Denver startup StackHawk just raised a $10 million Series A to help developers automatically find security flaws in their apps

  • Denver cybersecurity startup StackHawk has raised a $10 million Series A round led by Sapphire Ventures. 
  • Developer security is a booming vertical of cybersecurity with funding rounds this month from FOSSA and Apiiro and a $200 million round last month for Snyk. 
  • StackHawk's platform automatically checks developers' code for any errors or potential security vulnerabilities each time they make updates. 
  • CEO Joni Klippert says the developer community prizes transparency and community, and her company adopts the same approach.
  • Visit Business Insider's homepage for more stories.

Denver's StackHawk has raised a $10 million Series A round of funding round led by Sapphire Ventures, it announced Monday, making it the latest startup to emerge in the hot developer security sector which includes Snyk, FOSSA, and Apiiro. 

Rather than blocking threats or hunting down criminals, developer security seeks to prevent vulnerabilities in the first place. Instead of focusing constantly on "attackers" and "threats" like other areas of cybersecurity, firms in this segment discuss features, fixes, and clean code. 

While some of StackHawk's competitors do this by rounding up libraries of publicly available computer code to flag potential vulnerabilities, StackHawk works in parallel with developers, using automated computer programs to check for any security flaws every time they update their work. 

"When you're in the code, it's really easy to say 'Oh here's something new I'm working on,' rather than repairing a mistake that's already in production for something that was built six months ago," says CEO Joni Klippert, who previously held a vice president role at security giant Splunk. 

Klippert says she "found a home in this community of developers because of their values of transparency, observability, and collaboration."

In a cybersecurity industry known for its serious tone and focus on law enforcement and the military, Klippert says helping developers build safer code "provides a really nice opportunity for collaboration and learning that didn't exist before."

Helping developers in the moments that they're building products  is a much different mindset than catching their mistakes afterward, in what is often referred to in cybersecurity as "a post-mortem," a medical term for an autopsy. "We actually use that term in cybersecurity," Klippert says. "That just feels like blame."

Klippert, who went to college and built her professional network in Colorado, says the Rocky Mountains represent "a different quality of life that you get to provide your employees," which is in line with the constructive company mission. 

"A lot of my team are avid cyclists and mountain bikers and we really urge them to get outdoors and get some fresh air rather than huddle over their computers for 10 hours straight," she says. The ethos of safety and health "isn't just about the product: it is also about the company."

StackHawk is a small company now, with just 15 employees, but it is in a thriving part of cybersecurity in which Pitchbook expects to see "rapid growth" over "the next three years, largely driven by venture-backed startups," according to a report earlier this year.   

And StackHawk's approach of addressing issues as early as possible in development should resonate well with the developers building new apps, says an industry analyst at TAG Cyber, Katie Teitler, who believes "devs should feel instantly comfortable" with the product.

"Coming early into the development lifecycle is an attractive proposition, both for development life cycles and for security teams," said Teitler.

StackHawk has raised $14.6 million total, with this new funding adding to a $2.5 million seed round in March from investors Todd Vernon and Warren Adelman. The company declined to provide its new valuation, but PitchBook listed it as $14 million before the new $10 million round. The new round also included return seed backers Foundry Group, Costanoa Ventures, Flybridge Capital, and Matchstick Ventures. 

Lead investors Sapphire says StackHawk is primed to capture market share in the booming vertical. "With the rise of DevOps, companies have shifted to the frequent release of software and reliance on automation," said managing director at Sapphire, David Hartwig. "We believe that StackHawk has the product and the team in place."

Source: Read Full Article