Argon, a new security startup aimed at securing the modern software delivery process, emerged Tuesday from stealth mode, offering what it calls the first unified security solution that protects all stages of the continuous integration/continuous delivery (CI/CD) pipeline and ensures the integrity of the software development lifecycle. The startup also said it has raised more than $4 million in initial funding.
"The massive effect of the SolarWinds' IT management software breach that began when hackers compromised one of its software updates, signaled the birth of a new cyberattack surface that organizations are not equipped to defend," said Eilon Elhadad, CEO and co-founder of the Israeli company. "Our solution provides full visibility into the development environment and protects our customers from bad actors who seek to plant malicious code or tamper with the native behavior and uptime of the applications."
Argon connects to the existing CI/CD pipelines via an agentless implementation and instantly maps the development environment, assets, and user activities. The solution prioritizes and automates remediation of alerts according to security best practices and compliance rules, ensuring zero trust deployment. Argon's code-tampering detection technology performs validity checks on every step of the CI/CD process to confirm no tampering has occurred, the company said.
"The way companies release software has evolved from a manual, controlled and timed process to one that is fully automated, distributed and complex," said Argon CTO and co-founder Eylam Milner. "Vendors deploy new code on a daily basis, and it's irrational for them to expect their DevOps and security teams to protect their release pipelines without a dedicated solution."
Both CEO Elhadad and CTO Milner are former leaders of security and engineering teams in the IDF.
The initial funding was led by Hyperwise Ventures, and joined by cybersecurity angel investors including Shlomo Kramer, the founder of Check Point, Imperva, and Cato Networks; Zohar Alon, founder of Dome9; Giora Yaron, chairman of Amdocs Technology Committee; Avery More, venture partner at Menlo Ventures; and Harel Kodesh, a former partner at Silver Lake.
Automated software delivery through a CI/CD pipeline process offers application developers a fast and efficient way to develop, build, test, and deploy new software. The CI/CD pipelines use a series of cloud and hosted services and open-source tools which open the organization's network to new environments where the source code is copied, moved and shared. Maintaining a strong security posture in a cloud-native environment requires security and DevOps personnel to have full visibility over the entire environment to mitigate risk, according to Argon.