December 20, 2004
- Waltham, MA
Ounce Labs, Inc., the leader in software vulnerability risk management, today announced it has closed $10 million in its second round of funding. BlueStream Ventures led the round with full participation from existing investors Greylock and Commonwealth Capital Ventures. The round will support expansion of sales and marketing efforts for Ounce Labs’ product Prexis, which automatically analyzes software source code to measure security risk, identify vulnerabilities, and drive remediation efforts.
BlueStream, based in Menlo Park, CA, specializes in emerging technology companies. They chose to invest in Ounce Labs after extensive research validated the rapid growth of the software risk management market and the company’s clear leadership position.
“Ounce Labs has demonstrated the technology, management, and tremendous market potential we look for in our portfolio companies,” said Raj Gollamudi, general partner of BlueStream Ventures. “Source code vulnerability analysis will be one of the most important security technologies over the next several years, and Ounce Labs has already set the bar high in this market.”
“We have experienced a surge in demand from companies striving to measure and eliminate the risk from software vulnerabilities,” said Jack Danahy, CEO of Ounce Labs. “This investment will help ensure that we have the resources necessary to fulfill that demand. We are pleased to add BlueStream’s knowledge of security and their reputation to our board along with the strong continued support in this second round from our initial investors Greylock and Commonwealth.”
“Commonwealth is pleased to be participating again in funding for Ounce Labs,” said Justin Perreault, general partner at Commonwealth Capital Ventures. “The market is quickly recognizing that managing software risk requires metrics-based analysis. Ounce Labs understands this and is delivering very effective solutions to proactively improve software security.”
“Greylock is very active in the information security arena, and we continue to be impressed by Ounce Labs’ innovation and results,” said David Aronoff, general partner at Greylock. “They have already made their mark as the leaders in this new market segment, developing products for both security managers and software developers to mitigate risk.”
“We have been working with Ounce Labs to incorporate Prexis’ automated source code analysis into our security consulting services,” said Chris Prosise of Foundstone, a division of McAfee (NYSE: MFE). “Consistent, metrics-based analysis of source code vulnerabilities adds significant value as part of enterprise-wide risk management strategy.”
Forrester analyst Randy Heffner acknowledged the growth potential of the secure code market in a report earlier this year, stating that, “Application security architecture is a broad topic… the two most active areas of market attention in 2005 will be secure code (including vulnerability scanning) and secure Web services, with identity federation also gaining strength.” (Trends 2005: Application Security Architecture And Secure Web Services, Forrester Research, Inc., Oct. 25, 2004)