Symbiotic provides developers with real-time feedback on potential security vulnerabilities
Symbiotic Security launched a real-time security for software development that combines detection and remediation with just-in-time training – incorporating security testing and training directly into the development process without breaking developers’ workflows.
Backed with $3 million of seed funding from investors including Lerer Hippeau, Axeleo Capital, Factorial Capital, and others, the company has introduced its software-as-a-service that works with the developer’s Integrated Development Environment (IDE) and enables them to develop software more securely.
A Ponemon survey of 634 IT and IT security practitioners reported the top challenges to shift-left security were: a lack of integrated security tools (51%); an increase in work for developers (43%); too many vulnerabilities to fix (40%). These are precisely the challenges addressed by Symbiotic Security.
“Traditional approaches to code security are broken, which we fix by integrating security at the time code is written,” said Jerome Robert, CEO, Symbiotic Security. “Symbiotic requires no additional developer training – it is the training. Our mission is to be the developer’s partner in security and we believe that this is the defining moment for cyber security where the vision of ‘shift-left’ is finally realized.”
The concept of ‘shift-left’ is to integrate security into the earliest parts of the Software Development Life Cycle (SDLC), which includes passing security responsibilities to developers. The initiative hasn’t yet been successful because, until now, developers have not been properly equipped nor have they found any operational gain in being responsible for securing their assets.
Symbiotic provides developers with real-time feedback on potential security vulnerabilities as they write code, as well as remediation recommendations, and training with information that helps further educate developers on the specific security issues encountered.
The company has launched its minimum viable product for iteration, feedback, and testing and already has active deployments at eight companies. All are actively leveraging both the remediation plugin and the training, while providing user feedback that Symbiotic is using to further enhance the product.
Symbiotic Security helps developers ship clean code, which helps eliminate security backlogs without disrupting workflows.
With Symbiotic’s software, security is no longer an afterthought; it is where it should have always been – integrated into the SDLC as a foundational part of the coding process. It continuously scans code that has both already been written and as it is created, so that potential threats are identified and resolved immediately. In addition, Symbiotic Security offers developers contextual remediations right within their IDE, boosting efficiency and reducing costs, while improving security.
“Jerome and co-founder Edouard Viot have a deep understanding of the problems underlying traditional code security and demonstrated remarkable foresight with their approach to addressing the growing demand for shift-left security solutions,” said Graham Brown, managing partner, Lerer Hippeau. “Symbiotic has the potential to transform the industry, empowering developers and security teams alike.”
“Symbiotic Security is a security solution that truly understands developers and makes them more productive,” said Simon Elcham, CTO, Trustpair. “By integrating into our existing workflows, it has helped our development and security teams work more efficiently, reducing security backlogs and enhancing code quality. Symbiotic Security is outpacing market standards in both functionality and business impact.”