Phylum Raises $15M to Protect Open-Source Code

The Evergreen-based startup plans to increase its 30-person team by at least 50 percent this year. 

Jeff Rumage
Written by Jeff Rumage
Published on May. 03, 2022
Phylum Raises $15M to Protect Open-Source Code
Phylum co-founders
From left to right, CEO Aaron Bray, CTO Louis Lang and President Peter Morgan co-founded Phylum. | Photo: Phylum

Evergreen-based cybersecurity startup Phylum announced Tuesday it raised $15 million for its software that protects developers from malicious code in the open-source ecosystem.

The Series A round was led by ClearSky, with contributions from Atlassian Ventures, SixThirty Ventures, First In and TechOperators.

Phylum was co-founded in 2020 by CEO Aaron Bray, CTO Louis Lang and President Peter Morgan, who were concerned that the increasing use of open-source software could pose a risk to the software supply chain. 

Mikala Vidal, the company’s vice president of marketing, told Built In that the company employs about 30 people and plans to increase its headcount by at least 50 percent by the end of the year. 

More Colorado Tech NewsThese 5 Colorado Tech Companies Raised April’s Largest Funding Rounds

The company said in a statement that software composition analysis products focused solely on software vulnerabilities are inadequate in defending the open-source software supply chain. 

“The explosion in supply chain component compromise has highlighted the need to expand [the] focus beyond known software vulnerabilities,” Patrick Heim, a partner at ClearSky, said in a statement. “Development and security teams need proactive risk management tools that enable them to identify compromised packages before they are included in mission-critical applications.”

Phylum automates the entire process of identifying packages, analyzing the supply chain risk and categorizing these risks into five domains: malicious code, vulnerability, license, author and engineering risk. The software automatically analyzes risks and detects malware. It can also classify and remove hundreds of unidentified malicious packages and their authors per month.

Matt Sonefeldt, head of Atlassian Ventures, said in a statement that Phylum’s solution will be rolled out to its more than 200,000 cloud customers.

“Having Phylum in the Atlassian Ventures family is a huge win for development teams everywhere,” he said.

The company plans to use the funding to grow its go-to-market team and continue the invention of new heuristics and machine learning models to proactively identify risk in open-source packages. 

Recent Articles

‘Everything was Illuminated’ — How NBCUniversal’s Culture of Collaboration and Innovation Skyrockets Individual Growth
‘Everything was Illuminated’ — How NBCUniversal’s Culture of Collaboration and Innovation Skyrockets Individual Growth
Inventory Management Company Cin7 Acquires Inventoro
Inventory Management Company Cin7 Acquires Inventoro
We Spend 90,000 Hours at Work During Our Lifetimes — Zoom Wants You to Enjoy All of Them
We Spend 90,000 Hours at Work During Our Lifetimes — Zoom Wants You to Enjoy All of Them
Hiring Now
BAE Systems, Inc.
Aerospace • Hardware • Information Technology • Security • Software • Defense
View 119 Jobs
SHARE