Lexumo enables developers to securely adopt the best open source available — so they can ship great products faster.
WHO ARE WE
Based in Burlington, Massachusetts, Lexumo was formed by a team of computer and data scientists who developed the company's core technology for DARPA.
We are privately held and funded by leading cyber-security investors .406 Ventures and Accomplice. Lexumo has been recognized as an IoT Company to Watch and a Machine Learning Startup to Watch.
Our code security platform is being used by leading Global 2000 brands including global service providers and both consumer and industrial IoT manufacturers.
Lines of code in Linux foundation projects.
Open source vulnerabilities publicly disclosed every year.
Of successful exploit traffic is attributed to the top 10 CVEs.
What problems do we solve
Most of the world's embedded software incorporates reusable open source components such as OpenSSL.
Unlike commercial products such as Microsoft Windows and Apple iOS, open source components are managed by an informal, decentralized community. There are no standard patching mechanisms and no single information source for tracking new public vulnerabilities such as Heartbleed.
Over 8,000 open source vulnerabilities are publicly-disclosed every year. Lexumo saves time and reduces risk by helping developers quickly eliminate open source vulnerabilities in their code, while also ensuring they're in compliance with licensing requirements.
How are we different
Lexumo offers the first automated service that continuously monitors your embedded code for public open source vulnerabilities such as Heartbleed.
Built on a massively-scalable cloud stack, the service uses patent-pending graph analytics and machine learning technology to precisely identify vulnerable code.
This radical new architecture eliminates the false positives and negatives of previous approaches — enabling development teams to ship and maintain secure code, faster.
Three trends driving development of Lexumo's innovative cloud-based service
OPEN SOURCE SOFTWARE IS EATING THE WORLDAll software is now primarily composed of open source. In fact, open source is now used for mission-critical IT by 95% of all mainstream IT organizations.
CYBERATTACKERS AIM FOR THE EASIEST TARGETSCyberattackers look for the path of least resistance. According to Verizon, more than 50% of public vulnerabilities are exploited within 4 weeks of being published.
CLOUD-SCALE ANALYTICS ENABLE RADICAL NEW APPROACHESAdvances in machine learning and analytics — built on massively-scalable cloud stacks — provide new opportunities to address the complexity of our software-driven world.
“Community Health Systems was breached via the Heartbleed OpenSSL vulnerability in a network device, resulting in the theft of 4.5 million sensitive records.”