January 18, 2024
Open-source libraries comprise the majority of software written today. Each of these relies on other libraries, creating a complicated tree of dependencies. Securing a software supply chain starts with understanding how these pieces are put together. It can be deceivingly difficult, as modern software development practices work to hide this complexity in favor of easy development.
Kusari was established to address this very problem, and today, I am delighted to share that we have raised $8 million through combined investments in Pre-Seed and Seed Round funding. With the investment, we will continue to develop tools that make it easier for organizations to understand modern software and identify costly vulnerabilities. By embedding transparency into the supply chain, we are helping organizations identify potential weak points and resolve issues faster, thereby maintaining trust with partners and minimizing risk.
The Kusari Difference
At Kusari, we don’t look at security in a vacuum. We believe in applying a holistic approach to security from the software engineering planning and build phases through to runtime in production.
We also understand the burden of security teams (we’ve been there ourselves), and we understand the frustration felt by developers. Security teams are overwhelmed by the amount of time and resources that go into a single vulnerability, let alone thousands, and developers want to be able to act quickly and not be held back by security concerns. This is why we are committed to helping organizations secure their development process by default, relieving the pressure on security teams and preventing workflow interruptions for developers.
Building on Momentum
In our first year, we have already achieved a significant milestone. We introduced and gained market validation for Graph for Understanding Artifact Composition (GUAC), an open source tool that addresses the lack of transparency problem by organizing software supply chain information into a knowledge graph. The project has 50 contributors and is supported by several industry-leading financial services and technology companies, including Yahoo!, Guidewire, Google, Microsoft, Red Hat, and ClearAlpha Technologies.
Our new funding reflects investor belief in Kusari’s ability to continue creating open-source tools and a hosted platform. In 2024, we will remain committed to open source and supporting GUAC’s community success. We will build on GUAC with solutions that enable organizations to achieve actionable insights, reduce incident response costs, and relieve the burden on security and developer teams.
The Kusari team is incredibly grateful to our investors, J2 Ventures, Glasswing Ventures, and Unusual Ventures, for recognizing our unique blend of team, technology, and significant user adoption, and the opportunity we have to be a market leader. We are thankful for our employees who continue to put their all into developing industry-leading software supply chain security tools. We are indebted to the community of users, contributors, and supporters of GUAC and open-source tools that improve supply chain security. And to our customers, thank you for your excitement, partnership, and early belief and trust in what Kusari can do for your security and developer teams’ threat prevention and remediation efforts.
The latest industry news, interviews, technologies, and resources.