Myrror Security

Myrror Security is an application security company that provides solutions to protect against software supply chain attacks. The company was founded in 2022, formerly known as BlindSpot Security, by CEO Yoad Fekete and CTO Roman Kublin. The founders are cybersecurity veterans who met while serving in an Israeli intelligence unit and later worked at companies like Microsoft and RSA. Fekete's experience on Microsoft's incident response team for the SolarWinds attack inspired the creation of Myrror Security to address the rising threats in the software development lifecycle (SDLC).

The firm emerged from stealth in November 2023 with $6 million in seed funding from Blumberg Capital and Entrée Capital. This investment aims to expand the product's capabilities and go-to-market channels. The platform addresses the significant increase in open-source software (OSS) supply chain attacks, which exploit dependencies and CI/CD pipelines. Myrror Security's core technology utilizes a proprietary binary-to-source code analysis with AI matching techniques. This allows it to detect known and unknown threats, such as malicious packages or CI/CD breaches, in real-time before they reach production. The platform's Breach Detection solution reverse-engineers binary artifacts and compares them to the source code, alerting users to any discrepancies. Additionally, its Code-Aware Software Composition Analysis (SCA) uses a reachability model to determine if a vulnerable function is actually used in the code, which reduces false positives and alert fatigue for security teams by up to 80%. By prioritizing reachable vulnerabilities, the system helps clients focus on the most critical risks and provides actionable mitigation plans.

Keywords: application security, supply chain security, DevSecOps, binary-to-source analysis, open-source security, CI/CD security, vulnerability prioritization, threat detection, software composition analysis, malicious package detection