JFrog introduced Project Pyrsia, an open-source software community initiative that utilizes blockchain technology to secure software packages (A.K.A Binaries) from vulnerabilities and malicious code.
Argon, a new security startup securing the modern software delivery process, emerged from stealth mode as an unified security solution that protects all stages of the the continuous integration/continuous delivery (CI/CD) pipeline and ensures the integrity of the software development lifecycle (SDLC).
"The massive effect of the SolarWinds' IT management software breach that began when hackers compromised one of its software updates, signaled the birth of a new cyberattack surface that organizations are not equipped to defend," said Eilon Elhadad, CEO, Argon. "Our solution provides full visibility into the development environment and protects our customers from bad actors who seek to plant malicious code or tamper with the native behaviour and uptime of the applications."
Automated software delivery through a CI/CD pipeline process offers application developers a fast and efficient way to develop, build, test, and deploy new software. The CI/CD pipelines use a series of cloud and hosted services and open-source tools which open the organization's network to new environments where the source code is copied, moved and shared. Maintaining a strong security posture in a cloud-native environment requires security and DevOps personnel to have full visibility over the entire environment to mitigate risk.
Argon seamlessly connects to the existing CI/CD pipelines via an agentless implementation and instantly maps the development environment, assets, and user activities. The solution prioritizes and automates remediation of alerts according to security best practices and compliance rules, ensuring zero trust deployment. Argon's code-tampering detection technology performs validity checks on every step of the CI/CD process to confirm no tampering has occurred.
"The way companies release software has evolved from a manual, controlled and timed process to one that is fully automated, distributed and complex," said Eylam Milner, CTO, Argon. "Vendors deploy new code on a daily basis, and it's irrational for them to expect their DevOps and security teams to protect their release pipelines without a dedicated solution."
Elhadad and Milner are both former leaders of security and engineering teams in the Israeli military. Eran Orzel, Chief Revenue Officer (CRO) has over 20 years of experience in sales leadership roles in cybersecurity and enterprise software. Prior to joining Argon, Eran held several roles at Check Point, most recently as the Global Head of Strategic Sales and Partnerships where he led and played a significant role in the rapid growth of Check Point's major business growth engines.
"Companies are accelerating the development processes using DevOps pipeline infrastructures and the trend is at its peak," said Orzel. "Consequently, the threats are growing stronger than ever, with dozens of incidents from code theft to code manipulation in the last six months alone."
Argon is launching with 15 employees after raising more than $4 million (USD) in initial funding led by Hyperwise Ventures.
"Bad actors are exploiting new weaknesses in the modern software delivery pipeline to gain access, leak data, and tamper with the product's source code," said Nathan Shuchami, Managing partner at Hyperwise Ventures. "Argon has developed an innovative solution that software-driven companies need in order to block those attacks and secure their customers and products."
Several high-profile cybersecurity angel investors have joined Hyperwise Ventures, including Shlomo Kramer, the founder of Check Point, Imperva, and Cato Networks; Zohar Alon, Founder of Dome9; Giora Yaron, chairman of Amdocs Technology Committee; Avery More, venture partner at Menlo Ventures; and Harel Kodesh, a former partner at Silver Lake.