Application security firm ShiftLeft on Tuesday announced that it raised $20 million in a Series B funding round, which brings the total raised by the company to nearly $30 million.
The funding round was led by Thomvest Ventures, with participation from new investor SineWave Ventures and existing investors Bain Capital Ventures and Mayfield.
ShiftLeft says it plans on using the newly obtained funds to drive broader adoption of its solutions by expanding its product portfolio, application coverage, and sales and marketing initiatives.
ShiftLeft, which emerged from stealth mode in October 2017 with $9 million in funding, provides solutions designed to help developers identify vulnerabilities in their code and protect their applications.
The company’s products are powered by its Code Property Graph (CPG), a technology designed for quickly analyzing high volumes of source code in search of vulnerabilities. Its Inspect service provides static application security testing capabilities, while its flagship product, ShiftLeft Protect, combines source code analysis during development with protection against threats at runtime.
For code auditors, ShiftLeft has developed Ocular, which uses the CPG for custom queries that can help identify vulnerabilities while minimizing the possibility of false positives.
ShiftLeft also announced that it has created an advisory board of several prominent experts on security and development. The company has also appointed Jim Sortino, who previously held executive roles at Trend Micro and Dome9, as vice president of worldwide sales.
“I’ve seen organizations struggle through a reactive, threat-focused security posture, resulting in overworked security teams and frequent breaches,” said Enrique Salem, partner at Bain Capital Ventures and former CEO of Symantec. “Yet ShiftLeft gets at the root problem – vulnerable software – by automating the process of accurately and rapidly analyzing and plugging vulnerabilities in the applications themselves. It’s exciting to be an investor in a company that is meaningfully helping security teams by reducing the overall attack surface and providing direct root-cause insight for developers.”