Prequel is building a community-driven approach to finding software bugs

Cybersecurity practitioners take a community-driven approach to solving problems. Security researchers share the vulnerabilities they find with the broader cybersecurity community, which allows companies to patch up their security holes before something catastrophic happens.

Prequel is looking to bring that same approach to software.

The startup is building a database of software failure patterns or misconfigurations in Linux workloads. The database is updated by a growing community of engineers and developers who exchange information about reliability. Prequel’s software then sits in a company’s existing software stack and consistently checks for bugs and failures by pulling from this database.

The company’s co-founders, Tony Meehan and Lyndon Brown (pictured above left to right), both have backgrounds in security; both worked at the National Security Agency and at cyber operations platform company Endgame.

Brown told TechCrunch that when software fails, engineers have to pour over endless data logs to try to spot the issue before they can start to mitigate it. For some software issues, only a few people at the company know enough about the programs to even be able to help.

“We’ve lived it where I’ve had to call a former employee in a past life and say, ‘Hey, I know you left the company, but no one is really understanding how this particular service works. Can you help us out?’” Brown said. “We’ve had customers tell us stories about driving to people’s houses in the middle of the night and knocking on the wrong door to kind of get help.”

Brown and Meehan wondered why there wasn’t the same kind of system for software bugs as there was for sharing knowledge on security vulnerabilities. When they noticed no one was making progress in this area, they decided to give it a go.

“If people have seen this problem before, you could actually bring to bear to your problem,” Meehan said. “That was like an anchoring point for us. How do we build a product much like what we did in security 15 years ago that would unlock this community of people that have seen known failure and open source software?”

Prequel was launched in 2023 and has been operating in stealth thus far. The company says it already has its tech deployed in a handful of Fortune 500 companies and has built its community network up to around 500 people.

Now the company is coming out of stealth and announcing a $3.3 million seed round led by Work-Bench with participation from Runtime Ventures, Operator Partners and a slew of angel investors that understand this problem, including Shay Banon, the CTO of Elastic, and Jon Oberheide, the former founder and CTO of Duo Security, among others. The capital will be put toward product development and expanding the detection library.

Prequel’s biggest competition are data observability and monitoring products, Brown said, which also monitor software for potential failures and bugs. Companies in this space include Datadog and Splunk.

But Brown argues that observability platforms are only as good as the engineering talent you put in front of them. Moreover, any of these platforms only help companies tackle their catastrophic failures after they happen, whereas Prequel’s approach enables people to start tackling problems earlier, before they get to the level where only a select few people know how to solve them. He added that unlike some of these companies, they don’t charge their customers for data transfers either, since all their data stays with customers — they only charge a subscription for the service itself.

The team welcomes competition though, Meehan said, as he thinks that more players focused on this space, could be a tide that lifts all boats.

“Failure is constant in modern applications, and teams are really only able to get to the failures that are like catastrophic or the failures that are having like customer impact,” Brown said. “What we’re really excited about is enabling teams to really get a better handle on the mass of problems that exist and being able to make prioritization decisions.”