Concept: Cambridge, Massachusetts-based cybersecurity startup ReversingLabs has unveiled static analysis and file reputation services to combat the growing threat of software supply chain attacks. Its platform detects and analyzes file and binary-based threats on the web, mobile, email, cloud, and app development in industries such as software, financial services, defense, retail, and insurance.
Nature of Disruption: The “Titanium” engine, which harvests thousands of file types and continually monitors an index of over 10 billion files for potential risks, is an AI engine at the core of the ReversingLabs platform. The system translates “human-readable” indicators to classifications by unpacking files in the underlying object structure, down to embedded executables, libraries, documents, resources, and icons. Threat intelligence is provided to security analysts, who may use it to prioritize risks, and threat intelligence and hunting teams are given a workbench for deep file analysis, presumably allowing them to speed up investigations. The startup claims that the product’s attack surface is nuanced, and hence traditional approaches like source code scanning are insufficient.
Outlook: Several high-profile cases involving attackers attempting to infiltrate businesses through the software supply chain have occurred in the last year. The assaults emphasize the necessity for safeguards to ensure the integrity of software and its components throughout the development, deployment and adoption lifecycles. Even if you one does not have access to source code, ReversingLabs offers a proactive and transparent way to analyzing software risks. The startup has raised $56 million in a Series B funding round led by Crosspoint Capital Partners, with participation from ForgePoint Capital and Prelude. It plans to scale its sales and marketing efforts as it expands its global reach with the sum accumulated.