Seattle-based cybersecurity startup StepSecurity is looking to add to its team after raising $3 million earlier this month.
StepSecurity co-founder and CEO Varun Sharma said the company has a "handful" of employees now but plans to grow to about 10 in the next three to six months. The growth won't affect the company's ongoing commitment to working remotely.
"That is actually a great benefit for hiring," Sharma said. "We haven't really experienced any kind of drawbacks."
StepSecurity was founded in 2022. The startup focuses on protecting code made on the developer platform GitHub, specifically code developed through "CI/CD," or continuous integration and continuous delivery. CI/CD is a method of development that eliminates much of the manual labor in developing code and allows developers to make code changes that are automatically tested and delivered.
Related coverage
According to Sharma, code is often automatically shipped to the cloud, which creates opportunities for attacks. He added that StepSecurity provides network monitoring, prevents credentials from being stolen and protects against backdoor access to sensitive processes.
Ashish Kurmi, the company's co-founder and chief technology officer, said StepSecurity looked at past CI/CD breaches to understand how to stop future attacks. This type of cybersecurity is unique enough that it requires a specific approach, he said.
StepSecurity has a free, open-source version of its product, as well as an enterprise version for paying customers. Although the co-founders couldn't name specific customers, they said over 3,000 projects use its open-source version, including from the likes of Microsoft and the Cybersecurity and Infrastructure Security Agency.
StepSecurity is hiring in engineering, sales and marketing. Sharma said the company will try to hire in Seattle, but many roles will be open across the U.S. and some engineering roles will be in India.
StepSecurity's investors include Runtime Ventures, Inner Loop Capital, SaaS Ventures and DeVC. Sharma said it's likely the company will look to raise a Series A round in 12 to 18 months. Sharma spent more than 14 years at Microsoft before co-founding the company. Kurmi, meanwhile, brings experience from Plaid, Uber and Microsoft, where he spent almost eight years.
Looking ahead, Sharma said CI/CD security is likely to become its own category.
"We believe that CI/CD is something that is used by all organizations, and there's so many security issues," he said. "It's going to require a full-blown solution."
For more stories like this one, sign up for Seattle Inno newsletters from the Puget Sound Business Journal and the American Inno network.
