HeroDevs, a notable entity in the realm of security and compliance solutions for deprecated open-source software (OSS), has embarked on a significant journey with a strategic investment infusion of $125 million led by PSG. This investment is complemented by participation from Album, an existing supporter of the company. This financial bolstering marks a pivotal moment for HeroDevs as it seeks to reinforce its mission to provide secure solutions for outdated OSS components. These components are increasingly integrated into enterprise software systems, especially with the advancement and adoption of artificial intelligence. Existing reports by Black Duck and Qualys have underscored the potential security threats posed by unsupported OSS. To counter these risks, HeroDevs has introduced its Never-Ending Support (NES) solutions, which allow enterprises to enhance security without undergoing complete system overhauls, thereby maintaining the sustainable operation of legacy systems.
The Significance of the Open Source Sustainability Fund
Part of HeroDevs’ strategy for utilizing the substantial investment is the launch of the HeroDevs Open Source Sustainability Fund, which has earmarked $20 million specifically to bolster open-source creators, maintainers, and initiatives dedicated to optimal practices in managing end-of-life software. This fund represents a significant move towards increasing the sustainability of OSS, capitalizing on HeroDevs’ history of supporting such projects with $4 million already contributed. Notably, as of last year, $2 million was funneled into supporting OSS efforts. The grant offerings from this fund vary substantially, from $2,500 to as much as $250,000. Applicants for these grants must demonstrate a well-established engagement within their communities and a stringent adherence to security protocols. The focus on community engagement and security is pivotal in ensuring that the supported projects align with best practices, thus enhancing the overall health of the open-source ecosystem.
Additionally, HeroDevs’ Co-Founder and CEO, Aaron Frost, has highlighted the critical nature of this investment not only in securing enterprise operations but also in driving forward innovation within the open-source security landscape. The heightened demand for solutions that ensure security and compliance reflects a growing recognition of the vital role OSS plays in various sectors. PSG’s Managing Director, Marco Ferrari, and Principal, Paul Russ, have both articulated the increasing need for robust frameworks and solutions that effectively mitigate vulnerabilities while nurturing OSS ecosystem health. This creates a dual benefit by supporting enterprises’ security needs and fostering an environment where OSS can thrive globally. The investment and its corresponding fund are crucial as they capture the essence of sustainable OSS innovation, relying heavily on empowering maintainers with the tools, resources, and financial backing to push forward despite challenges.
HeroDevs’ Impact on Industry Sectors
HeroDevs’ platform is currently empowering a wide array of enterprises, extending its reach across finance, healthcare, and government sectors, where the demand for securing the most vulnerable application areas is critical yet requires non-intrusive solutions. With its strategic advancements, HeroDevs aims to support over 800 enterprises, including a significant portion of the Fortune 100 companies. The company’s unique approach allows these organizations to bolster their application security without incurring disruptions to their ongoing operations. The transaction saw guidance from notable advisory teams, including D.A. Davidson and Ampleo for financial consultations, alongside legal expertise from Foley & Lardner LLP for HeroDevs and Weil, Gotshal & Manges LLP for PSG. HeroDevs continues to be a trailblazer in offering sustained, secure assistance for obsolete OSS frameworks such as AngularJS, .NET, and Spring.
This endeavor by HeroDevs is essential in allowing companies to effectively control their critical applications while proactively addressing vulnerabilities. By maintaining a commitment to secure deprecated OSS technologies, HeroDevs not only safeguards customer software but also imposes a standard by which the industry can measure success. PSG, established in 2014, has a history of successful collaborations with software and technology-enabled services firms. The steady partnership and strategic opportunities afforded by PSG have empowered companies to achieve global scaling and competitive footholds. This latest investment showcases a shared vision between HeroDevs and PSG, proposing a sustainable path forward in fortifying OSS security across industries, fostering not just immediate solutions but also long-standing advancements that promise to redefine security standards for years to come.
Future Directions for Open Source Security
HeroDevs has launched the HeroDevs Open Source Sustainability Fund with a $20 million commitment aimed at strengthening open-source creators and initiatives focusing on managing end-of-life software. This fund builds on HeroDevs’ track record, having already contributed $4 million to similar projects, including $2 million last year. Grant sizes range from $2,500 to $250,000, and applicants must demonstrate significant community involvement and adhere strictly to security protocols. These requirements ensure that supported projects follow best practices, benefiting the open-source ecosystem’s overall health.
Aaron Frost, HeroDevs’ Co-Founder and CEO, underscores the importance of this investment in safeguarding enterprise operations and promoting innovation in open-source security. The growing demand for secure and compliant solutions highlights the essential role OSS plays in various sectors. PSG’s Marco Ferrari and Paul Russ emphasize the need for solid frameworks that address vulnerabilities while supporting the ecosystem. This dual-purpose investment supports enterprise security and fosters a global environment where open-source software can flourish.
