Hdiv Security

Hdiv Security, a Spanish cybersecurity firm, was established to bridge the gap between application development and security, a need its founders identified from prior industry experience. The company was founded in 2008 by Roberto Velasco (CEO) and Gorka Vicente (COO), who both came from a background at S21sec. Their journey began with the development of an open-source solution in 2007 called HDIV (HTTP Data Integrity Validator), a Java-based framework designed to add security functions to web applications transparently. The success of this open-source version, which attracted over 10,000 developers and saw significant downloads from Fortune 500 companies, validated the market need for a commercial enterprise product.

The company officially launched its paid, enterprise-grade product in 2016 from its headquarters in San Sebastián, Spain. Hdiv Security's business model focused on providing a unified application security platform to large enterprises, including government bodies, banks, and Fortune 500 companies. Its client roster grew to include major US and European banks, global credit card companies, and large North American retailers. The firm's growth was supported by approximately $1 million in funding over two rounds, including a Series A led by Adara Ventures in 2018.

Hdiv Security's platform automates application security by integrating directly into the software development lifecycle (SDLC). The core of its offering combined multiple technologies to provide comprehensive protection. Its product suite included Interactive Application Security Testing (IAST) to detect vulnerabilities in source code, Runtime Application Self-Protection (RASP) to enable applications to defend themselves in real-time, and Software Composition Analysis (SCA) to manage vulnerabilities in open-source components. This unified approach allowed developers to identify and fix security flaws, including zero-day vulnerabilities, as they were building the software, effectively embedding security into the DevOps process. A key benefit was the reduction of false positives and the ability to pinpoint the exact location of vulnerabilities in the code.

In June 2022, Hdiv Security was acquired by Datadog, a major US-based cloud monitoring and security platform, for an undisclosed amount. The acquisition was a strategic move for Datadog to enhance its Cloud Security Platform by integrating Hdiv's developer-focused security capabilities. This allowed Datadog to offer its customers deeper security visibility across the entire software lifecycle, combining security with observability to better protect applications from threats.

Keywords: application security, DevSecOps, IAST, RASP, SCA, software development lifecycle, vulnerability management, runtime protection, web application security, cybersecurity, Datadog acquisition, Roberto Velasco, Gorka Vicente, automated security testing, zero-day vulnerability, source code analysis, software composition analysis, interactive application security testing, runtime application self-protection, application protection, API security