BluBracket, a new security startup by the people who brought you Vera, came out of hiding today and announced an investment of $ 6.5 million. Unusual ventures led the round with the participation of Point72 Ventures, SignalFire and Firebolt Ventures.
The company was created by Ajay Aurora and Prakash Linga, who until last year were CEO and CTO at Auroa, a security company that helps companies secure documents by following the security profile everywhere.
Aurora says he and Linga are entrepreneurs at heart and wanted to start something new with Vera after more than five years , While both are still sitting on the Vera board, they decided to tackle a new problem.
He says the BluBracket idea actually came from talking to Vera customers who wanted something similar to Vera, except to protect code. "About 18 to 24 months ago we heard from our customers who said," Hey you guys, back up documents and files. What is really important to us is the ability to share code. Do you save the source code? & # 39; "
That wasn't a problem Vera was for, but it was a moment of lightbulb for Aurora and Linga, who saw an opportunity and decided to take advantage of it. When they realized that the way the development teams were working, they started BluBracket and developed two products to solve the unique problems associated with a distributed group of developers working in a Git repository – be it GitHub, GitLab or BitBucket.
The first product is BluBracket CodeInsight, an auditing tool that is available today. This tool gives companies a complete view of who removed the code from the Git repository. “Once they have a repo and are then cloned by developers, we can help them understand which clones are on which devices, what third-party codes are available, and even search open source projects for code that may be in Open was moved source. So we're going to create a blueprint that has a company code in it, ”said Aurora.
The second tool, BluBracket CodeSecure, which will be available later in the year, is to secure this code, including the ability to classify code by importance level. Most important code has a special status and companies can attach rules to it so that it cannot be distributed to an open source folder without explicit permission.
They believe that the combination of these tools will enable companies to keep control of the code even in a distributed system. According to Aurora, they have made sure that the system provides the necessary security layer without affecting the operation of the pipeline for continuous delivery.
"If you compile or go from development to staging to production, BluBracket will not break the chain if the code is stored in Git and the code itself has not been changed," he said. If you have attempted to distribute special code outside of the system, a message may appear that this may require authorization depending on the configuration of the tags.
This is a very early day for BluBracket, but the company is taking its first steps as a startup this week as it is revealed at the RSA security conference in San Francisco. It will also participate in the RSA sandbox competition for early security startups at the conference.