Deepfactor Secures $15M in Series A Funding to Deliver Modern AppSec for Cloud-Native Applications Powered by Continuous AppSec Observability
September 21, 2021 – San Jose, CA – Deepfactor, the leader in Continuous Application Security Testing (CAST), announced today it has raised a $15 million Series A funding round led by New York-based global private equity and venture capital firm Insight Partners. Insight is joined by all existing investors, including Emergent Ventures and Security Leadership Capital, as well as participation from the leading test automation company, Tricentis. With this round, Deepfactor has raised a total of $18.4 million to date.
‘Start-Left’ with a Next-Gen AppSec Platform Designed to Secure Applications at the Source
Since its launch in September 2020, Deepfactor empowers engineering teams by providing unprecedented runtime visibility and control over an application’s supply chain, security and compliance. The company will use the new funds to continue the development of its groundbreaking continuous AppSec observability platform, which automatically observes billions of live telemetry events in every thread/process/container to detect anomalies without making any code changes to the application. The company will further enhance its product functionality in key areas such as privacy, compliance, and CI/CD integration. In addition, Deepfactor plans to introduce a SaaS offering to complement the self-hosted version which is 100% architected for Kubernetes and can be deployed on EKS, AKS, GKE, EC2 or VMware.
“Enterprises are increasingly building cloud-native applications and need a state-of-the-art AppSec platform that delivers a new level of visibility into supply chain, security and compliance risks. We enable developers to ‘start left’ with a tool designed specifically for engineering so they can secure at the source,” said CEO and co-founder Kiran Kamity. “Given the vast resources and experience available from Insight Partners, we are absolutely thrilled to be working with them as we continue to redefine AppSec for an evolving industry.”
Josh Zelman, Vice President at Insight Partners noted, “Deepfactor is in the exciting new space converging between the software development lifecycle and application security. There is an immediate necessity for a developer-native observability solution for the application layer and the need to identify supply chain, security, privacy, and compliance risks at the beginning of and during development are more important now than ever. Deepfactor addresses that market need. Deepfactor presents an opportunity to invest in the future of software development, especially considering the platform benefits Engineering teams and the AppSec teams. Their management team has a history of success, and their technology is a game-changer in this important area.” Zelman will also join Deepfactor’s board.
With the push for digital transformation and the adoption of DevOps, CI/CD pipelines, Kubernetes, containers and the proliferation of cloud-native architectures, companies are releasing next-gen software applications faster with greater complexity and more areas to attack. This results in a significant increase in supply chain, security and compliance risks. AppSec teams are struggling to keep pace and need help from the engineering teams to make security part of the definition of ‘done’ before shipping to production. Deepfactor provides a single, purpose-built platform for today’s modern applications that delivers 360 degrees of visibility into the running application—something existing AppSec tools are unable to do—which makes Deepfactor the industry’s first continuous observability platform designed for engineering that enables AppSec at the speed of digital transformation. With Deepfactor, find and fix supply chain, security and compliance risks—in both in-house software applications and third-party components—throughout the DevOps pipeline.
“Deepfactor was created for developers by developers, so we understand the application security pain points, frustrations, and pressures Engineering teams feel every single day,” explained Mike Larkin, CTO and co-founder. “Our technology can be an SMB’s all-in-one application security solution, or it can bring deeper insights to an Enterprise’s existing SAST, SCA, and DAST toolset. Continuous observability is a critically needed capability to identify risks while the application is running. We give our customers the confidence to say they not only know what risks could exist, but they know what risks actually exist during runtime.”
Deepfactor’s modern AppSec platform delivers:
- Supply chain visibility with a software bill of materials (SBOM)
- Runtime security visibility by identifying system call risks, data risks and behavior risks
- Prioritization of vulnerable dependencies with reduced SCA alert volume using runtime intelligence
- Ability to enrich DAST scans all with high-fidelity alerts and actionable evidence
- Integrations with popular developer tools such as Jira, Jenkins, Slack, GitHub, GitLab, CircleCI, CloudBees, and more
Industry Perspectives on Series A Funding Round
“As the leading test automation platform, we at Tricentis, see the market for functional and performance testing tooling having strong synergies with the market for application security testing,” said Grigori Melnik, Chief Product Officer at Tricentis. “As we look at the developer population doubling over the next decade to 45 million and the number of cloud-native applications growing exponentially, we see a strong market need for a next-gen AppSec platform designed for such applications. Deepfactor’s unique observability-led approach to creating that modern AppSec platform is powerful and refreshing.”
Caleb Sima, Chief Security Officer at Robinhood also remarked, “Next-gen apps, especially Kubernetes apps, are the new normal, and these apps need a reimagined, contemporary AppSec tool. It’s incredible to see how easy it is to drop Deepfactor into a Kubernetes cluster for instant visibility into the application running on every pod.”
Deepfactor is the industry’s first continuous AppSec observability platform for cloud-native applications that enables Engineering teams to find and fix supply chain, security, privacy, and compliance risks in running applications—including 3rd party components—within the DevOps pipeline. In parallel, AppSec teams can establish governance and manage alert policies. With zero code changes, Deepfactor automatically observes billions of live telemetry events in every thread/process/container to detect anomalies during test, staging, and production. Customers receive unparalleled runtime insights, extraordinary visibility into the software supply chain, prioritized vulnerabilities with reduced SCA alert volume, enhanced DAST insights, and faster scans. ‘Start left’ and create and maintain secure and compliant applications at the source with Deepfactor. For more information, visit www.Deepfactor.io and follow us on LinkedIn and Twitter.
About Insight Partners
Insight Partners is a leading global venture capital and private equity firm investing in high-growth technology and software ScaleUp companies that are driving transformative change in their industries. Founded in 1995, Insight Partners has invested in more than 400 companies worldwide and has raised through a series of funds more than $30 billion in capital commitments. Insight’s mission is to find, fund, and work successfully with visionary executives, providing them with practical, hands-on software expertise to foster long-term success. Across its people and its portfolio, Insight encourages a culture around a belief that ScaleUp companies and growth create opportunity for all. For more information on Insight and all its investments, visit insightpartners.com or follow us on Twitter @insightpartners.