Highlights:

  • Ballistic Ventures LLC, TLV Partners Management Ltd., Lightspeed Venture Partners L.P and some famous cybersecurity professionals actively participated in the funding
  • Oligo claims to be different from existing solutions because of its behavior-monitoring technology and dynamic library-level analysis to swiftly identify vulnerabilities in a running package.

Oligo Security, an Israeli cybersecurity startup, recently launched out of stealth mode. It also declared that it had closed USD 28 million for its runtime application security and observability solution.

The investors who participated in funding consisted of Ballistic Ventures LLC, TLV Partners Management Ltd., Lightspeed Venture Partners L.P, and some famous cybersecurity professionals. Other members include Snyk Inc. Chief Technology Officer Adi Sharabani, former Google Cloud Vice President Eyal Manor, now chief product and engineering officer at Twilio Inc., and Eyal Waldman, founder and chief executive of Nvidia Corp. subsidiary Mellanox Technologies.

It is founded by CTO Gal Elbaz (previously with Check Point Software Technologies Inc.), CEO Nadav Czerninski, and Chief Product Officer Avshalom Hilu, all previous officers in the Israel Defense Force’s cyber units. Oligo provides a runtime application security and observability solution that authorizes enterprises to first detect and prevent open-source code vulnerabilities in their applications without affecting performance.

Open source code comprises 80% to 90% of modern software and delivers an attractive attack vector for cybercriminals and nation-states. Oligo claims that current software composition analysis solutions fail and organizations are exposed. It’s argued that existing solutions are noisy, cause large volumes of false positives, and don’t provide runtime application context for prioritization.

That’s the time when Oligo comes into play. It argues to be different from existing solutions because of behavior-monitoring technology and dynamic library-level analysis to identify vulnerabilities in a running package quickly. The company’s platform sets a priority on the basis of the application context. It saves development time by concentrating on the exact attack surface.

The solution makes users aware only if there is a deviation from a library’s permission policy with an indication of suspicious activity. Oligo argues that its solution is quick and efficient by design. It uses a proprietary eBPF- based engine to detect vulnerabilities accurately and prevent an attack while maintaining application stability.

Czerninski explained, “After Oligo’s co-founder, Gal Elbaz, discovered that a widely used app like Instagram could be easily compromised by misusing an open-source library, we realized that there is a significant gap in the way the market currently addresses open source security. We zeroed in on a protection method that inspects each library in runtime or staging, allowing us to precisely identify attacks in cases of deviations and to fix the vulnerabilities that matter.”

Oligo’s technology profiles the acceptable behavior of each library, forming a knowledge base of libraries’ profiles and blocking or alerting whenever a library activity is not up to mark. At the library level, its platform allows effective and quick performance while maintaining the high stability of the application, Oligo says.