Brilliant business ideas are driven by brilliant entrepreneurs. Enter Feroot’s own Ivan Tsarynny, CEO and Vitaly Lim, CTO, whose vision to improve client-side or “front-end” security for businesses around the globe resulted in the closing of $11 million in seed funding led by True Ventures. Feroot will use the funds to meet growing demand for client-side security solutions by accelerating product development and go-to-market initiatives.

With constant pressure on web application and software development teams to churn out code for new website tools/features, it makes sense to leverage code depositories and JavaScript libraries to expedite the development process. In fact, code depositories, like GitHub, are so important to the web development process, that the vast majority of organizational websites use them. But code depositories and libraries—whether their internal or external—can hide a danger known as shadow code.

In today’s world, businesses, economies, and lives are connected by a complex spider web of code and software applications. This code and these applications drive e-commerce, financial transactions, and data input. They impact our ability to quickly transfer money from one account to another, to fill out an online mortgage application, and to order supplies from a vendor. The code that drives these systems is complicated. If something can go wrong, it will.

What happens when the software, scripts and code snippets that your business uses on your website and network have been compromised at the source? The compromise could be unintentional—perhaps the coders simply made a mistake. Or the compromise could be intentional—maybe hackers wrote a malicious script and promoted it as legitimate on a third-party library source to encourage users to download and install.

CAPTCHA and reCAPTCHA are an ever-present component on any website that requires user interaction. But the risks of embedding CAPTCHA/reCAPTCHA plugins on a website can outweigh the benefits. Flawed code can increase the threat of client-side attacks. Who hasn’t encountered a CAPTCHA?

In my decade working in the cybersecurity industry, I’ve developed quite a few fond memories learning from talented security professionals. In 2015, I found myself working with Andy Pendergast at ThreatConnect. (As a little background, Andy is one of the fine folks who developed the Diamond Model for Intrusion Analysis. He is considered to be a veritable cybersecurity encyclopedia among his peers.) At the time, I was new to cyber threat intelligence (CTI).