The acquisition of the startup will enhance Veracode’s capabilities around protecting against malicious open-source code, according to the cybersecurity vendor.
Veracode said that its acquisition of software supply chain security startup Phylum, announced Monday, will enhance its capabilities around protecting against malicious open-source code.
The terms of Veracode’s acquisition of Phylum were not disclosed.
(Related: GenAI Risks To Software Security On The Rise: Experts)
Founded in 2020, Phylum has specialized in providing technologies for analyzing, detecting and mitigating malicious software packages, according to Veracode.
The capabilities are particularly crucial for the purposes of protecting software supply chains through the identifying and blocking of malicious code found in open-source libraries, Veracode said.
The integration of Phylum’s technology will ultimately enable Veracode to provide customers with “comprehensive” visibility in the risks associated with their use of open-source code, the company said in a news release.
Veracode said that the acquisition will include “certain assets” of Phylum as well as personnel from the startup. CRN has reached out to Veracode for further comment.
In August 2023, Phylum unveiled its partner program for resellers as well as tech alliance and OEM partners.
Veracode’s acquisition of the startup comes as code security risks—particularly from the widespread usage of open-source code—continue to rank as a top concern for many organizations.
The deal also comes amid the continuing wave of cybersecurity vendor consolidation, which included a surge of M&A activity in 2024. Key factors have included growing customer demand for unified security platforms as well as budgetary and staffing considerations.
