Kusari Raises $8 Million in Pre-Seed and Seed Funding
January 18, 2024

Kusari raised $8 million through combined investments in Pre-Seed and Seed Round funding.

The Seed Round was led by J2 Ventures and co-led by Glasswing Ventures with participation from Unusual Ventures, which previously invested $2 million in Pre-Seed funding.

Kusari was established in June 2022 to address the lack of transparency within the software supply chain and development lifecycle, which can lead to costly security vulnerabilities. Cybersecurity Ventures recently reported that the global annual cost of software supply chain attacks to businesses will reach $60 billion in 2025, and is expected to increase to $138 billion by 2031. Transparency into the software supply chain will allow organizations to identify potential weak points and resolve issues faster, helping them maintain trust with partners and minimize risk.

Kusari’s founders, Tim Miller, Michael Lieberman, and Parth Patel, are seasoned navigators of software supply chains with experience leading supply chain security and cloud engineering at Citi, Mitsubishi UFJ Financial Group (MUFG), Bridgewater Associates, and Raytheon. They have personally dealt with the complicated problem of securing software delivery while enabling developer productivity within highly regulated, security-conscious environments. The founding team provides technical leadership and guidance in the Open Source Security Foundation (OpenSSF), which brings together the industry's most important open source security initiatives and the individuals and companies that support them. The Kusari founders also have created many open source projects, including Graph for Understanding Artifact Composition (GUAC), which is supported by industry-leading financial services and technology companies, including Yahoo!, Guidewire, Google, Microsoft, Red Hat, and ClearAlpha Technologies.

Open source libraries comprise the majority of most software written today. Each relies on other libraries, creating a complicated tree of dependencies. Securing a software supply chain starts with understanding how each piece is put together. It can be deceivingly difficult for an organization to understand what this looks like, as modern software development practices work to hide this complexity in favor of easy development.

Kusari introduced and achieved market validation for GUAC in 2023 to address this specific problem. GUAC is an open source tool that addresses the lack of transparency by organizing software supply chain information, like software bills of materials (SBOMs), into a knowledge graph. The project has a diverse community of 50 contributors and has garnered 1.1k GitHub stars.

Kusari will use the funding to accelerate and build on its continued momentum in developing software supply chain security solutions that enable organizations to achieve actionable insights, reduce incident response costs, and relieve the burden on security and developer teams.

“Kusari’s blend of team, technology, and significant adoption, even at this early stage, position them to be a market leader. Our initial indication from government agencies for what they’re building revealed a massive commercial market. GUAC’s potential cannot be overstated,” said Jonathan Bronson, Ph.D., co-founder and Managing Partner of J2 Ventures.

"Code breaches are increasingly becoming a top priority for Chief Information Security Officers,” said Kleida Martiro, Partner, Glasswing Ventures. “In an era where software supply chain attacks are on the rise, the demand for stringent security measures has never been more critical. At the helm of Kusari, a team of seasoned industry veterans, including Tim, Michael, and Parth, are steering the company toward new heights. We are immensely proud of our investment in Kusari. Their unparalleled knowledge and innovative approach position them at the cutting edge, as they lead the charge in defining and delivering groundbreaking security solutions in this vital and evolving space.”

“Identifying where vulnerabilities lie in your software supply chain is complex and time-consuming. With the ever-increasing number of vulnerable packages discovered each year, organizations need a single source of truth about their code,” said Tim Miller, co-founder and CEO of Kusari. “Kusari will be that source of end-to-end transparency and will bring about insights for users to drive more secure outcomes for their organizations. Our focus is on helping users solve their very real security problems.”

Share this

Industry News

May 01, 2025

Check Point® Software Technologies Ltd.(link is external) announced that its Quantum Firewall Software R82 — the latest version of Check Point’s core network security software delivering advanced threat prevention and scalable policy management — has received Common Criteria EAL4+ certification, further reinforcing its position as a trusted security foundation for critical infrastructure, government, and defense organizations worldwide.

May 01, 2025

Postman announced full support for the Model Context Protocol (MCP), helping users build better AI Agents, faster.

May 01, 2025

Opsera announced new Advanced Security Dashboard capabilities available as an extension of Opsera's Unified Insights for GitHub Copilot.

May 01, 2025

Lineaje launched new capabilities including Lineaje agentic AI-powered self-healing agents that autonomously secure open-source software, source code and containers, Gold Open Source Packages and Gold Open Source Images that enable organizations to source trusted, pre-fixed open-source software, and a software crawling and analysis engine, SCA360, that discovers and contextualizes risks at all software development stages.

April 30, 2025

Lenses.io announced the release of Lenses 6.0, enabling organizations to modernize applications and systems with real-time data as AI adoption accelerates.

April 30, 2025

Sonata Software has achieved Amazon Web Services (AWS) DevOps Competency status.

April 29, 2025

vFunction® announced significant platform advancements that reduce complexity across the architectural spectrum and target the growing disconnect between development speed and architectural integrity.

April 29, 2025

Sonatype® introduced major enhancements to Repository Firewall that expand proactive malware protection across the enterprise — from developer workstations to the network edge.

April 29, 2025

Aqua Security introduced Secure AI, full lifecycle security from code to cloud to prompt.

April 29, 2025

Salt Security announced the launch of the Salt Model Context Protocol (MCP) Server, giving enterprise teams a novel access point of interaction with their API infrastructure, leveraging natural language and artificial intelligence (AI).

April 28, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of in-toto, a software supply chain security framework developed at the NYU Tandon School of Engineering.

April 28, 2025

SnapLogic announced the launch of its next-generation API management (APIM) solution, helping organizations accelerate their journey to a composable and agentic enterprise.

April 28, 2025

Apiiro announced Software Graph Visualization, an interactive map that enables users to visualize their software architectures across all components, vulnerabilities, toxic combinations, blast radius, data exposure and material changes in real time.

April 24, 2025

Check Point® Software Technologies Ltd.(link is external) and Illumio, the breach containment company, announced a strategic partnership to help organizations strengthen security and advance their Zero Trust posture.