Socket Raises $20M in Series A Funding

USA
Published on By
socket

Socket, a San Francisco, CA-based startup that fights vulnerabilities and provides visibility, defense-in-depth, and proactive supply chain protection for JavaScript and Python dependencies, raised $20M in Series A funding round.

The round was led by Andreessen Horowitz (a16z), with participation from Abstract Ventures, Wndrco, Michael Ovitz, Arash Ferdowsi, Jawed Karim, Aaron Levie, Elad Gil, Dylan Field, Nat Friedman, Julia and Kevin Hartz, Guillermo Rauch, Freddy Kerrest, and Unusual Ventures.

Led by Founder/CEO Feross Aboukhadijeh, Socket provides a dependency management platform that uses “content-based analysis” to analyze dependency behavior and get understanding of open source risk.

The company is also announcing 3 new products, including:

  • Organization-wide Dependency Search
  • Support for Go ecosystem, in addition to JavaScript and Python
  • Socket Chrome Extension to verify that the open source package users are about to install is secure and trustworthy. It’s currently available for Chrome, Edge, Brave, and any other Chromium-based browser, as well as Firefox.

The new product announcements today join the list of significant features that Socket has introduced over the past few months to support developers and security teams throughout every stage of development. These include:

  • AI-Powered Threat Analysis with ChatGPT, to examine every open source package in real-time, identify security threats, and explain its findings.
  • Support for Python ecosystem, one of the most popular programming languages in the world.
  • “safe-npm”, a CLI tool that transparently wraps the npm command and protects developers from installing malware, risky dependencies, and enforces policies on allowed dependencies.
  • Socket Dependency Overview, which helps developers understand the risk of dependency changes with an in-depth pull request comment anytime a dependency is added, updated, or removed.

They have also shipped an organization dashboard, VSCode extension, SOC 2 compliance, and support for new package managers yarn and pnpm.

FinSMEs

01/08/2023