Arnica raises $7M to protect software supply chains without hurting developer velocity
Arnica announced general product availability and $7 million in seed funding. The round was led by Joule Ventures and First Rays Venture Partners, with angel investments from industry leaders including Avi Shua, co-founder and CEO of Orca Security, Dror Davidoff, co-founder and CEO of Aqua Security and Baruch Sadogursky, lead developer. Jfrog relationships.
Arnica will use the funds to accelerate product development and scale its go-to-market teams.
Software supply chain attacks are on the rise, increasing 650% in the last year alone. According to a recent report from IBM, supply chain attacks now account for a fifth of all data breaches and the average cost of a supply chain compromise has reached an all-time high of 4.46 million of dollars.
Despite the growing threat, companies are hesitant to take drastic measures to achieve full protection for fear that it will impair the agility of their developers.
Arnica uses machine learning algorithms to identify the nuances of how each developer works and validates the authenticity of every change they make to code. This allows Arnica to detect a potential attacker impersonating a developer and prevent them from pushing malicious code to the codebase.
The platform also helps organizations manage excessive permissions and achieve least privileged status, minimizing the “explosion radius” of a potential breach without impacting developer workflow.
Arnica automatically revokes privileges that aren’t used, while deep integrations with everyday tools like Slack allow developers to reclaim permissions when needed. By providing self-service access management with just a few clicks, Arnica bypasses the usual friction needed to maintain minimal access to source code repositories.
“The rule of thumb when hardening development environments is: don’t hurt developer speed,” said Nir Valtman, co-founder and CEO of Arnica.
“A developer’s ability to make code changes quickly and seamlessly and ship products to users has a direct impact on revenue. We’ve created a solution that not only protects but empowers developers, allowing them to continue working the way they prefer, but in a safe environment. We believe that by learning how developers work, we can both protect company code and, at the same time, enable and support developers,” Valtman continued.
“In a market full of security solutions that only add value, Arnica’s instant resolution-oriented approach is a game-changer for enterprise development teams,” said Brian Rosenzweig, partner at Joule Ventures. .
“Arnica goes beyond simply reporting security issues – every issue identified can be immediately resolved with a one-click fix.” This allows companies to quickly protect their software supply chain from attack, while behavior-based detection ensures it remains secure over the long term. Arnica’s pragmatic approach and industry-leading technology allow companies to avoid costly breaches without compromising agility,” continued Rosenzweig.