Cycode Raises $20M to Revolutionize DevOps Security

Cycode Secures $20 Million Series A Funding to Enhance DevOps Pipeline Security

Cycode, an Israeli cybersecurity startup focused on safeguarding DevOps pipelines and preventing unauthorized code modifications, has announced the successful completion of a $20 million Series A funding round. The investment was spearheaded by Insight Partners, with participation from existing seed investor YL Ventures. This latest funding brings the company’s total raised capital to $24.6 million.

Expanding Scope Beyond Source Code

Initially concentrating on securing source code, Cycode has broadened its capabilities to encompass the growing trend of infrastructure as code (IaC) and policies as code. The platform’s design ensures it remains adaptable, functioning independently of specific programming languages or application scenarios. For Cycode, the fundamental unit of security is simply code itself.

According to Ronen Slavin, Cycode’s CTO and co-founder, the increasing reliance on “everything as code” presents a unique opportunity. Code repositories are evolving into a definitive record of operational configurations and system functionality. Therefore, verifying alignment between code and actual operation is crucial, and any discrepancies warrant immediate investigation.

Cycode Dashboard. Image Credits: Cycode

Comprehensive Pipeline Protection

Currently, Cycode offers tools for code governance, leak detection, secret detection, and access management. The company recently augmented its offerings to include security features for infrastructure-defining code. Future development plans include functionalities such as drift detection, integrity monitoring, and intelligent alert prioritization.

Lior Levy, CEO and co-founder of Cycode, emphasized the company’s mission: “Cycode is dedicated to protecting the entire CI/CD pipeline – the development infrastructure – comprehensively, from code inception to cloud deployment.”

Addressing Siloed Security Solutions

Existing security solutions often operate in isolation, mirroring the historically fragmented nature of DevOps stages. This compartmentalization hinders a holistic view of the pipeline. As Levy explained, this results in a deluge of alerts, exacerbating the problem by consuming valuable time on inconsequential issues.

Cycode aims to dismantle these silos by integrating data from across a company’s CI/CD infrastructure, beginning with the source code. This integration enables proactive issue identification early in the software development lifecycle. The platform currently supports integrations with services like GitHub, GitLab, Bitbucket, and Jenkins, and plans to incorporate data from third-party security tools such as Snyk and Checkmarx later this year.

Industry Validation and Future Growth

Jon Rosenbaum, principal at Insight Partners, who will be joining Cycode’s board of directors, stated, “The protection of CI/CD tools like GitHub, Jenkins and AWS represents a significant security gap for most enterprises.” He further added, “Cycode secures CI/CD pipelines in a streamlined, developer-friendly manner, positioning it as a leader among the new generation of application security companies that are expanding the market with solutions that secure every release without impeding development speed.”

The newly acquired funding will be allocated to accelerating research and development, as well as expanding the sales and marketing teams. Levy and Slavin anticipate growing the company to approximately 65 employees this year, with the development team based in Israel and sales and marketing operations in the U.S.