A better title for this is that Socker gets $4.6M to develop their scanner.
The article is also a bit misleading - “The entire security industry is obsessed with scanning for known vulnerabilities” - is not valid for at least 20 years. Long I worked with team who developed Vba32 anti-virus, and this scanner did much harder job of detecting suspicious program behavior from binaries. The heuristic module was not scanning for known vulnerabilities - it was doing exactly what Socket is doing over the plain open sources.
Sure, it is a newsy title. I shared it because it’s interesting to see millions thrown into open source security companies. Seems timely, to me.
The article is also a bit misleading - “The entire security industry is obsessed with scanning for known vulnerabilities” - is not valid for at least 20 years
This seems accurate to me given some of the conversations I’ve had with larger organizations and institutions over the last few years.