enterprise Technology at Compass Real Estate. “Securing code is a key piece of our security puzzle, and it’s clear BluBracket's vision delivers comprehensive security for the modern software development cycle. Code is valuable IP that must be protected, and I'm pleased to work with BluBracket on this important technical innovation.”
  • “In our business, more and more intellectual property and sensitive information is found in code, yet there are very few solutions in the marketplace designed to protect it,” said John Terrill, CISO of Point72 Asset Management. “BluBracket understands the challenge that companies like ours face and has built a unique platform to help us protect our data assets.”
  • “Source code is critical for our business, both in applications we write and in the infrastructure our technology runs on,” said John Visneski, Data Protection Officer at The Pokémon Company International. “We’re excited to work with BluBracket on this important solution that protects our valuable IP and our underlying systems. Code is only increasing in importance and in speed to deployment. BluBracket’s knowledge of both development and security has translated to a product that secures this important aspect of our business.”

Introducing the BluBracket Code Security Suite.

According to IDC, the devops tools market is forecast to reach $15 billion in 2023, driven by continued enterprise adoption of highly automated CI/CD, infrastructure provisioning and DevSecOps. These innovations have been a boon for speed and innovation, but they weren’t designed for security and security teams have scrambled to adjust.

BluBracket combines deep expertise in enterprise security with innovative and developer-friendly technology. Its BluBracket:CodeInsights and BluBracket:CodeSecure products give companies the key to unlock software innovation while protecting their enterprise infrastructure and valuable intellectual property.

With BluBracket, companies for the first time can:

  • Discover and classify code. Companies can run a BluPrint of their Git environments to understand where their code is and who has access to it. They can also classify their most critical code for detailed chain of custody information for any compliance or audit needs.
  • Detect and monitor your risks. BluBracket can detect secrets in code, misconfigurations and other risks and ensure that no sensitive passwords or tokens are being misappropriated, mishandled or misused.
  • Protect valuable code. All the visibility, alerting and remediation needed to take action and protect code investment from both insider and outsider code theft or unauthorized publishing to open source.
  • Enforce security policies. BluBracket bridges the gap between your security, development and devops teams by making security policies actionable and enforceable in your CICD pipeline.

Meet us at RSAC

BluBracket will be featured at the RSA Conference as one of the top ten finalists for the Sandbox Innovation Contest. On Monday, February 24, the finalists will present a three-minute pitch followed by a question-and-answer round as they battle on stage for the title of “Most Innovative Startup.”

BluBracket will also be exhibiting at RSA in the Early Stage Expo booth 27. To schedule a demo or talk to sales, please contact us at www.blubracket.com.

About BluBracket

Founded by security veterans and built alongside Fortune 500 security and engineering leaders, BluBracket is the first comprehensive security solution that makes code safe—so developers can innovate and collaborate, and security teams can sleep at night. Companies using BluBracket will be able to discover and secure their code environments while maintaining the innovation and speed they need to compete. BluBracket delivers security at the speed of code. More information can be found at www.blubracket.com.

The BluBracket logo and tagline are trademarks of BluBracket, Inc. Other trademarks may be trademarks of their respective owners.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/2/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-07-02
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
PUBLISHED: 2020-07-02
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.