codenotary, a service that makes it easy for development teams to build transparent software supply chains (and also the company behind the popular open source software immutb immutable database), announced today that it has raised a Series B round of $12.5 million from new and existing investors such as Bluwat, Elaia and others. This new round brings the company’s total funding to $18 million, including the Series A round of $5.5 million last July.
Founded by CEO Moshe Bar, who previously co-founded Qumranet, and CTO Dennis Zimmer, Codenotary helps people identify and track all the components in their DevOps cycle. This means that when there is a supply chain attack or vulnerability like Log4j, it is much easier for a company to find out where these libraries are being used and mitigate the potential blast radius. Since all of this sits on top of immudb, an accounting database that provides a tamper-proof history system (without any blockchain voodoo), users should be able to fully trust this information. Once you add Codenotary to your software supply chain, the service automatically creates a bill of materials based on what you’re looking at.
“Our mission is to ensure that we can trust the artifacts we use in application development in any organization, whether it’s open source or an internal corporate organization,” said Bar. “When we started the company, we were looking for ways to ensure that the information we we store — about who worked on which artifact, when and how, and what they did with it — would be protected from tampering.” As there was no database available at the time that met the Codenotary requirements, the team wrote their own. Bar noted that immudb provides the same cryptographic verification you could get from a blockchain, but in the form of a much more performing database.
“codenotary offers a solution that allows organizations to quickly identify and track all components in their DevOps cycle and therefore restore trust and integrity across all of their myriad applications,” said Pascal Blum, Senior Partner at Bluwat AG in Switzerland, one of the first investors in codenotary. “Combined with codenotarymarket-leading immutable database, immutb, the company has gained a leading position in this new market.”
The service currently has more than 100 customers, and while it is not able to disclose most of these names, the team noted that it includes some of the largest banks in the world.
According to Zimmer, most Codenotary customers first implement the service in the software pipeline in order to be able to establish the provenance of their software from source to production. That customer base, he also noted, ranges from small software development shops to large ERP companies, who often use the service to publicize the quality assurance work they put into a new version, for example, and provide a list of materials to external customers who use your software. As Bar added, it is often financial organizations and government agencies that are at the forefront of thinking on these issues.
Codenotary plans to use the new funding to accelerate the development of its products and expand its marketing and sales worldwide.