StepSecurity, a startup located in the Seattle area with a mission to enhance security for developers’ projects, has proudly announced the acquisition of a $3 million seed investment spearheaded by Runtime Ventures.
The company, which was established in 2022 by ex-Microsoft engineers and cybersecurity experts Ashish Kurmi and Varun Sharma, specializes in CI/CD—short for continuous integration and continuous delivery. This methodology is pivotal for automating the development and deployment processes of software applications.
Targeting developers who utilize GitHub Actions, StepSecurity is also aiming to broaden its support to encompass other comparable platforms such as GitLab CI, Harness, and Azure DevOps in the future.
Its services have already attracted a diverse clientele, spanning sectors like cryptocurrency, healthcare, and cybersecurity.
High-profile cybersecurity incidents, such as the SolarWinds and Codecov breaches, which were traced back to vulnerabilities within CI/CD pipelines, served as a catalyst for the inception of StepSecurity. The founders expressed in a recent blog that the stark absence of security measures in CI/CD pipelines and the lack of adequate defenses against such attacks inspired them to develop their product. Initially made available for free to secure open-source developers’ CI/CD pipelines, this endeavor quickly evolved into a promising venture.
Sharma, with a substantial tenure of nearly 15 years at Microsoft, including his role as a principal security software engineering manager, and Kurmi’s career journey through Microsoft, Uber, and Plaid as a security engineer, bring a wealth of experience to the company.
The seed round also saw participation from Inner Loop Capital, SaaS Ventures, DeVC, and individual investors occupying leadership positions at firms like Coinbase and Zscaler.
