Socket, a security-focused software company, announced that it has raised an additional $40 million in funding to enhance its efforts in securing the software supply chain. This brings the total raised by the company, which was founded in 2021, to $65 million. Socket’s main focus is developing a scanning mechanism that identifies security vulnerabilities in open-source software packages across six programming languages.
Founder and CEO Feross Aboukhadijeh emphasized the challenges of managing software dependencies in ecosystems like JavaScript/TypeScript, which rely heavily on third-party packages. He highlighted incidents where added dependencies created concerns over trust and security. Socket’s new tool, Socket Optimize, aims to address this by pruning unnecessary dependencies, giving developers more control over their software packages and minimizing security risks.
Socket’s technology is designed to detect and prevent more than 100 zero-day software supply chain attacks weekly. Aboukhadijeh explained that their approach involves expanding the number of data points their scanner uses to catch potential vulnerabilities. With the additional funding, Socket plans to continue improving its tools and capabilities to better protect the software supply chain.
Discover top stories in supply chain logistics news on The Supply Chain Report. For free tools related to international trade, visit ADAMftd.com.
#SupplyChainSecurity #SoftwareSupplyChain #OpenSourceSecurity #TechFunding #Cybersecurity
