StepSecurity, a Seattle-based startup founded in 2022 by former Microsoft engineers and cybersecurity veterans, Ashish Kurmi and Varun Sharma, recently raised a $3 million seed round led by Runtime Ventures. The company focuses on CI/CD, which stands for continuous integration and continuous delivery, a process that automates the development and deployment of applications. StepSecurity currently targets developers using GitHub Actions but plans to expand to support other similar tools like GitLab CI, Harness, and Azure DevOps. The startup has paying customers in various industries, including crypto, healthcare, and cybersecurity.
Kurmi and Sharma were inspired to start StepSecurity after observing high-profile security breaches such as the SolarWinds and Codecov hacks that originated in CI/CD pipelines. These incidents highlighted the lack of security in CI/CD pipelines and led the co-founders to develop a solution to prevent such attacks. They started building their product in the open a couple of years ago and initially provided it for free to help secure CI/CD pipelines for open-source developers. The success of this initiative motivated them to create a commercial product and launch StepSecurity as a cybersecurity-focused startup.
Sharma, who spent nearly 15 years at Microsoft as a principal security software engineering manager, brings extensive experience in cybersecurity and software development to StepSecurity. Similarly, Kurmi, who worked at Microsoft for almost eight years before joining Uber and Plaid as a security engineer, has valuable expertise in the field. The combination of their skills and knowledge has enabled StepSecurity to develop innovative solutions to secure CI/CD pipelines and mitigate potential security risks for developers and organizations.
In addition to Runtime Ventures, other investors in the seed round include Inner Loop Capital, SaaS Ventures, DeVC, and angel investors from leading companies like Coinbase and Zscaler. This broad support underscores the confidence in StepSecurity’s product and the potential for its growth in the cybersecurity market. With the increasing reliance on digital technologies and the growing threat of cyber attacks, there is a rising demand for tools and services that can enhance the security of software development processes. StepSecurity aims to address this need by providing developers with robust solutions to protect their projects and prevent security breaches.
The team at StepSecurity is continuously working to improve its product and expand its customer base across different industries. By focusing on enhancing the security of CI/CD pipelines and improving the overall development process for developers, the startup aims to become a leading provider of cybersecurity solutions for modern software development. With a strong technical background and a clear vision for the future, Kurmi and Sharma are well-positioned to lead StepSecurity to success in the competitive cybersecurity market.
Overall, StepSecurity’s recent funding round and focus on securing CI/CD pipelines demonstrate the company’s commitment to addressing cybersecurity challenges faced by developers. With the support of investors and the expertise of its founders, StepSecurity is poised to make a significant impact in the cybersecurity industry and help organizations strengthen their security posture in an increasingly digital world.
