Soluble
A software company that SaaS services and cloud-native security.
| Date | Investors | Amount | Round |
|---|---|---|---|
| - | investor | €0.0 | round |
* | N/A | Acquisition | |
| Total Funding | 000k | ||
Related Content
Founded in 2019, Soluble operated as a technology firm specializing in Infrastructure as Code (IaC) security. The company developed a platform designed to help organizations automate security measures, providing tools for scanning configurations and identifying vulnerabilities. This enabled development and security teams to detect and remediate misconfigurations and policy violations within their IaC frameworks, such as Terraform, CloudFormation, and Kubernetes, directly within the continuous integration and continuous delivery (CI/CD) pipeline.
Soluble's core product functioned by performing static code analysis and inspecting for risk, impact, and policy deviations. This approach allowed developer and security teams to proactively address issues before they reached production environments, effectively shifting security practices earlier into the development lifecycle. The platform integrated directly into developer workflows and tools like GitHub and GitLab, facilitating a more seamless partnership between development and security operations. By correlating cloud misconfigurations to the source code, it enabled remediation through pull requests, streamlining the process of fixing security flaws.
The company's business model was centered on providing its scalable cloud infrastructure management technology to enterprises that were increasingly adopting IaC to manage their cloud environments at scale. This market is driven by the need to manage the complexity and risk associated with the rapid pace of application deployment in the cloud. In November 2021, Soluble was acquired by Lacework, a data-driven cloud security platform. The acquisition was a strategic move for Lacework to integrate Soluble's IaC remediation capabilities into its own platform, thereby expanding its ability to help customers embed security practices directly into their software delivery workflows. This enhancement allows for the automated blocking of container images that do not meet security standards and provides developers with the tools to ship code faster and more securely.
Keywords: Infrastructure as Code security, IaC security, cloud security, DevSecOps, CI/CD security, Terraform security, CloudFormation security, Kubernetes security, static code analysis, cloud misconfiguration, policy as code, developer security, automated remediation, cloud infrastructure management, shift left security, Lacework acquisition, application security, continuous integration security, continuous delivery security, cybersecurity automation.