Our Investment in Stacklok: Helping Developers Safeguard the Software Supply Chain

The software landscape is evolving rapidly, with advancements in AI enabling developers to write and build code faster than ever before. More and more businesses are reliant on it to power their operations. With increased reliance, comes increased risk, and the software supply chain has become a target for security threats. Left unprotected we may see a situation where software has indeed transformed every industry, only to see sophisticated hostile actors devour the software industry.
Stacklok aims to combat this risk. The security solution was designed by Craig McLuckie (Hepito and Kubernetes co-founder) and Luke Hinds (Sigstore creator) specifically for the software supply chain, the epicenter of developer innovation. Stacklok’s tools will help improve risk awareness and overall security posture for developer teams by leveraging Sigstore, an open-source project that makes it easy for organizations to sign their software packages, and track the provenance of any piece of software.

Craig and Luke have a track record operating in complex open-source communities. Luke pioneered many innovative open-source projects at RedHat, notably Sigstore. We have known Craig for almost a decade, having worked with him during the early days of http://www.accel.com/news at Accel. What the Heptio team built in just a few short years was remarkable. Their open-source products were breathtaking and innovative, earning a massive list of enterprise customers. It was exhilarating to support Heptio until they were acquired by VMware. It was bittersweet, we loved working with the Hepito team.
But our journey together was far from over. Last fall, Craig joined Accel as Entrepreneur-In-Residence. We were thrilled when he quickly joined Luke and uncovered a new opportunity with Stacklok. We are excited to continue our journey with him, Luke, and the Stacklok team.
We are fortunate to have supported a range of exceptional security and developer-first teams – Atlassian, CrowdStrike, Snyk, Sysdig, Tenable, Vercel, and more. Stacklok’s commitment to safeguarding the software supply chain is a mission we at Accel believe in deeply, and as Stacklok becomes the leader in Developer Security Posture Management, we are eager to support them in helping developers worldwide to operate with safety and confidence.
– Ping Li