Utrecht, Netherlands-based Codean, a cybersecurity startup that develops a toolbox for security experts in order to work faster, announced on Wednesday that it has raised €1M in a fresh round of funding to boost the roll-out of its product.
Investors in this round
The investment came from TIIN Capital’s Dutch Security TechFund and five experienced angel investors.
According to Roel Reijnen, Partner at TIIN Capital, “The cybersecurity market has grown rapidly in recent years, but it still needs to mature. A mature market includes technology specific to that industry. We expect Codean’s review environment to become the standard in this sector in four years’ time. We strongly believe in the expertise of the team. Besides that, the fact that these entrepreneurs bring along a number of experienced angel investors from the industry is for us an additional confirmation of the potential of the company.”
TIIN Capital was founded in 1998. In early 2019, it started with its sixth venture capital fund – one of them being Dutch Security TechFund. This fund is sector-focused and backs startups and scale-ups in cybersecurity and IoT Security. The firm works together with Security Delta in The Hague, the Netherlands, and the European Cyber Security Organisation (ECSO) in Brussels, Belgium.
“Innovating software security testing”
According to Codean’s co-founder Arthur Tolsma, the number of criminal hackers is growing and the cybersecurity industry has a lot of trouble keeping up with this trend.
Tolsma says, “We employ security experts who help software developers with code review. We want to give them the best possible tools to work effectively. Those tools don’t exist. Codean has filled this gap by developing a unique toolbox. What we are seeing now is that there is no comparable product and that we have something within reach that has the potential to be deployed worldwide.”
Codean says it has built a Review Environment, which lets security experts work 100 per cent faster, and up to 1000 per cent for certain tasks. It also automates mundane analysis tasks so that security experts can focus on finding vulnerabilities.
The company says, “Our Security Review Environment is for a security expert what an Integrated Development Environment (IDE) is for software engineers. Most security experts use an IDE for software analysis, even though that’s made for software development. Instead, the environment we built is tailor-made for security review: it has features ranging from keeping track of what is reviewed while doing delta’s, to symbiotic taint analysis, to easy report composition.”
Codeine’s innovation is the ability to place codemarks. With a codemark, a developer can highlight code as ‘interesting’ from a security perspective. The developer will then have to describe what that piece of code does and link it to other codemarks to mark a vulnerable path through the codebase.
This allows a security expert to mark code as ‘security-relevant’. By connecting these codemarks, a vulnerable path through the codebase is marked. And that is the goal of a security expert: to find a path through which a criminal hacker can get in and find something valuable.
With this knowledge, the software developer can make their code more secure. As the review environment is in the cloud, security experts can also collaborate on a codebase and review each other’s codemarks. This combination of features makes the review environment ‘unique’ worldwide and enables security experts to work more efficiently.
The cybersecurity company was founded in 2020 by Kevin Valk, an ethical hacker with 15 years of experience, and Arthur Tolsma, with 15 years of entrepreneurial experience. The startup currently works with 7 employees on its mission to make the digital world a safer place.
Codean does not believe in fully automated tools for software developers, because they show a lot of false positives and miss essential vulnerabilities. They view the human security expert as the future, but the expert could use a hand.
The company provides the review environment to security experts worldwide, as well as software security advice to software developers, with their own team of security analysts.
Tolsma now wants to grow the company. He says, “We are really pleased with the support and expertise of the investors involved in this funding round. We were looking for investors who can assist us with the further professionalisation of the company and who also contribute network and expertise. This is reflected in the track record and experience of venture capitalist TIIN Capital and angel investors such as Steven Dondorp, CEO of Northwave.”