Croatian security solutions company ReversingLabs announced earlier this month that it has secured a €48M Series B investment, led by Crosspoint Capital Partners, a private equity firm focused on the cybersecurity, privacy, and infrastructure software markets.
ReversingLabs, founded in 2009, specializes in threat detection solutions in the software supply chain, as it protects software developers and enterprise users who purchase software solutions to prevent attacks throughout the process.
Supply chain attacks on the rise during the last 12 month
A supply chain refers to the ecosystem of processes and distributors involved in the creation and delivery of a final solution or product. In cybersecurity, a supply chain includes hardware and software, cloud or local storage and distribution mechanisms, and management software.
A cyberattack on the supply chain usually aims to damage an organization by targeting less-secure elements in the supply chain.
According to the company’s co-founder and CEO, Mario Vuksan, the rise in supply chain attack sophistication has gone to another level in the last year.
“ReversingLabs has been at the forefront of detecting and analyzing threats and tampering activity in software. Whether it was Shadowhammer in 2019, SunBurst in 2020, or the recent NPM Chrome password threat in 2021, ReversingLabs has made major contributions in educating the broader cybersecurity community by detecting and analyzing how supply chain threats have evolved and how these attackers have begun to take advantage of the security gaps in the application security toolchain,” Vuksan said in a statement, addressing the latest investment in his company.
“We believe scalable software inspection and validation processes are essential to software integrity and we are excited to partner with ReversingLabs as they help enterprises defend against advanced software supply chain attacks,” Hugh Thompson, Managing Partner at Crosspoint, said in a press release.
According to a report from the European Union Agency for Cybersecurity (ENISA), supply chain attacks are now expected to multiply by four times in 2021, compared to 2020.
Attack techniques include malware infection and social engineering
Some of the techniques, which are used to attack a supplier in the chain, include malware infection, social engineering, exploiting software vulnerability, or open-source intelligence (OSINT).
The SolarWinds hack that happened at the end of last year was one of the most notorious and damaging supply chain attacks that happened recently. It was described by Microsoft’s president Brad Smith as the “largest and most sophisticated attack that the world has ever seen”.
SolarWinds’s CEO and President Sudhakar Ramakrishna also described ReversingLabs’s solutions as an important part in the overall push for secure software developments.
“We are working to help establish new standards for secure software development in the industry and ReversingLabs has since become an important part of our overall efforts,” Ramakrishna said.
ReversingLabs’ CEO Vuksan also noted his company’s commitment towards creating products and solutions that will benefit the whole industry.
“Nobody can unpack and understand the security depths of a compiled software binary as we can at ReversingLabs. Its components. Its quality issues. Its surface risk area. Its code signing infrastructure. Its potentially unwanted behavior. And accidentally introduced secrets. A final verification is necessary to allow developers, software owners, and IT managers to trust that their software is safe. And we’re partnering with some of the largest software development shops to assist them with the software assurance services we’re delivering at secure.software,” Vuksan added.