Software Composition Analysis Startups: Investors Are Looking For These Three Qualities


Microsoft made headlines with its purchase of open-source sweetheart GitHub for $7.5 billion back in June, declaring to all that it views open-source components as the key to the future of enterprise development. (Full disclosure: M12 is one of our investors.)

But beyond the Microsoft and IBM-Red Hat deals, there has been a flurry of investments in the open-source technology ecosystem, leading many to take a second look at the industry that is helping companies use open-source components more securely and efficiently. Technologies for managing open-source usage are now valued at an estimated $14 billion, with analysts expecting to see it leap to more than $32 billion during 2022.

One of the sectors that has seen the most growth in terms of investment over the past year is software composition analysis (SCA), the technology that identifies, tracks and alerts on open-source vulnerabilities and licenses.

In the past year alone, we saw Black Duck sold to Synopsis for a reported $565 million, giving us a glimpse of the potential value of this sector. At the same time, other companies are receiving continued investment. My company picked up a $35 million Series C, while Sonatype and Snyk received $80 million and $22 million in their respective rounds. These are all signs of a sector that is ready to make the shift from a niche product to mainstream must-have for all companies writing code.

Given these impressive injections of capital into the software composition analysis market, some young entrepreneurs may see an opportunity to break into SCA with their own solutions. However, with all the competition from established players, these newcomers need to bring to market a product that answers the needs of customers if they hope to receive investment.

These are a number of essential elements of a viable SCA product that can give your company an improved chance at picking up investment