PullRequest, a five-year-old startup spun off from Y Combinator in 2017, helps software developers by providing an external code review team. This not only helps find bugs in the code that might have been missed, but also identifies security vulnerabilities before the software goes into production.
Maybe that’s why HackerOnea bug bounty company, acquired PullRequest today.
If you look at what HackerOne has done traditionally, they hire security professionals to find bugs in programs that could have a big impact if left undetected. PullRequest extends this capability by having a pool of skilled code reviewers on call, who can catch a bug before it even goes into production.
HackerOne CTO Alex Rice sees a shift towards developers when it comes to security, and the acquisition of PullRequest gives him and his customers direct access to the development part of the cycle.
“A trend we’ve seen with a lot of our customers is this real shift towards developers taking on a lot more responsibility for security than they have in the past, which is a trend that I really excites. I fundamentally believe that developer-centric security practices are the future of building reliable technology,” Rice told me.
He said the vast majority of bugs HackerOne finds have occurred after the software is already in production, and while developers want to create more secure software, it’s not always easy to get the bodies for it. To do. This is where PulRequest could help you.
“We have this intention for developers to start taking on more security responsibilities, but this gap between what they’d like to find and what they’re able to find, so the role of PullRequests here is to bring security expertise in developers’ workflow where they need it most,” he said.
Rice says he didn’t originally know PullRequest was looking into security vulnerabilities as part of the service when he approached PullRequest founder and CEO Lyal Avery about a possible partnership in September this year. last before realizing they were actually competing. But soon after, the two companies started a discussion that resulted in the acquisition.
PullRequest launched in 2017 and raised nearly $13 million, according to data from Crunchbase. The last raise was an $8 million Series A in 2018. Avery says he has a network of 10,000 approved reviewers, of which about 1,000 are active. All 12 employees switched to HackerOne.
The deal was closed last week. Neither company discloses the purchase price.