Founded in 2008, JFrog serves companies such as Facebook, Google, Amazon, and Netflix with automated tools for developers to build, manage, and distribute all their software releases. Vdoo is a four-year-old startup with customers such as Verizon, Samsung, and Bosch.
Founded in 2017, Tel Aviv-based Vdoo was initially focused on software and applications designed for securing IoT and embedded systems, but it has since extended its security reach to cover “almost any software artifact, including containers, server applications, mobile applications, and more,” Ori Blitental, VP of marketing at Vdoo, told VentureBeat. “Vdoo’s focus is product security, which means we analyze and secure applications in their production context.”
JFrog hit the public market last September, though it has had a lukewarm reception in the intervening months, with its market cap currently sitting at around 30% below its opening day valuation. Security continues as a major area of concern for enterprises, however, with recent reports suggesting that despite a 10% spike in cybersecurity spending last year, data breaches were at an all-time high. And so bringing Vdoo under its wing makes JFrog a stickier proposition for companies looking to protect their production processes across multiple attack vectors, with security fully-integrated into the software lifecycle.
It’s also worth noting that this acquisition will bolster JFrog’s in-house “security experts” personnel, with its team tripling across engineering, marketing, and sales.
Vdoo’s existing SaaS product will remain as a standalone product in the near term, but JFrog said that it expects to integrate Vdoo’s technology into its platform to “provide a continuous, holistic security analysis platform” sometime next year. “Following the completion of the acquisition, JFrog and Vdoo will work with joint customers to ensure business continuity and streamlined migration to the joint offering,” JFrog chief product officer Dror Bereznitsky said.
More specifically, Bereznitsky said that Vdoo will add to JFrog’s existing security credentials, including run-time protection, the ability to find new zero-day threats, and detection of configuration risks that aren’t typically tested such as open source components.
“The joint solution will provide deeper coverage of different security risks — CVEs, SBOMs, configuration risks, and so on — and improved prioritization and mitigation capabilities,” Bereznitsky said.
VentureBeatVentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
- up-to-date information on the subjects of interest to you
- our newsletters
- gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
- networking features, and more