We are excited to announce our recent investment in Hdiv, a cybersecurity startup from San Sebastián, Spain.
The company provides a suite of application security products that protect and detect threats to web applications and APIs. We are delighted to welcome CEO Roberto Velasco and the rest of the Hdiv team to the Adara stable and look forward to the journey ahead.
The number of web applications has grown rapidly in recent years, due to a combination of advances in mobile phone penetration, computing power and cloud infrastructure. At the same time, a shortage of cybersecurity professionals has given rise to developers relying on third-party solutions as they seek to secure web applications and APIs.
As the number of applications increases, so do the threats from cybercriminals to both users and businesses. In its Application Security Statistics Report, Whitehat estimated that 30% of total breaches reported in 2017 related to web applications, the highest percentage ever.
Many developers view security as an afterthought to the design and build phase.
Moreover, once a web application has been launched, it is protected via a set of firewalls, which are external to the application, looking inwards and monitoring activity. Firewalls are a double-edged sword. On the one hand, they block malicious traffic from entering into the application, but on the other, they block non-malicious traffic too, generating false alerts to the security team and more importantly blocking non-malicious users. These false alerts are time consuming to investigate and a major pain point of any dev team looking to release product at speed.
Hdiv provides a contrarian approach to the status quo, offering a suite of developer tools that can be integrated into the application at the design and build phase, monitoring it from the inside out, and alerting developers to potential vulnerabilities as they are building the product.
At Adara, we find developer tools particularly compelling as developers are product owners and decision makers with tight schedules, making them responsible for and frustrated by product delays. In a recent Developer Survey, it was estimated that a developer spends on average 17 hours/week fixing on maintenance and bad code, resulting in $300bn of lost productivity per annum. These are two significant drivers of value for developers. We believe Hdiv can embed itself within enterprises’ software stacks for the long term.
With virtually zero marketing spend, the community version of Hdiv’s flagship RASP product has been downloaded 500 times a month on average, and is trusted by a community of over 10,000 developers. Moreover, a significant percentage of these downloads are from Fortune500 companies, including four out of the top ten US Banks.
As an aside, Hdiv becomes Adara’s 13th and last investment from our second fund, being a seed stage investment in the burgeoning area of Cybersecurity. It is interesting to note that Adara’s 13th investment from our first fund was AlienVault—a seed stage investment in the burgeoning area of cybersecurity.
No pressure, Hdiv.