Skip to content Skip to sidebar Skip to footer

Puma Scan offers real-time security analysis for developers

A new company in West Des Moines allows developers to receive real-time feedback as they code.

Puma Scan is a Visual Studio extension that provides live, continuous software security analysis for C# applications. The Puma Scan expansion immediately displays vulnerabilities and compiler warnings within the code editor.

“It works kind of like a spell checker as you type your code,” said Eric Mead, Principal Security Engineer at Puma Scan. “It suggests ‘hey you’re doing this wrong’ or ‘you might be opening yourself up to a vulnerability by doing it this way.'”

Originally released as a free open source project, the company now also offers professional versions of the product intended to support larger projects.

“The community version is pretty lightweight. It has all the same rules and looks for the same vulnerabilities that our professional version does, but it doesn’t have the data flow tracking or customization of rules,” Mead said. “And the customization aspect is huge. The flexibility of someone being able to add their own rules takes the weight off our shoulders and works as self-serving customer service as well.”

The community version has been around for about two and a half years now and has been downloaded thousands of times. The professional version, which launched a little over a year ago, is still ramping up and now has around a dozen users, Mead told Clay & Milk.

“I assumed we’d be targeting more small companies because our product is kind of a lightweight, more cost-effective version of some of these big monolith applications,” Mead said. But we’ve received interest from some rather large companies that are trying it out right now as well.”

Mead says that Puma Scan’s big differentiator is that it is more of a niche tool and a not all-encompassing.

“We just focus on that one platform and really live code analysis, where with other tools you have to push a button and wait,” Mead said. “We’re really targeting those who want that immediate feedback.”

Puma Scan offers real-time security analysis for developers | Clay & Milk
A central Iowa ag-tech accelerator has secured more backers and finally has a name. The Greater Des Moines Partnership first announced the accelerator last year, naming four initial investors. On Monday, the Partnership said the program will be called the "Iowa AgriTech Accelerator" and named three new investors. The new investors include Grinnell Mutual, Kent Corp. and Sukup Manufacturing, all Iowa companies. They join investors Deere & Co., Peoples Co., Farmers Mutual Hail Insurance Co. and DuPont Pioneer. Each investor has agreed to put up $100,000 for the first year of the accelerator. Startups entering the program will receive $40,000 in seed funding in exchange for 6 percent equity. Tej Dhawan, an angel investor and local startup mentor, is serving as interim director until the AgriTech Accelerator names a permanent leader. Dhawan held a similar role with the GIA before Brian Hemesath was named as managing director. As interim director, Dhawan said his main job includes hiring the accelerator's executive director, establishing a business structure and initial recruiting for the first cohort. The accelerator will place few filters, such as location and product, on the applicant pool, Dhawan said. "When you’re seeking innovation, innovation can come from every corner of the world so why restrict ourselves," he said. One area the the AgriTech Accelerator won't recruit from is biotech. For its first cohort, the AgriTech Accelerator will work out of the GIA's space in Des Moines' East Village, Dhawan said. A future, permanent home is still to be decided. The accelerator's program will host startups from mid-July through mid-October, ending with an event connected to the annual World Food Prize. The GIA, which the AgriTech Accelerator is based on, also ends with presentations at an industry event. The accelerator has also started lining up a mentor pool. The Iowa Corn Growers Association, Iowa Soybean Association and the Iowa Pork Producers Association have agreed to provide mentors, as has Iowa State University. While the AgriTech Accelerator is loosely based off of the GIA, it will differ in its business structure, Dhawan said. The GIA runs through a for-profit model for both operations and its investment fund. The AgriTech Accelerator will have a nonprofit model for its operations and a for-profit setup for its fund. Dhawan said the nonprofit model is being used so the accelerator can better work with other nonprofit partners, such as trade associations. "These are all organizations that are nonprofits and can be amazing stakeholders without ever having to be investors in the accelerator," he said. "It becomes easier to work with trade associations in their nonprofit role when we are also a nonprofit." When it's up and running, the AgriTech Accelerator would be one of a handful of ag-focused startup development programs in Iowa. Others include the Ag Startup Engine out of Iowa State University and the Rural Ventures Alliance from Iowa MicroLoan. Matthew Patane is the managing editor and co-founder of Clay & Milk. Send him an email at
This Pop-up Is Included in the Theme
Best Choice for Creatives
Purchase Now