Socket Acquires Coana To Build Out Its SCA Capabilities
Socket CEO and founder Feross Aboukhadijeh
Open-source software is changing the world, enabling developers to incorporate code already written by others into their own applications. But while this is a far more efficient and productive way to build new software, it also comes with risk – when developers pick up open-source code for their own use, they also pick up any vulnerabilities it may incorporate, potentially leaving their applications vulnerable to breaches and attacks.
Socket, which is today announcing the acquisition of the Danish cybersecurity start-up Coana, holds itself up as the solution to this problem. It's an expert in software composition analysis (SCA), the process of analysing the code underlying applications to find potential problems. Socket's tools enable software developers to scan all the code in an application, including open-source code, to identify security vulnerabilities so that these can be mitigated before any damage is done.
Forbes first profiled Socket last October, revealing that the company had raised $40 million of Series B funding from investors including Abstract Ventures and a16z. Today's announcement marks the next phase in the company's development, with Feross Aboukhadijeh, CEO and founder of Socket, arguing that the deal with Coana – for an undisclosed sum – will help it solve a pressing problem.
'Our tools are great at identifying the vulnerabilities that open-source code incorporates, but cybersecurity teams are struggling to get through the work this creates,' he explains. 'One of the biggest issues in cybersecurity today is alert fatigue – security professionals just can't cope with the number of issues they're now being alerted to.'
The downside to good SCA solutions such as Socket, Aboukhadijeh explains, is they can present cybersecurity teams with a huge list of vulnerabilities to mitigate. It's not always obvious which problems are most serious and, therefore, where teams should prioritise mitigation work. Really dangerous vulnerabilities may be left in place while much less pressing issues are dealt with. Overworked teams may even end up ignoring some alerts altogether.
Coana's 'reachability engine' is therefore a potentially valuable adjunct to Socket's SCA platform. It analyses vulnerabilities that have been picked up in order to identify the most concerning and to create a to-do list for the cybersecurity function. Less worrying issues and false positives – problems that are already mitigated elsewhere in the software – can then be left for a later date or even ignored altogether.
'We founded Coana to give developers a tool that finds 100 critical issues not 10,000 trivial ones,' explains Martin Torp, chief product officer at Coana. 'Together we'll deliver reachability analysis at a scale and impact that we could only dream of as a standalone product.'
It's certainly a growing market. Since its launch three years ago, Socket has build a client list spanning more than 8,500 customers. High-profile clients include Anthropic, Figma, OpenAI and Vercel, but the company also works with many small enterprises and start-up businesses. Aboukhadijeh says the company's revenues are on target to increase by 300% this year; its analysis suggests it is preventing more than 1,000 cyber attacks each week.
Last October's fundraising was an important step forward, enabling the business to consider strategic moves such as the Coana deal. Zane Lackey, general partner at a16z, argues that the acquisition will give Socket huge competitive advantage. 'Socket's approach to open source security is simply better – it's proactive, precise, and built for how modern teams work,' he says. 'The combination of Socket and Coana is the nail in the coffin for legacy SCA.'
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
New York Post
13 hours ago
- New York Post
New Manhattan homes for menswear stores Charles Tyrwhitt, Tom Ford
London-based menswear store Charles Tyrwhitt is moving from 437 Madison Ave. to RFR Realty's 477 Madison, doubling its space in the process. Tyrwhitt signed for 3,800 square at the East 51st Street corner. The deal was handled for the landlord by MONA, a retail brokerage backed by RFR's Aby Rosen. Cushman & Wakefield acted for the tenant. Charles Tywhitt has a half-dozen Manhattan locations. Advertisement The building's offices are mostly leased. Recent signings include for Treville Capital and Fiera Capital. 477 Madison Ave. will be the new home menswear store Charles Tyrwhitt. One more Park Avenue office address has filled up. Advertisement Tom Ford Fashion signed a 10-year, 11,118 square-foot lease at SL Green's 500 Park Ave., bringing the landmarked, 201,000 square-foot building at East 59th Street to 100% leased. Tom Ford Fashion has signed a 10-year lease for 500 Park Ave., above. Brian Zak/NY Post Advertisement Other office tenants include The Georgetown Company, Vera Wang and Friedland Properties. Furniture store FRATO's flagship showroom is the retail tenant. Meanwhile, the former Hammacher Schlemmer headquarters building at 145 E. 57th St. can also boast 100% occupancy. Data Science Innovators took 5,067 square feet, landlord ABS Partners announced. Danish furniture maker Carl Hansen & Son replaced Hammacher Schlemmer on the retail floors.
Business of Fashion
2 days ago
- Business of Fashion
How to Revive a Sleeping Beauty Watch Brand
The dormant Danish watch company Urban Jürgensen was 'resurrected' in Los Angeles on Thursday following a $25 million revamp that its US backers hope will land it a seat at luxury watchmaking's top table inside five years. Acquired by a group of investors led by the American Rosenfield family in 2021 for an undisclosed sum, Urban Jürgensen was originally founded in Copenhagen in 1773 and is revered by watch connoisseurs and collectors. But outside that bubble, the name is largely unknown. According to its co-chief executive Alex Rosenfield, the bubble needs to burst. 'We think that what we're making are watches that people who love and care about watches will love and care about, but the world of people who can enjoy what we're doing is much larger than that,' Rosenfield told the Business of Fashion. 'Too often, watch companies make you feel like if you don't understand the escapement, we don't want to talk to you. Our goal is absolutely the opposite. It has to be beyond the obsessives.' Rosenfield is new to the watch industry. Qualified as a lawyer, he held a number of brand strategy roles in media and fashion before joining Guggenheim Partners, the US investment and financial services firm, which says it has more than $345 billion of assets under management. Rosenfield's father Andy is the firm's president and also an avid watch collector, buying his first Urban Jürgensen watch in the 1990s. Rosenfield Sr, who will continue to advise the company, and his philanthropist wife Betty hosted the relaunch at their $33 million Brentwood mansion. Rosenfield, who is based in Los Angeles, said his family had never intended to buy a watch company but stepped in to acquire Urban Jürgensen after hearing it had fallen on hard times, so they could return it to 'people who will love it and push it forward.' Urban Jürgensen's latest campaign. (Casey Zhang) The Rosenfields, who are reported to own 85 percent of the company, have assembled an impressive cast list. The company's other co-chief executive is Kari Voutilainen, the Finnish watchmaker considered one of the finest talents of his generation. Voutilainen has a minority stake in Urban Jürgensen, as well as his own independent watch company, which makes around 60 pieces a year. Urban Jürgensen's brand identity was developed by Winkreative in London and Chandelier Creative in New York under Rosenfield's direction, with a launch campaign called Time Well Spent shot by Ellen von Unwerth, the award-winning fashion photographer and filmmaker. The company is set to follow the high-value, low-volume model set by many of today's most successful independent watch brands. According to Rosenfield, in its first year, Urban Jürgensen will produce around 70 watches. Three models were introduced at Thursday's launch, with prices ranging from around $115,000 for the UJ-2 to $410,000 for the UJ-1, which will be limited to 75 pieces. Each has a new mechanical movement designed in-house by Voutilainen and hand-finished and assembled at the company's Swiss facility in the city of Biel/Bienne, where watchmaking giant Omega is based. Currently, it employs 20 people, around half of them watchmakers. 'The idea is to bring the glory of the Urban Jürgensen of the 19th century back,' Voutilainen said, referring to a period when the company made watches for the Danish royal court. 'This is just the starting block. Our aim is to make Urban Jürgensen a new reference point in fine watchmaking.' The revival of Urban Jürgensen comes in a busy season of watch brand rebirths. The private equity-backed Swiss company Breitling has in recent years acquired Universal Genève and Gallet, two dormant brands now slated for a comeback next year. Last year, Silvercity Brands, a subsidiary of the Indian conglomerate KDDL, revived the 18th century company Favre-Leuba, while the US founding partner of the mergers and acquisitions firm Duffy & Sweeney, Michael Sweeney, reintroduced the American watch brand Benrus in April. Rosenfield said he believed the recent glut of acquisitions and relaunches of forgotten dial names was sign that luxury buyers want a human connection to their purchases. 'We're so estranged from work with our hands and hand-making and things that are human, and now I think we need this [these brands] more than we ever did,' he said. Initially, Urban Jürgensen watches will be sold direct to consumer. No pre-orders had been taken, according to Rosenfield, who said that in time his strategy allowed for a few 'pop-ups and offices that serve as showrooms' that would be 'places to entertain as much as to sell', a model that has proved successful for Audemars Piguet, which has more than doubled its revenues over the past decade through its network of laid-back AP House concepts. Voutilainen said the ambition was to grow to between 1,000 and 1,200 watches a year in five years, putting it in territory currently dominated by a small number of high-end independents such as F. P. Journe, which was founded in 1999 and is now thought to turn over more than $100 million a year, according to Morgan Stanley estimates. With backing from the Rosenfields and Voutilainen overseeing product development, experts said Urban Jürgensen would shake up the luxury watch industry, currently dominated by Swiss companies. 'This is the best revival of a watch company since A. Lange & Söhne in 1994,' said Wei Koh, founder of the watch media brand Revolution, referring to the German brand now owned by the Richemont Group. 'I hope the Swiss companies are looking over the Atlantic and asking themselves what just happened,' said Kristian Haagen, the Danish founder of Timegeeks and author of multiple books on watchmaking. 'There's something really good and refreshing about it, something extremely un-Swiss. The Rosenfields are extremely wealthy, but they also know their watches.' Co-founders Andy & Alex Rosenfield. (Madison McGaw/ Recent revivals of historic dial names suggest the omens are good. In 2015, the billionaire Scheufele family that owns Chopard introduced Ferdinand Berthoud, named after the 18th century watchmaker. The company has won a number of prestigious industry awards with its small-scale watches, including the Aiguille d'Or at the Grand Prix d'Horlogerie de Genève (GPHG) in 2016, widely viewed as the highest honour in fine watchmaking. It was followed the same year by Czapek & Cie, a name from the 19th century. It too has won a GPHG award and grown a client base with its short-batch collections of hand-finished mechanical watches. The luxury watch industry's current travails appeared not to concern Urban Jürgensen's new owners. While many watch businesses have reported declining sales and volumes over the past 18 months, the pain has been at the lower end of the market. 'At the higher price point, it's not that big a problem,' said Voutilainen. Rosenfield acknowledged that the industry was in better health than it is now when his family acquired the brand in 2021. 'The [relaunch] timing was not planned for this moment,' he said. 'But our view was, when the watches are ready, we'll introduce them. And that is now. There will always be a market for things that are beautiful and unique and made to the highest standard. It just has to be something people want.' He added that his family's investment in Urban Jürgensen was long-term. 'Our hope would be to never sell it,' he said. 'We want to pass it down through generations.'
Yahoo
3 days ago
- Yahoo
3 Terrible Companies To Lose $5 Billion in Federal Green Energy Loans
In the last days of the Biden administration, the Energy Department dolled out billions of dollars for politically favored green energy projects. The Trump administration is looking to claw this funding back. The Energy Department is getting ready to "cancel seven major loans and loan guarantees that had been conditionally approved under the Biden administration," reports Semafor. This action will cancel approximately $5 billion worth of funding for a transmission project by a New Jersey utility company, a loan program for low-income homeowners to install rooftop solar panels by Sunnova, and a Monolith Nebraska factory to produce low-carbon ammonia. The remaining four projects, which collectively received over $3 billion, include three battery factories and a plastics and recycling facility, which "were already previously cancelled by their companies because of other various headwinds," according to Semafor. The three active projects that will have their federal loans axed have faced their own share of problems. In September 2023, Sunnova received a $3 billion partial loan guarantee from the Energy Department's Loan Programs Office (LPO) for Project Hestia—a program that would make residential rooftop solar, battery storage, and virtual power plants "available to more American homeowners." Hestia was expected to provide loans to as many as 115,000 homeowners in the United States and Puerto Rico for these technologies, while creating "3,400 good-paying, high-quality American jobs." After receiving the federal loan, Sunnova came under fire for its alleged history of predatory practices and scamming elderly clients, which led to subsequent congressional scrutiny. In April, Sunnova began filing for bankruptcy. The company recently said it was no longer planning to use the programming funding and was working with the Energy Department to return the remaining guarantees. Monolith received a $953 million conditional loan guarantee from the LPO to accelerate its clean hydrogen and carbon utilization project in Nebraska. The company, which has received backing from BlackRock and NextEra Energy and was valued at over $1 billion in 2022, creates hydrogen fuel with renewable energy (which can be used to make ammonia in fertilizers) and carbon black. Despite the federal funding and private sector support, The Wall Street Journal reported in September 2024 that the company was "running short on cash and facing project delays." The third project facing the ax is New Jersey's Clean Energy Corridor, "a project to upgrade and expand transmission infrastructure to accommodate planned generation in New Jersey to meet growing electricity demand." Run by Jersey Central Power & Light Company, the project received a conditional loan guarantee of up to $716 million in January to support the state's goal of "introducing 11,000 MW of offshore wind-generated electricity by 2035." When First Energy, which owns Jersey Central, first announced the project in 2022, Danish energy company Orsted was planning two large wind projects off New Jersey's coast. The projects were canceled in 2023. Another New Jersey offshore wind project was recently halted after the Environmental Protection Agency rescinded the project's environmental permits. Despite these project cancellations and the LPO's history of questionable and risky investments, it does not appear that the office is going away soon; Energy Secretary Chris Wright recently told lawmakers that his agency would use the LPO to advance nuclear energy projects. Assuming Wright fully cuts billions of dollars worth of wasteful projects and narrows the agency's scope to only fund nuclear power projects, it's possible that the LPO's budget—which ballooned to over $400 billion under the Biden administration—could meaningfully shrink. Still, a meaningfully reduced budget is not enough. With the national deficit climbing to over $28 trillion in debt held by the public, taxpayers can no longer afford to support the federal government's fantasy that it should be a green bank. The post 3 Terrible Companies To Lose $5 Billion in Federal Green Energy Loans appeared first on Sign in to access your portfolio
