Oligo
Security
launched
out
of
stealth
on
Wednesday
with
its
runtime
application
security
platform
for
detecting
vulnerabilities
in
open
source
components.
Oligo
generates
a
dynamic
bill
of
materials
(BOM),
identifies
vulnerabilities
in
packages,
and
sets
fix
priorities
for
vulnerabilities
based
on
application
context.
Some
of
the
most
damaging
cyberattacks
in
the
past
couple
of
years
originated
in
open
source
packages
included
within
large,
complex
systems.
For
example,
Log4Shell
attacks
continued
throughout
most
of
2022
because
many
organizations
didn’t
even
realize
they
were
running
a
vulnerable
version
of
Log4j.
Oligo
generates
a
dynamic
BOM
that
shows
all
the
components
that
are
actually
running,
which
helps
establish
which
vulnerabilities
to
fix
first.
Oligo
profiles
the
legitimate
behavior
of
each
library
and
creates
a
knowledge
base
of
libraries’
profiles.
The
platform
fires
alerts
when
the
library
activity
deviates
from
the
profile,
as
that
would
indicate
suspicious
activity.
“Only
15%
of
CVEs
scanned
with
traditional
solutions
are
posing
a
real
risk,
and
the
other
85%
are
irrelevant,
resulting
in
lots
of
false
positives
and
noise,”
Avshalom
Hilu,
co-founder
and
chief
product
officer
of
Oligo,
wrote
in
a
technical
blog
post.
Reducing
false
positives
and
targeting
mitigation
more
tightly
can
help
security
staff
close
the
most
dangerous
flaws
first
and
reduce
alert
fatigue.
The
company
bases
its
product
on
extended
Berkeley
Packet
Filter
(eBPF),
which
allows
programs
to
run
in
a
sandbox
within
the
Linux
operating
system
kernel.
This
means
developers
can
extend
the
OS
to
improve
visibility,
networking,
security,
and
other
capabilities
to
make
using
containers
in
the
cloud
more
secure.
With
the
dominance
of
cloud
computing
and
expanding
use
of
containerization
tools
like
Kubernetes,
eBPF
is
seeing
traction.
The
overall
container
security
market
is
expected
to
rise
from
$714
million
in
2020
to
$3.6
billion
by
2026,
and
up
to
$8.2
billion
by
2030.
Besides
Oligo,
other
eBPF
startups
in
the
cybersecurity
space
include
Araali
Networks,
which
offers
an
eBPF-based
firewall;
Cilium,
an
open
source
Kubernetes
connectivity
tool;
Falco
and
Aqua,
which
make
Kubernetes
runtime
security
tools;
and
Calico,
a
cloud-native
security
company.
Oligo
raised
its
$28
million
funding
from
Lightspeed
Venture
Partners,
Ballistic
Ventures,
and
TLV
Partners,
along
with
several
angel
investors.