Crosspoint Capital Partners announced that it led a Series B investment in ReversingLabs (the “Company”), a provider of technology to protect software producers and enterprise software buyers against the threat of software supply chain attacks. Joining Crosspoint is existing investor ForgePoint Capital along with new investor Prelude, a Mercato Partners fund. Terms were not disclosed.
With the rise in sophisticated software supply chain cyberattacks such as implants, ReversingLabs offers the ability to assess the integrity of binaries, their constituent components and software build processes with the speed, accuracy and scale required for today’s digital enterprises. ReversingLabs has become an essential security solution for some of the world’s largest enterprises across the software, financial services, defense, retail and insurance verticals.
The Company’s products leverage a large and growing repository of malware, software implant samples and tradecraft patterns to identify even the most sophisticated attempts to manipulate build processes, software binaries and dynamically loaded modules in modern software.
“The level of sophistication and complexity in today’s cybersecurity attacks means that enterprises can no longer assume that software products from their providers are safe,” said Dr. Hugh Thompson, Managing Partner at Crosspoint.
“ReversingLabs provides a proactive and transparent approach to understanding the threats that exist within software even in cases where you don’t have access to source code. We believe scalable software inspection and validation processes are essential to software integrity, and we are excited to partner with ReversingLabs as they help enterprises defend against advanced software supply chain attacks.”
“We are thrilled to partner with Crosspoint, a firm that brings deep sector knowledge and expertise in cybersecurity,” said Mario Vuksan, CEO and Co-Founder of ReversingLabs.
“Business leaders have become increasingly aware of the cyber risks associated with software vulnerabilities in their organizations. With Crosspoint’s support, I believe we can accelerate our work helping firms detect and prevent software threats that can materially impact them.”
Over the past year, there have been several high-profile incidents where attackers have attempted to compromise enterprises through the software supply chain. These attacks highlight the need for a new breed of controls that can help validate the integrity of software and its constituent components through the entire development, deployment and adoption lifecycle.
“As an element of our Secure By Design initiatives, we’ve applied maximum attention to protecting the integrity of our software development and deployment pipeline from even the most determined and sophisticated attackers,” said Sudhakar Ramakrishna, President and CEO of SolarWinds. “We are working to help establish new standards for secure software development in the industry and ReversingLabs has since become an important part of our overall efforts.”
The impact and prevalence of software supply chain attacks has elevated this issue to the highest levels of business and government. On May 12, 2021, President Biden introduced an Executive Order on Improving the Nation’s Cybersecurity that specifically addresses software supply chain risk. This order covers mechanisms to assess the integrity of the software supply chain, including analysis of Software Bills of Materials (SBOM).
“We cannot afford to simply assume that the packaged software we bring into government agencies and enterprises is secure,” said Dr. John Zangardi, former CIO of the United States Department of Homeland Security and acting Department of Defense CIO. “Tools like the ones made by ReversingLabs will be a critical part of managing software assurance and assessing the security, integrity and composition of the software supply chain.”
Greg Clark, Managing Partner at Crosspoint, adds that “every organization, whether an ISV developing software or an enterprise procuring or using software, needs controls to manage the software supply chain attack surface and thwart the very real risk of tampering. This attack surface is nuanced, and traditional approaches like source code scanning are insufficient. Every part of the code, compile, build and deploy cycle needs to be checked. ReversingLabs is a great ally in the fight against these threats. Their solution is unique, very hard to replicate and immensely valuable.”
Crosspoint’s investment will primarily be used to scale ReversingLabs’ sales and marketing efforts as it extends its leadership position in software integrity. The Company was recently named a 2021 Top 10 Black Unicorn. The award, which honors cybersecurity companies with a potential market value of $1 billion, recognized the new ReversingLabs Software Assurance Service. In addition, Mario Vuksan was named a Top 10 Cyber Security Expert for 2021.