Japan’s Flatt Security nabs $1.8M to help developers fix security issues in codes

The Flatt Security team
Image credit: Flatt Security

Tokyo-based cybersecurity startup Flatt Security announced on Monday that it has secured about 200 million yen (about $1.8 million US) in equity and loans from B Dash Ventures, FinTech Global, and an unnamed business company. For the startup, this follows their $2 million funding back in July of 2019. The latest round brought their total sum of funding up to date to 450 million yen (about $4 million).

Under its previous name of Flatt, the company was founded in May of 2017 with most of its members from millennials attending the University of Tokyo. Initially, they had been developing a live commerce app called PinQul but subsequently pivoted to the cybersecurity business and rebranded themselves in 2019.

Flatt Security currently provides vulnerability assessment service as well as a secure coding learning platform for web engineers called Kenro. The company is launching a new product called Shisho for the global market, aiming to eliminate the gap between product development and cybersecurity measure within a team.

In the app development, we see sometimes a trade-off between security and usability, and also that between ensuring safety and enriching functionality. The company’s solutions are designed to bridge the gap between app development engineers and security management engineers, who are often completely separated in doing their jobs each other.

Image credit: Flatt Security

In addition to general cloud configuration and app diagnostics, Flatt Security offers diagnostics specific to the users of Firebase, one of popular no-code backend environment tools. When Japanese accounting company Freee acquired bookkeeping app Taxnote in June, Flatt Security’s diagnostics were adopted for evaluation upon acquisition and throughout subsequent operations.

The company has been focused on consulting and a learning platform but is aiming to expand its business with greater scalability by launching a security product for developers around the world.

In Bridge’s interview with Flatt Security’s Chief Creative Officer Keijiro Toyoda, he says,

Shisho’s goal is to create security tools that are easy for developers to use. Previous tools did not support modern technology stacks and did not support the latest diagnostic methods. […]

We would like to eliminate the gap between operating companies and security vendors which we have seen in the system development. First of all, we will closely work with ecosystems of developers, and eventually create a system that can suggest code fixes with just a single click.

Flatt Security hopes to expand Shisho’s global reach by penetrating the developer community. In order to achieve this, the company has released the vulnerability detection and correction engine, which is the technical core of Shisho, as open source software, and also released the SaaS-based beta version of the product earlier this month. They plan to use the revenue from existing businesses and the funds from the latest round to accelerate the launch of the new product.