The software supply chain is threatened by various risks. According to a report As of 2024, the Ponemon Institute reported that more than 50% of organizations have experienced attacks on their software supply chain, with 54% of them reporting at least one incident in the past year.
Supply chain attacks often target third-party services or open source software that make up a company's IT infrastructure, potentially leading to serious financial consequences for the organization. According to a Study conducted by Juniper Research, it is estimated that cyberattacks on the supply chain could cause economic losses and damages worth close to 81 billion dollars globally by 2026. The White House has expressed its commitment to comprehensively addressing the problem of security in the software supply chain, openly recognizing it as an issue of National securityThe problem that arises is the need to implement a executive order to establish mitigation standards. The release of such an order is crucial to effectively addressing this issue.
The threat has led to a surge in demand for platforms that can identify (and ideally mitigate) attacks on a company's software supply chain. Today, the closing of a $20 million Series A funding round was announced for Lineage, a startup that has developed a platform for this purpose, whose name is a phonetic variant of “lineage” in English.
Lineaje was established in 2021 by Javed Hasan and Anand Revashetti with the purpose of creating tools to identify tampered software in an entity's supply chain, as well as to detect outdated open source software potentially exposed to security risks. The company, upon identifying a potential vulnerability, suggests possible solutions, if they exist, and warns about the implementation of those that may harm the functioning of the software.
According to Hasan, CEO of Lineaje, it is essential for organizations that are concerned about the risk their software poses to their entities and customers to focus on that risk and manage it. Lineaje, a company dedicated to discovering, managing and protecting software regardless of its origin, was created with this purpose.
Both Hasan and Revashetti come from a cybersecurity background, having held roles at organisations such as Symantec, McAfee and Norton. It was at McAfee that they met, with Revashetti being the lead architect on the team he was on.
According to Hasan, incidents targeting the software supply chain have seen a steady increase. After examining this area, it became clear that supply chain was positioned as one of the top three concerns for both CISOs and the US government.
The Lineage sector is in a competitive market with rivals such as Kusari, Ox Security, Chainguard, Dustico and Endor. Big technology companies as Google, Amazon and Microsoft are increasing their initiatives to strengthen the security of open source software.
One of the strategies that Lineaje employs to stand out is its commitment to defense. According to Hasan, the company has established a contract with the United States Air Force to support the Anti-terrorist program "Eagle Eyes", in addition to maintaining relationships with other unspecified federal agencies.
Public sector agencies face software supply chain challenges similar to those in the private sector. According to a report The US Department of Homeland Security, a cabinet-level agency in the United States, took months to address a vulnerability in Apache’s Log4j2 library, a Java logging tool. This was due in part to difficulties on the part of its security teams in locating vulnerable packages within their software environments.
According to Hasan, the profits generated by the Serie A Lineaje's investments, which have increased the total capital raised by the startup to $27 million, will be used to strengthen new customer acquisition strategies in the US public sector.
The individual stated that the Series A funding round will guarantee the company's funding until early 2027. He also mentioned that the previous year was the first year in which Lineaje generated revenue. The company currently has approximately 30 employees and plans to double its workforce by the end of the year.
The funding round was co-led by Prosperity7 Ventures, Neotribe and Hitachi, with support from Tenable Ventures, Carahsoft, Wipro Ventures, SecureOctane and AlumniVentures.