Security
Why we invest
The rise of the cloud, DevOps, and AI has ushered in a wave of innovation and productivity but also massively widened the attack surface and created entirely new threat vectors. Security remains a stalwart top-budget item for enterprises of all sizes as savvy attackers continue to find ways to expose vulnerabilities. Assisted by a CISO Advisory Group composed of security leaders from top public and private companies, Madrona partners with founders developing next-generation solutions to combat these threats and protect users and organizations across all environments and modalities.
Stacklok’s
Craig McLuckie
on solving open-source security challenges Security
-
Clerk is the drop-in authentication and user management solution for the modern web, tuned for React and Next.js.Initial Investment2023Clerk is the drop-in authentication and user management solution for the modern web, tuned for React and Next.js.
-
Eclypsium’s cloud-based platform identifies, verifies, and fortifies firmware in laptops, servers, network gear, and connected devices. The Eclypsium platform secures your device supply chain by monitoring devices for threats, critical risks, and patching firmware across the entire device fleet.Initial Investment2018Eclypsium’s cloud-based platform identifies, verifies, and fortifies firmware in laptops, servers, network gear, and connected devices. The Eclypsium platform secures your device supply chain by monitoring devices for threats, critical risks, and patching firmware across the entire device fleet.
-
PlexTrac is a modern collaboration and workflow automation platform for cybersecurity teams.Initial Investment2021PlexTrac is a modern collaboration and workflow automation platform for cybersecurity teams.
-
Stacklok builds products that help developers securely develop and deploy software. Trusty is a free-to-use service that helps developers vet the safety and trustworthiness of open-source packages as they're importing them into their code. Minder is an open-source platform that helps software project owners automate their security posture by applying and continuously enforcing security policies and best practices across groups of repos.Initial Investment2023Stacklok builds products that help developers securely develop and deploy software. Trusty is a free-to-use service that helps developers vet the safety and trustworthiness of open-source packages as they're importing them into their code. Minder is an open-source platform that helps software project owners automate their security posture by applying and continuously enforcing security policies and best practices across groups of repos.
-
Tigera provides the industry’s only active Cloud- Native Application Protection Platform (CNAPP) with full-stack observability for containers, Kubernetes, and cloud. The company’s platform prevents, detects, troubleshoots, and automatically mitigates exposure risks of security issues in build, deploy, and runtime stages. Tigera delivers its platform as a fully managed SaaS (Calico Cloud) or a self-managed service (Calico Enterprise). Its open-source offering, Calico Open Source, is the most widely adopted container networking and security solution. Tigera’s platform specifies security and observability as code to ensure consistent enforcement of security policies, which enables DevOps, platform, and security teams to protect workloads, detect threats, achieve continuous compliance, and troubleshoot service issues in real time. Powering more than 100M containers across 2M+ nodes in 166 countries, Calico software is supported across all major cloud providers and Kubernetes distributions, and is used by leading companies including AT&T, Discover, Merck, ServiceNow, HanseMerkur, RealPage, L3Harris, and Mindbody.Initial Investment2017Tigera provides the industry’s only active Cloud- Native Application Protection Platform (CNAPP) with full-stack observability for containers, Kubernetes, and cloud. The company’s platform prevents, detects, troubleshoots, and automatically mitigates exposure risks of security issues in build, deploy, and runtime stages. Tigera delivers its platform as a fully managed SaaS (Calico Cloud) or a self-managed service (Calico Enterprise). Its open-source offering, Calico Open Source, is the most widely adopted container networking and security solution. Tigera’s platform specifies security and observability as code to ensure consistent enforcement of security policies, which enables DevOps, platform, and security teams to protect workloads, detect threats, achieve continuous compliance, and troubleshoot service issues in real time. Powering more than 100M containers across 2M+ nodes in 166 countries, Calico software is supported across all major cloud providers and Kubernetes distributions, and is used by leading companies including AT&T, Discover, Merck, ServiceNow, HanseMerkur, RealPage, L3Harris, and Mindbody.