【191205 Techcrunch】Data breaches that could cause millions of dollars in potential damages have been the bane of the life of many a company. What’s required is a great deal of real-time monitoring. The problem is that this world has become incredibly complex. A SANS Institute survey found half of company data breaches were the result of account or credential hacking.

【谷歌翻译，未经校对】可能导致数百万美元潜在损失的数据泄露事件一直困扰着许多公司。所需要的是大量的实时监控。问题是这个世界变得异常复杂。 SANS Institute的一项调查发现，公司数据泄露的一半是帐户或凭据被黑客入侵的结果。

GitGuardian has attempted to address this with a highly developer-centric cybersecurity solution.

GitGuardian已尝试通过高度以开发人员为中心的网络安全解决方案来解决此问题。

It’s now attracted the attention of major investors, to the tune of $12 million in Series A funding, led by Balderton Capital . Scott Chacon, co-founder of GitHub, and Solomon Hykes, founder of Docker,  also participated in the round.

现在，它吸引了主要投资者的注意，由Balderton Capital领投了1200万美元的A轮融资。 GitHub的联合创始人Scott Chacon和Docker的创始人Solomon Hykes也参加了这一轮。

The startup plans to use the investment from Balderton Capital to expand its customer base, predominantly in the U.S. Around 75% of its clients are currently based in the U.S., with the remainder being based in Europe, and the funding will continue to drive this expansion.

该初创公司计划利用Balderton Capital的投资来扩大其客户群，主要是在美国。目前，约有75％的客户都在美国，其余的则在欧洲，而资金将继续推动这种扩张。

Built to uncover sensitive company information hiding in online repositories, GitGuardian  says its real-time monitoring platform can address the data leaks issues. Modern enterprise software developers have to integrate multiple internal and third-party services. That means they need incredibly sensitive “secrets,” such as login details, API keys and private cryptographic keys used to protect confidential systems and data.

GitGuardian旨在发现隐藏在在线存储库中的敏感公司信息，它的实时监控平台可以解决数据泄漏问题。现代企业软件开发人员必须集成多个内部和第三方服务。这意味着他们需要不可思议的敏感“秘密”，例如用于保护机密系统和数据的登录详细信息，API密钥和私有密码密钥。

GitGuardian’s systems detect thousands of credential leaks per day. The team originally built its launch platform with public GitHub  in mind; however, GitGuardian is built as a private solution to monitor and notify on secrets that are inappropriately disseminated in internal systems as well, such as private code repositories or messaging systems.

GitGuardian的系统每天检测数千个凭证泄漏。该团队最初是在考虑公共GitHub的情况下构建其启动平台的；但是，GitGuardian是作为私有解决方案构建的，可以监视并通知内部系统（例如私有代码存储库或消息传递系统）中不适当传播的秘密。

Solomon Hykes,  founder of Docker and investor at GitGuardian, said: “Securing your systems starts with securing your software development process. GitGuardian understands this, and they have built a pragmatic solution to an acute security problem. Their credentials monitoring system is a must-have for any serious organization.”

Docker的创始人兼GitGuardian的投资者Solomon Hykes说：“保护系统安全始于保护软件开发过程。 GitGuardian理解这一点，他们已经针对严重的安全问题建立了务实的解决方案。他们的凭证监视系统对于任何严肃的组织都是必不可少的。”

Do they have any competitors?

他们有竞争对手吗？

Co-founder Jérémy Thomas told me: “We currently don’t have any direct competitors. This generally means that there’s no market, or the market is too small to be interesting. In our case, our fundraise proves we’ve put our hands on something huge. So the reason we don’t have competitors is because the problem we’re solving is counterintuitive at first sight. Ask any developer, they will say they would never hardcode any secret in public source code. However, humans make mistakes and when that happens, they can be extremely serious: it can take a single leaked credential to jeopardize an entire organization. To conclude, I’d say our real competitors so far are black hat hackers. Black hat activity is real on GitHub. For two years, we’ve been monitoring organized groups of hackers that exchange sensitive information they find on the platform. We are competing with them on speed of detection and scope of vulnerabilities covered.”

联合创始人杰里米·托马斯（JérémyThomas）告诉我：“我们目前没有任何直接竞争对手。这通常意味着没有市场，或者市场太小而无法引起人们的兴趣。就我们而言，我们的筹款活动证明了我们已经付出了巨大的努力。因此，我们没有竞争对手的原因是，我们要解决的问题乍一看是违反直觉的。问任何开发人员，他们会说他们绝不会对公共源代码中的任何秘密进行硬编码。但是，人会犯错误，一旦犯错，它们就会变得非常严重：可能需要一个泄漏的凭证来危害整个组织。总而言之，我要说到目前为止，我们真正的竞争对手是黑帽黑客。黑帽活动在GitHub上是真实的。两年来，我们一直在监视有组织的黑客团体，这些团体交换他们在平台上发现的敏感信息。我们正在与他们竞争检测速度和所涵盖漏洞的范围。”

网安团队找钱 / 投资人找网安项目

+微信 junshao

—— 全球网安投融事件 TimeLine ——

2019年11月

【反欺诈】Cheq：获融$16M 广告反欺诈

【威胁情报】InSights：获融$30M 数据库

【密码管理】1Password：获融$200M

2019年10月

【整体并购】九州云腾：阿里云全资收购 身份认证

【业务安全】Duality：获融$16M 隐私与数字IP保护

【云安全】LOKI：获SWG投资 SD-WAN

【身份认证】IDnow：获融€36M AI驱动身份认证

【数据安全】VGS：获高盛$35M 0数据

【威胁情报】CYFIRMA：获融$5M从Antuit剥离

【工业网安】天地和兴：获融近￥2亿

【车联网】Upstream：获融$30M

【风险控制】维择科技：获融$数千万 AI驱动风控

【流量分析】Corelight：获融$50M

【威胁情报】Flashpoint：获融$34M

【工业网安】长扬科技：获融近￥亿元 工业网安

【智能安防】MyGate:获融$50M 智能安保系统

【身份认证】Hypr：获融$18.3M 免密登录

【整体并购】长亭科技：官宣拟被阿里云全资收购

【二级市场】南洋股份：拟斥资￥1000万 设立成都天融信

【整体并购】Carbon Black：被VMware收购 强化网安能力

【工业网安】SparkCognition：获融$100M AI驱动安全

【二级市场】奇安信：完成￥15亿Pre-IPO轮融资

2019年9月

【二级市场】山石网科：9月30日 科创板IPO

【反欺诈】Verafin：获融$515M 金融犯罪防控

【安全检测】Cycode：获融$4.6M 代码检测

【安全保险】Arceo.ai：获融$37M 助力网安保险

【物联网】Crypto：获融$8M 物联网安全

2019年8月

【终端安全】网思科平：获琥珀投资 加码EDR

【身份认证】Yubico：获融$25M 身份认证与加密硬件

【终端安全】CrowdStrike：设立$20M基金 布局平台应用

【安全管理】Remediant：获融$15M 特权访问管理

【反欺诈】Cofense：获BlackRock投资 加码防钓鱼平台

【整体并购】PageSeal：被PerimeterX并购 强化终端威胁防护

【整体并购】Veriflow：被VMware并购 强化网络维护

【数据安全】Kasten：获融$14M 数据备份与恢复

【身份认证】AU10TIX：获融$60M 云身份认证

【云安全 】CloudCheckr：获融$15M 多云管理平台

【数据安全 】Clumio：获融$51M 云灾备

2019年7月

2019年6月

2019年5月

【IoT】智普信：获融￥过亿 物联网安全

2019年4月

2019年3月

2019年2月

2019年1月

2018年12月

2018年11月