It’s time to get serious about code security.

A security researcher recently reported he could crack the software running a Boeing’s 787 through VPN credentials and code found on a public software repository. Just through some “clever Google queries,” he was able to deconstruct the plane’s networking system through the code.

Frightening yes. But hardly the only example.

An engineer at NSO Group downloaded the source code to Pegasus, a tool used by governments and law enforcement to access anyone’s personal phone, and attempted to sell it on the dark web for $50million. One developer, one source code repository. Little to no control of that code.

In a digital economy, is there any more valuable asset than code? Increasingly, more critical information is found in source code, especially in machine learning models and AI, making code even more irreplaceable.

Yet incredibly, if you ask a CIO, CTO or CISO simple questions such as

• Where is their code?
• Who has access to it?
• Where did it come from?

they can’t tell you. They can quickly report how many printers they have and who prints at what location, but code has little visibility, access controls or monitoring. It’s like putting a world class alarm system around your shed and leaving your mansion’s doors wide open.

Just recently we saw issues from code all over the news, from the Iowa caucus to malware in Bitbucket.

Starbucks, Amazon, Uber, Capital One and many more have had high profile breaches all stemming from GitHub.

Software drives everything from elections to nuclear submarines, but we don’t know where code is, where it came from, what secrets live in it and who has access to it. And it can be shared publicly with one click.

This puts us all at risk.

That’s why we founded BluBracket, the industry’s first comprehensive security solution for code. Our mission is simple. The world runs on software. We make it safe.

Even though we’ve been in stealth, we’ve built BluBracket with the help of Fortune 500 CISOs and technology executives. The prestigious RSA Innovation Sandbox Contest has already recognized us as a top ten finalist. We’ve raised a $6.5m seed round from some of the savviest investors around.

Code complexity, collaboration and speed aren’t going away. We must deliver security at the speed of code. It has to be cloud-native and honor developers’ choice of tools. It has to understand and respect open source. And it has to work within the number one source control system on the planet: Git.

Code security is a hard problem to solve. But given our background in securing petabytes of data for the Fortune 1000, we believe we have the technology, team and experience to meet the challenge. Join us on our journey to secure the most prized asset in a digital economy.