Why we invested in Spectral


Yoav Knoll

Senior Associate, MizMaa Ventures

 

As the world is shifting to agile development, the software development life cycle is shortening dramatically.  We are now continuously pushing products and features to production. The upside is obvious – we get better products faster, and can iterate quickly. 

But you can’t have your cake and eat it, too. 

Faster push to production will inevitably cause more bugs and more breaches. The developer today finds himself not only in charge of writing the best lines of code on the product level but also needs to keep security in mind. 

There are many places where a developer can “stumble” – Misconfigurations, open-source dependencies, leakages to public repositories, and more.  Exposing internal API keys or credentials can cause great damage – and when the code is not secure, the data is not secure either. 

Additionally,  developers don’t have the time or funds to use today’s slow and expensive scanning tools. In order to integrate into the CI/CD, such security products must be built with a developer-first orientation – a robust-yet-simple, fast-yet-extensive product.

This is where Spectral comes into the picture.

Founded by real experts in this space, Spectral is a tool by developers, for developers, that finds and mitigates misconfigurations and exposed secrets as soon as they appear in the coding pipeline.

Right from our first meeting with Dotan, Idan, Lior, and Uri, we had the high conviction that not only this team understand today’s security challenges, but, as important, speaks the developer language. Oh, and they are also just great guys to work with. 

The journey so far has been great. It is rare that a company at this stage can show growth metrics like Spectral has shown in the past year. The need for the Spectral product is there and the pain is huge. Not only that, The Spectral team has been able to build, in a short time, a stack of integrations: IDE plugins, direct git integrations, agentless scanner, CI integration, discovery, and auditing technologies that provide visibility of those threats both to the developer and the R&D management, in REAL-TIME.

The product is already protecting millions of lines of code, for tens of customers, including publicly-traded companies, and it is growing as we speak. 

We are more than happy to join the Spectral journey, be part of the team, and are excited of what’s to come!

https://spectralops.io/