New York City-based cybersecurity firm, Xeol, has successfully raised $3.2 million in Seed funding in a round led by Shield Capital. The funding round also saw participation from Y Combinator and 468 Capital. Xeol, emerging from stealth mode, is focused on addressing the critical issue of securing software supply chains, particularly in light of the rising number of cyber attacks against private enterprises’ software supply chains.

Software Supply Chain Security

Over the past three years, cyber attacks targeting software supply chains have witnessed a sevenfold increase. Xeol aims to address this pressing issue by securing software throughout its lifecycle, starting from the code repository and extending through the entire delivery process to end customers. The company emphasizes the need to secure software supply chains similar to how industrial supply chains are secured, especially with the expanding use of open-source software and widening attack surfaces.

Xeol’s strategy involves leveraging foundational standards like Software Bill of Materials (SBOM) and Supply-chain Levels for Software Artifacts (SLSA). These standards enable the company to delve deeper and provide more accurate assessments of supply chain risks, particularly related to outdated software.

Focus Areas and Achievements

One of Xeol’s key focuses is managing end-of-life software, especially when publishers no longer provide security patches. This aspect is crucial in preventing attackers from gaining access to vulnerable systems. The company has already achieved notable milestones, signing its first Fortune 500 customer within four months of its launch. For this customer, Xeol identified over 2,000 end-of-life software components, resulting in a 60% reduction in the company’s exposure.

Commenting on Xeol’s mission, ShiHan Wan, CEO of Xeol, highlighted the significance of addressing the software supply chain problem at a time when standards like SBOM and SLSA are gaining traction.

Mike Brown, a partner at SHIELD Capital and former Symantec CEO, emphasized Xeol’s role in building the next generation of protection for critical software that forms part of national infrastructure.

Xeol’s successful Seed funding round positions the company to strengthen its efforts in securing software supply chains, a critical component in safeguarding enterprises against the escalating threat landscape. With a focus on foundational standards and a clear commitment to addressing end-of-life software challenges, Xeol is poised to make significant contributions to enhancing cybersecurity in the software industry.

By Admin

Leave a Reply

Your email address will not be published. Required fields are marked *