Start Left® Security Revolutionizes Software Delivery and Risk Management: Oversubscribes Seed Round to Drive Transparency and Secure Product Development from the Start

June 27, 2023

Gula Tech Adventures, Lytical Ventures, and Dasein Capital lead Seed investment in Start Left® Security, supported by other strong investors: DeepWork Capital, Florida Opportunity Fund, and Bootleg Advisors.


JACKSONVILLE, FL, June 27, 2023—Start Left® Security, powered by a multi-patented, AI-driven Application Security Posture Management (ASPM) Platform and Behavioral Analytics, today announced that it has oversubscribed and closed $3.0 million Seed financing led by notable cybersecurity, data analytics, and artificial intelligence (AI) venture capitalists and industry experts. This demonstrates the market’s confidence in Start Left® Security's vision and its ability to deliver innovative solutions that address evolving security threats.


This funding will enable us to enhance our offerings of enabling software-driven organizations to improve visibility, better manage vulnerabilities, and enforce controls. We are excited to further our mission to improving application security by empowering people across Development, Security, CloudOps, and GRC to better manage risk at the speed of innovation," said Jeremy Vaughan, CEO and Founder of Start Left™ Security. "We are thrilled to have such strong support from some of the most notable cybersecurity venture capitalists and industry experts."


According to Gartner’s ‘Innovation Insight for Application Security Posture Management, 2023’ report, “54% of Engineering Leaders know they need to secure the development environment but applications have become more complex, and with security tools and responsibilities spanning multiple groups, visibility into the overall security posture of applications becomes vastly more difficult to obtain.”


Start Left® Security’s ASPM platform solves that problem. The platform further differentiates itself from point solutions by providing a holistic and comprehensive approach to scaling application security programs, offering end-to-end coverage on every product team, centralized management, and compliance reporting, along with the ability to integrate cloud security posture management (CSPM).


"Start Left™ Security's platform enables development teams to ship applications without vulnerabilities. We are investing because the platform mitigates vulnerabilities and security weaknesses inherited from many sources such as the software supply chain and malicious insiders, in a highly effective and unique approach we've not seen available previously," said Ron Gula, CEO of Gula Tech Adventures. 


The funding will be utilized to accelerate the company’s go-to-market efforts and R&D investments for Start Left® Security’s ASPM Platform, build more risk insights and threat predictions into their SPACE™ Behavioral Analytics, and unify a unique approach to protecting cloud-native applications – the right way – “start left, not ‘shift left’.”


Embracing the "start left" philosophy to embed secure coding practices from the beginning opens the door to empowering the human element. Start Left® Security provides innovative solutions by equipping developers with AI-driven remediation guidance and individualized secure code training. Security leaders now can be a part of making it easier for people to work together to close security holes and give teams the tools they need to build safe and resilient software products.


Start Left® Security’s ASPM Platform features include:


  • Inline CI/CD Software Component Analysis (SCA)
  • Seamless Dynamic Software Bill of Materials (SBOM)
  • Asset Discovery, Inventory & Risk Management
  • Product-Centric Vulnerability Management
  • AI-Driven Remediation Guidance & Secure Code Training
  • Governance, Risk & Compliance  Performance
  • Executive Dashboards & Continuous Monitoring


Start Left® Security's ASPM Platform stands out from AppSec Testing aggregators even more by using big data analytics in its technology, which uses behavior-based threat identification to find threats. The behavioral analytics engine processes and analyzes massive amounts of data via pre-built correlations and machine learning (ML) approaches. This enables the automated discovery of patterns across tools and time, retrospective and real-time, identifying risks and threats that typically go unnoticed by vulnerability scanners to proactively give actionable insights.


"We are excited to partner with Start Left® Security and support their mission of delivering proactive security solutions to cloud-native organizations," said Lucas Nelson, Partner at Lytical Ventures. “With ASPM and CSPM correlation, an organization can finally facilitate the true spirit of DevSecOps. We believe that Start Left™ Security has the potential to become a significant player in the cybersecurity space, and we look forward to supporting their growth and innovation."


Start Left® Security’s ASPM Platform is in GA (General Availability) now and is available through all channels: Direct Sales, Distributors, Resellers and MSSPs (Managed Security Service Providers) globally.


About Start Left® Security

Start Left® Security is a pioneering cybersecurity company that revolutionizes the software development landscape. By emphasizing the importance of building software securely from the start, Start Left® empowers organizations to proactively address security challenges and embed best practices throughout the development process. With an innovative and patented platform, Start Left® helps businesses mitigate risks and build software that is robust, resilient, and secure. For more information, visit www.startleftsecurity.com.


About Gula Tech Adventures
Founded by cybersecurity entrepreneurs Ron and Cyndi Gula, Gula Tech Adventures invests in companies and nonprofits that help close the gap in needed technology and workforce to defend the country in cyberspace. They work directly with cybersecurity startups, investment funds and nonprofit organizations. Since 2017, the Gula's have made more than 40 investments in cybersecurity startups like Automox, Cybrary, Huntress and Scythe, cybersecurity funds including Inner Loop Capital, DataTribe and Forgepoint Capital, and also supported cybersecurity nonprofits like Defending Digital Campaigns and voting.works.


For media inquiries, please contact media@startleftsecurity.com.


EIN Newswire: Start Left® Security Revolutionizes Software Delivery and Risk Management: Oversubscribes Seed Round to Drive Transparency and Secure Product Development from the Start

SHARE!

More Resources

March 26, 2025
Application Security Posture Management (ASPM) and Developer Security Posture Management (DevSPM) tools promise visibility, prioritization, and increased security coverage—compelling offerings for any security-conscious organization. However, there's a critical gap that technical evaluations led solely by AppSec engineers often overlook.
March 22, 2025
From Reactive to Engineering Excellence In our original " Toyota Moment " post, we exposed the fundamental flaw in how cybersecurity has evolved: we’ve treated it like post-production inspection, not like quality engineering. This follow-up digs deeper into how we got here, why the industry's stuck in a loop, and what the shift to Execution Intelligence really means. The security industry, much like early manufacturing, was built on reactivity—not design. But just as Toyota revolutionized manufacturing with Lean systems and embedded quality, software security is ready for its own transformation. 🔁 Here’s how it’s played out over the last 25 years: REACTIVE (2000-2015) — Piling on tools, alerts, and policies ⬇ WARRANTY (2015-2025) — CSPM + GRC retrofits risk after code ships; shift-left emerges ⬇ PROACTIVE (2022-2026) — ASPM solves what CSPM misses (but only tracks and doesn't fix the overarching problems with the security "system") ⬇ EXCELLENCE (2025-FUTURE) — Start Left as a methodology connects risk to developer behavior and builds security into execution itself
March 19, 2025
Traditional Application Security Posture Management (ASPM) vendors are getting it wrong because they’re focused on the wrong unit of measure.
March 13, 2025
The Industry is Stuck in a Broken Model For decades, cybersecurity has been a bolt-on process—chasing vulnerabilities, enforcing controls, and tracking risks instead of fixing the way software is built. The result? More tools, more alerts, more friction—but no real improvement in execution. Engineering continues to move forward, shipping faster than ever, but security remains reactive, layered on at the end of the development lifecycle, slowing teams down.
January 17, 2025
Security teams often rely on CSPM (Cloud Security Posture Management) and Runtime Protection to safeguard cloud environments and applications after deployment. However, these solutions fail to address the root cause of vulnerabilities—unsecure development practices.
January 10, 2025
The Shift from Developer-Led to Developer-Championed Security
January 3, 2025
The cybersecurity industry loves yet another good buzzword. Right now, CNAPP (Cloud-Native Application Protection Platform) is the term being marketed as the ultimate convergence of ASPM (Application Security Posture Management) and CSPM (Cloud Security Posture Management). But here’s the reality: CNAPP isn’t truly a best-of-breed convergence—it’s an acquisition-fueled patchwork of separate tools stitched together.
December 13, 2024
Discover the hidden costs of ignoring Security by Design. Learn why embedding security into your software development process is essential to avoid compliance risks, customer trust issues, and operational inefficiencies. Explore best practices to safeguard your growth and future-proof your business.
November 21, 2024
While CSPM & ASPM platforms stitched together in an acquisition claim to offer an integrated approach to security by aggregating data across the full lifecycle of software development, they often fall short of delivering true integration. Instead of fostering a cohesive, product-centric DevOps model, these platforms inadvertently create silos within their own systems. The root of the problem lies in the way these platforms are designed—they focus on providing lifecycle scan aggregation without addressing the need for a people-focused, product-centric implementation that truly facilitates DevSecOps.
Show more
Share by: