Oligo Security launched out of stealth on Wednesday with its runtime application security platform for detecting vulnerabilities in open source components. Oligo generates a dynamic bill of materials (BOM), identifies vulnerabilities in packages, and prioritizes fixes for vulnerabilities based on application context.
Some of the most damaging cyberattacks in the past couple of years originated in open source packages included within large, complex systems. For example, Log4Shell attacks continued throughout most of 2022 because many organizations didn’t even realize they were running a vulnerable version of Log4j. Oligo generates a dynamic BOM that shows all the components that are actually running, which helps prioritize which vulnerabilities to fix first.
Oligo profiles the legitimate behavior of each library and creates a knowledge base of libraries’ profiles. The platform fires alerts when the library activity deviates from the profile, as that would indicate suspicious activity.
“Only 15% of CVEs scanned with traditional solutions are posing a real risk, and the other 85% are irrelevant, resulting in lots of false positives and noise,” wrote Avshalom Hilu, co-founder and chief product officer of Oligo, in a technical blog post. Reducing false positives and targeting mitigation more tightly can help security staff close the most dangerous flaws first and reduce alert fatigue.
The company bases its product on extended Berkeley Packet Filter (eBPF), which allows programs to run in a sandbox within the Linux operating system kernel. This means developers can extend the operating system to improve visibility, networking, security, and other capabilities to make using containers in the cloud more secure.
With the dominance of cloud computing and expanding use of containerization tools like Kubernetes, eBPF is seeing traction. The overall container security market is expected to rise from $714 million in 2020 to $3.6 billion by 2026, and up to $8.2 billion by 2030. Besides Oligo, other eBPF startups in the cybersecurity space include Araali Networks, which offers an eBPF-based firewall; Cilium, an open source Kubernetes connectivity tool; Falco and Aqua, which make Kubernetes runtime security tools; and Calico, a cloud-native security company.
Oligo raised its $28 million funding from Lightspeed Venture Partners, Ballistic Ventures, and TLV Partners, along with several angel investors.