Danish start-up Coana has secured a $1.6 million investment from Silicon Valley venture capital firm Sequoia Capital to develop its next-generation Software Composition Analysis (SCA) tool. The tool promises to help companies filter information and identify critical threats.
Coana, founded in 2021 in Denmark, is the brainchild of computer science professor Anders Møller and two PhDs, Martina Torp and Benjamin Barslev Nielsen, who made a “technical breakthrough” while working in a research group at Aarhus University in Denmark. Their new technique for analyzing large JavaScript-based applications allows users to differentiate between irrelevant and truly significant alerts.
To fund the development of their company from early-stage access to full commercialization, Coana announced that it has raised $1.6 million in a pre-seed funding round led by Sequoia Capital, with participation from Essence VC and several angel investors, including current and former employees of Google, Red Hat, and GitHub.
Traditional SCA tools compare the version of a given dependency with a database of known vulnerabilities. If a match is found, it alerts the developers. However, in many cases, an application may only use one or two functions from a library that consists of 50. In such cases, a vulnerability in a part of the library not used by the application should not affect the application itself.
Coana allows users to build a “call graph” of the entire application, including the application code and its dependencies. This helps eliminate false positives. The company plans to extend its support to Java and Python languages to reach a larger customer base.
Coana’s tool is still in its early stages of development. The company released the first version of its product in October for its initial paying customers – start-ups and scale-up companies from Series B and C rounds. However, Coana is working on expanding its language support to reach a wider range of customers, including large enterprises.
FAQs About Coana’s Software Composition Analysis Tool
The source of the article is from the blog dk1250.com