News & Events

January 23, 2017

Lexumo CEO on IoT, Startups & Government’s Role in Cybersecurity

Dan McCall thinks the timing is right for Lexumo, a Boston-area startup aiming to help secure the world’s rapidly growing collection of Internet-connected devices and embedded systems. And Lexumo’s leaders think McCall is the right person to take the two-year-old company to the next level.

Xconomy logo -- 65H

October 18, 2016

Lexumo Says It's Known about SSHowDowN, Customers Protected

As the IoT reels from real-world vulnerabilities like Mirai, some security companies are coming out to tell customers that they were watching, and have solutions. Lexumo, developer of an automated service for continuously monitoring IoT code for critical open source vulnerabilities, has announced that its cloud-based platform has been constantly protecting customers from the SSHowDowN vulnerability for quite some time.


September 27, 2016

MIT Accelerator Launches With Five Boston-Area Startups

There’s a new startup accelerator program at MIT. Rather than preparing founders to raise money and develop the right products, the program is focused on helping startups form partnerships with industry. That can mean anything from finding early customers or improving distribution, to forming strategic partnerships or even getting acquired. The goal is to “further the global impact of MIT’s innovation” across "a wide spread of the most important technologies.”

Xconomy logo -- 65H

September 26, 2016

MIT Video Interview with Lexumo's Founder/CTO

Brad Gaynor describes how Lexumo's founders developed its cloud-based analytics platform while Brad was managing DARPA-funded cybersecurity projects at Draper Labs. He explains how Lexumo's "Big Code" architecture — using NoSQL databases, graph analytics, and indexed search — "allows us to do things at scale that have never even been tried before.”


September 26, 2016

With "Big Code" Analysis, Lexumo Helps IoT Manufacturers Continuously Monitor for Vulnerabilities

Open source code—created and maintained by volunteer programmers—is particularly essential in embedded devices. Smart TVs, industrial control, building automation, and factory automation systems, all run on open source. Increasingly these devices also live on networks, where open source is open game for cyberattackers.


September 21, 2016

Using Graph Analytics and Machine Learning to Continuously Monitor Embedded Code for Critical Vulnerabilities

Technical Article
Recent advances in graph analytics and machine learning, developed for DARPA and powered by cloud-scale infrastructures, now make it possible to precisely identify all public open source vulnerabilities affecting your code at a very granular level—including exactly which functions are vulnerable and why—even if you customize the open source code.

Embedded Computing Design logo -- small

August 3, 2016

5 Minutes with Lexumo

Audio interview
Rich Nass of "Embedded Computing Design" interviews Lexumo founder Brad Gaynor to learn how Lexumo continuously monitors your embedded code for critical open source vulnerabilities such as Heartbleed. Learn how Lexumo's cloud-based service uses graph analytics and machine learning developed for DARPA to eliminate the false positives and negatives of legacy approaches.

Embedded Computing Design logo -- small

April 20, 2016

Boston Cybersecurity Map Shows Deep, Diverse Local Sector

It’s no secret that the Boston area is home to a formidable group of cybersecurity companies. These include security arms of big companies, like EMC-owned RSA Security, IBM Security, and Lockheed Martin Industrial Defender, as well as smaller companies such as Rapid7, Carbon Black (formerly Bit9), Digital Guardian, Veracode, CyberArk, Cybereason, Recorded Future and Threat Stack. And a bevy of startups like Lexumo are just getting started.

Xconomy logo -- 65H

April 12, 2016

Lexumo Named as "Internet of Things (IoT) Company to Watch"

"We started digging into the industrial or enterprise IoT space and what became very clear was that there were a number of enterprises that needed answers today to known problems that traditional frameworks weren’t quite solving,” says Ed Ruth, a director at Verizon Ventures, explaining his outfit's interest in enterprise IoT. Lexumo offers a cloud-based service that uses DARPA-funded indexed search to continuously monitor open source code for vulnerabilities, including in embedded code.

NetworkWorld Logo

February 29, 2016

Lexumo Recognized as "Machine Learning Start-Up to Watch"

Machine learning is still in its infancy, but there are a number of startups who are on the verge of bringing machine learning to the next level. One of these start-ups is Lexumo, which is developing the “world’s first automated cloud-based service” that combines big data analytics, machine learning and software analysis to find vulnerabilities in software built with open source components.

Bostinno Logo 75x75

February 1, 2016

Lexumo Lands $4.89M Round To Ensure Code Security for Open Source

Lexumo, a cloud service that continuously checks open source code to be sure it has the latest security updates, announced a solid $4.89 million round today. What has Lexumo created to warrant that kind of financial attention? It indexed all of the open source code in the world and created a cloud security service aimed at helping companies using open source code inside embedded systems or enterprise software.

TechCrunch Logo 60H

February 1, 2016

Draper Spinout Lexumo Looks to Secure IoT

Security experts say the spread of Internet-connected devices exposes major vulnerabilities that can be exploited by hackers. One of the more serious efforts to combat these threats is called Lexumo. As Lexumo co-founder and CEO Brad Gaynor explains: “The companies that make embedded devices tend to use a lot of open-source software to bring their products to market quickly, then move on to the next development once a product ships. The problem is that open-source software tends to develop security flaws over time."

Xconomy logo -- 65H

February 10, 2017

Lexumo CEO Daniel McCall to Present at the America’s Growth Capital 2017 Information Security and Broader Technology Growth Conference

Lexumo announced that CEO Dan McCall will present at the America’s Growth Capital (AGC) 2017 Information Security and Broader Technology Growth Conference at 4:00pm Monday, February 13 at The Park Central in San Francisco.
January 31, 2017

Lexumo Names Rich Stoller as VP Operations

Lexumo announced the appointment of Rich Stoller as Vice President of Operations. Mr. Stoller is an expert in finance, business development, and sales operations with extensive experience with early-stage, venture backed companies. He will be joining Steve Roge to drive Lexumo’s go to market effort.
January 31, 2017

Lexumo Names Steve Roge as Chief Revenue Officer

Lexumo announced Steve Roge as Lexumo’s Chief Revenue Officer and Vice President of Customer Success. Mr. Roge brings 20 years of sales expertise and success in the information security industry including seven years at application security leader Veracode.
January 18, 2017

Lexumo Names Daniel McCall as Chief Executive Officer

Lexumo announces the appointment of Daniel McCall as Lexumo’s Chief Executive Officer. Mr. McCall is a high-technology veteran with over 30 years of experience and co-founder of multiple successful companies including Guardent (acquired by Verisign in 2004) and Virtual Computer (acquired by Citrix in 2012) where he served as President and CEO.
October 14, 2016

Lexumo Analytics Platform Alerts Customers to Vulnerability Discovered by Akamai in 2 Million IoT Devices

Lexumo announced that its cloud-based platform has been constantly protecting customers from the SSHowDowN vulnerability (CVE-2004-1653) – well prior to Akamai's recent announcement. Akamai reports that hackers are now exploiting the 12-year old OpenSSH vulnerability to mount mass-scale attacks from millions of compromised IoT devices, including routers, cable modems, satellite TV equipment, and IP-connected cameras, DVRs and NAS devices.
October 12, 2016

Lexumo CTO/Founder Chosen to Speak at IoT Security Summit

Brad will be speaking about the financial impact and brand damage that result from cyberattackers and security researchers exploiting vulnerabilities in consumer and industrial IoT devices. He'll also discuss the ROI of identifying and remediating vulnerabilities earlier in the development cycle. The impact of shipping insecure IoT devices was vividly illustrated recently when cyberattackers exploited vulnerabilities in 1.5 million IoT devices to generate the world's most powerful Distributed Denial of Service (DDoS) attack to date.
September 27, 2016

Lexumo Selected for MIT “Industry-Ready” Accelerator Program

Lexumo has been selected as one of five companies for the MIT STEX25 Industry-Ready Startup accelerator program. STEX25 is focused on fostering collaboration between MIT-connected startups and its Industrial Liaison Program (ILP) member companies, which include over 200 of the world's leading consumer and industrial IoT brands such as Airbus, Apple, BMW, EMC, Philips, Qualcomm, Samsung, and Siemens.
February 1, 2016

Lexumo Funded to Secure IoT and Embedded Devices, Critical Infrastructure, and Enterprise Applications from Widespread Open Source Vulnerabilities

Lexumo, developer of the world’s first automated cloud-based service for continuously monitoring software for vulnerable open source components, has closed $4.89M in funding from Accomplice, .406 Ventures, and Draper.

RSA Conference 2017

North Hall (Booth #3134)

February 14-16, 2017

Join Lexumo for the annual RSA Conference in San Francisco. This year's conference features dedicated tracks on Mobile & IoT Security, as well as on Application Security & DevOps. Meet Lexumo's founders and see the latest enhancements to Lexumo's code security platform and "Big Code" analytics.


Embedded Security Webinar

Ingredients for Baked-In IoT Security, From Edge to Cloud

September 26, 2016 at 2pm ET

We’ve all seen the headlines: IoT security can’t be an afterthought. Trusted platform modules and execution environments, hypervisors and isolation, and encryption and authentication all play a role in building comprehensive security into an IoT system. Tune in as this assemblage of technology veterans illustrates best practices for baking security into the layer cake of IoT, enabling systems that are protected from edge node to data center.

Embedded Computing Design logo -- small

IoT Security Summit

Boston, MA (Booth #202)

October 18-19, 2016

Meet with Lexumo's technical experts to discuss code security for embedded software. This year's theme is "Establishing Trust and Security to Unlock the Full Potential of IoT." Brad Gaynor, Lexumo Co-Founder/CTO, will be speaking on a panel with GE's former CTO on "Balancing Security and Technology Spending in the Industrial IoT." The conference also features companies such as Philips, Schneider Electric, GE Healthcare, iRobot, Eaton, Verizon, Comcast, OWASP, Infineon, IBM, US DHS, AT&T, and Visa.

IoT Security Summit Logo