Application security testing startup StackHawk Inc. said today it has raised $20.7 million in new funding for product development and building on what it says is its rapid growth.
Sapphire Ventures and Costanoa Ventures led the Series B round, with Foundry Group and high-value investors participating. Including the new funding, the company has raised $35.3 million to date.
Founded in 2019, StackHawk offers a service that makes application security testing part of software delivery. The company’s platform is designed to allow engineers more easily to find and fix application security bugs at any stage of software development.
StackHawk is seeking to address the issue where modern software development has shifted from quarterly releases to daily or hourly releases, incorporating continuous integration and continuous delivery. In areas such as financial technology, health tech, cloud analytics and artificial intelligence, customers are entrusting their most critical data to software providers, which can be risky.
StackHawk’s solution allows modern software development organizations to extend CI/CD to encompass continuous application and application programming interface security testing. This way, security vulnerabilities are detected while the developer is actively working on the code.
The company’s modern dynamic application security testing tests running applications, services and APIs for security that a team has introduced and exploitable open-source security bugs. StackHawk pitches the solution as “built for developers, trusted by security” by shifting application security “to the left,” meaning earlier in the application development process.
StackHawk’s service is also claimed to find and fix vulnerabilities faster. Vulnerabilities can be found at the pull request and developers can quickly push out fixes. The service works across various DevOps tools, with StackHawk recently announcing integration with Snyk Code.
StackHawk customers include Auth0 Inc., CloudBees Inc., DataRobot Inc., One Medical, Setsail, Firebolt Analytics Inc. and Wayflyer Ltd.
“In the current world we live in, security is more important than ever,” Joni Klippert (pictured) co-founder and chief executive of StackHawk, said in a statement. “Our prospects know they have a gap in how they approach security and recognize the need for what we do even before we speak with them.”
Klippert spoke with John Furrier, host of theCUBE, SiliconANGLE Media’s livestreaming studio, in January 2021, where she spoke about the “shift left” to debug critical code before software deployment.
“When we think about where security lives, it is either a blocker to deploying in production or it lives long after code has been deployed to production and there’s a security team constantly playing catch-up,” Klippert said in the interview. “They’re looking at it months after software has been deployed and then hurrying to assess where the bugs are and trying to get that back to software developers so they can fix those issues. Shifting left means software engineers are fighting those bugs as they are writing code or in the continuous integration/continuous delivery pipeline long before code has been deployed to production.”