Software security firm Socket lands $20m in a funding round

Socket

Socket, a software supply chain security firm, has successfully grabbed the attention of investors with a recent $20m funding raise. 

The company announced it has raised $20m in new financing. Leading the investment round were Andreessen Horowitz (a16z), with a notable equity investment from Abstract Ventures.

Socket, founded by open source developer Feross Aboukhadijeh, is developing a technology that utilises “content-based analysis” to examine the behaviour of software dependencies. This enables the detection and quick fixing of suspicious activities. The company’s innovative approach involves real-time monitoring of changes to software packages, aiming to prevent compromised or hijacked packages from entering the software supply chain.

The new funding is targeted at accelerating the development of Socket’s unique tools to detect and block software supply chain attacks proactively. Their product range includes tools to identify risky APIs, monitor changes in real-time, and block red flags in open source code, such as malware, typo-squatting, hidden code, misleading packages, and permission creep.

In addition to the main focus, Socket is also engaging AI-driven source code analysis, collaborating with ChatGPT to scrutinise npm and PyPI packages for red flags. The collaboration aims to use AI to summarise the findings and enhance the overall efficiency of the system.

Copyright © 2023 RegTech Analyst

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.