Oligo Security Takes Aim at Open Source Vulnerabilities

The startups software helps organizations secure their containers in the cloud by teasing out which packages are running and which are vulnerable.

Oligo Security launched out of stealth on Wednesday with its runtime application security platform for detecting vulnerabilities in open source components. Oligo generates a dynamic bill of materials (BOM), identifies vulnerabilities in packages, and prioritizes fixes for vulnerabilities based on application context.
Some of the most damaging cyberattacks in the past couple of years originated in open source packages included within large, complex systems. For example, Log4Shell attacks
continued throughout most of 2022
because many organizations didnt even realize they were running a vulnerable version of Log4j. Oligo generates a dynamic BOM that shows all the components that are actually running, which helps prioritize which vulnerabilities to fix first.
Oligo profiles the legitimate behavior of each library and creates a knowledge base of libraries’ profiles. The platform fires alerts when the library activity deviates from the profile, as that would indicate suspicious activity.
Only 15% of CVEs scanned with traditional solutions are posing a real risk, and the other 85% are irrelevant, resulting in lots of false positives and noise, wrote Avshalom Hilu, co-founder and chief product officer of Oligo, in a technical
blog post
. Reducing false positives and targeting mitigation more tightly can help security staff close the most dangerous flaws first and
reduce alert fatigue
.
The company bases its product on
extended Berkeley Packet Filter (eBPF)
, which allows programs to run in a sandbox within the Linux operating system kernel. This means developers can extend the operating system to improve visibility, networking, security, and other capabilities to make using containers in the cloud more secure.
With the dominance of cloud computing and expanding use of containerization tools like Kubernetes, eBPF is seeing traction. The overall container security market is expected to rise from $714 million in 2020 to
$3.6 billion
by 2026, and up to
$8.2 billion
by 2030. Besides Oligo, other eBPF startups in the cybersecurity space include
Araali Networks
, which offers an eBPF-based firewall;
Cilium
, an open source Kubernetes connectivity tool;
Falco
and
Aqua
, which make Kubernetes runtime security tools; and
Calico
, a cloud-native security company.
Oligo raised its $28 million funding from Lightspeed Venture Partners, Ballistic Ventures, and TLV Partners, along with several angel investors.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Oligo Security Takes Aim at Open Source Vulnerabilities