Oligo Security raises $20 million Series A to secure open-source libraries

Oligo Security announced on Wednesday that it has raised a $20 million Series A for its runtime application security and observability solution that allows enterprises to detect and prevent open source code vulnerabilities. The Series A comes just nine months after it raised $8 million in a Seed round.

Full list of Israeli high-tech funding rounds in 2023

Oligo was founded in 2022 by CEO Nadav Czerninski, CTO Gal Elbaz (previously with Check Point), and CPO Avshalom Hilu, all former officers in the Israel Defense Force's elite cyber units. The company employs 25 people in Tel Aviv and is opening offices in New York.

Oligo co-founders.

“There are currently many vulnerabilities in open source code,” Czerninski told Calcalist. “We offer a solution which tracks applications and instantly identifies vulnerabilities in running packages and prioritizes fixes based on application context.”

The Seed and Series A funding was raised from Lightspeed Venture Partners, Ballistic Ventures, and TLV Partners, as well as a long list of angel investors including Eyal Manor, former GM/VP of Google Cloud and the Chief Product and Engineering Officer of Twilio; Adi Sharabani, CTO of Snyk; Zohar Alon, founder of Dome9 Security; Guy Bejerano, CEO and co-founder of SafeBreach; Shai Morag, CEO and co-founder of Ermetic; Ofer Ben-Noon and Ohad Bobrov, co-founders of Talon Cyber Security; and Yair Amit, Snyk advisor and former CTO of Skycure. Syndicates include Cyber Club London (CCL), Kmehin Ventures, and OperAngels.

Oligo founders graduated from the sixth cohort of the Intel Ignite program.

“After Oligo’s co-founder, Gal Elbaz, discovered that a widely used app like Instagram could be easily compromised by misusing an open source library, we realized that there is a significant gap in the way the market currently addresses open source security,” added Czerninski. “We zeroed in on a protection method that inspects each library in runtime or staging, allowing us to precisely identify attacks in cases of deviations and to fix the vulnerabilities that matter.”

Oligo’s patent-pending technology profiles the legitimate behavior of each library, creating a knowledge base of libraries’ profiles and alerting or blocking whenever a library activity is not as expected. Working at the library level, the Oligo platform enables quick and effective performance while maintaining high stability of the application.

"In September 2020, I discovered a way to hack into Instagram by exploiting a weakness in an open-source library. I was amazed by the fact that malicious behavior that goes beyond the permissions of the library could go undetected,” explained Elbaz. “I realized that there was a significant gap in the way the market currently treats open-source security and I wanted to make sure that this problem was resolved.”