Cybersecurity startup CodeHunter launches malware hunting SaaS platform

Starting this week, there’s a new (sort of) face in the Tysons, Virginia cybersecurity game: startup CodeHunter officially launched Tuesday.

CodeHunter, formerly Affirm Logic Corporation, is a spinoff of R&K Cyber Solutions that operates a malware hunting software-as-a-service (SaaS) platform.

CEO Larry Roshfeld held management positions at IBM, Sonatype and Lumeon before coming to CodeHunter in 2018 (the company was founded four years ago under the name Affirm Logic Corporation, but has been operating in stealth mode under the CodeHunter name for about six months).

The company, he said, was built on academic work from a decade ago regarding how to thoroughly test a piece of software. Simultaneously, the US Department of Energy was trying to figure out how to prevent attacks on government systems.

After a few years of work and development, it eventually led to the creation of CodeHunter. Roshfeld has been building out the company over the last year, adding to the team and bringing in funding (in 2020, it scored a $25 million funding round from private investors under the old name). Its system, he said, analyzes a piece of software without needing the source code, and checks it for anything intended to confuse the reader. From there, he said, it strips the code of anything that’s not integral to the operation and sorts it by behavior patterns to look for anything unusual and locate specific pieces of problematic code.

The result, Roshfeld told Technical.ly, is a cybersecurity platform that can detect indications of problems instead of known, specific issues, and do so with very large amounts of files all at once.

Larry Roshfeld (Courtesy photo)

“The real radical difference for us right now, the thing we’re doing that no one else in the world can do, is not just automate the process of investigating software to see if it’s dangerous, but do it at scale,” Roshfeld said. “Which means we can look at thousands and thousands of files or potentially millions of files.”

Following the search, according to Roshfeld, the CodeHunter system can automatically generate a report on a piece of malware in four minutes.

Heading into the new year, CodeHunter will push on in the beta program for its technology while moving towards growth. Roshfeld said that the under 50-person company (he declined to give a specific number) will increase by about 50% by the end of next year. It’ll also be focused on scanning backup files and networks, looking at S3 buckets, a storage option, and a focus on enterprise and integration efforts with existing cybersecurity technologies.

All in all, though, Roshfeld thinks now is a pivotal time for innovation in cyber, especially considering the potential extent of risks that many companies and government entities face daily.

“There really hasn’t been much of the way of radical innovation in the cybersecurity market for a number of years, and the reason we think it’s so important is because the threats have changed now,” Roshfeld said. “It’s no longer Johnny sitting in the basement trying to show his friends that he’s really cool because he can hack into this oil company or into that bank. It’s a nation-state trying to take down the economy.”