Threat actors that hunt software supply chains are a cunning and patient lot. They regularly lie in wait, sometimes for years, making surreptitious moves until the day they have their target squarely in their crosshairs.
In recent years, high-profile software supply chain attacks – from SolarWinds in 2020 and Log4Shell in 2021 to XZ Utils in 2024 – have demonstrated just how pernicious these cybercriminals can be as they wreak havoc on critical infrastructure, disrupt daily operations, and cause millions of dollars in financial harm. Alarmingly, such breaches are also on the rise, with one report estimating that 45 percent of organizations around the globe will have experienced an attack on their software supply chains, a three-fold increase over 2021.
Many organizations today rely on open source software (OSS), which is developed and maintained through open collaboration that allows developers from anywhere around the world to use, modify, copy, and distribute software at will. The accessibility and low cost of OSS have afforded enterprises the ability to work faster; thereby reducing their time to market. The challenge with OSS, however, is the lack of visibility into who is contributing to this widely relied-upon resource, which creates inherent risks for enterprises that are increasingly finding their software supply chains vulnerable to ransomware and other malicious cyberattacks.
In response, Red Cell Partners launched software security company Hunted Labs in 2025 with $3 million in pre-seed funding to defend public and private institutions against attacks, harden software supply chains, and mitigate threats. Hunted Labs, which leverages artificial intelligence and machine learning to give organizations unprecedented end-to-end visibility into their software supply chains so they can quickly identify and eliminate threats, is the brainchild of the company’s Co-Founder, Hayden Smith. A battle-tested software engineer, Smith spent a decade in defense intelligence, honing his skills as a threat hunter. It was his experience working in some of the world’s most challenging cyber environments at companies like Booz Allen Hamilton in support of the Defense Department as well as private-sector clients, that inspired Smith to co-found Hunted Labs with Amanda Aguayo and Tim Barone.
“In the cyber realm, the question is always, ‘How do we prevent the next attack?’” Smith said. “The bottom line is this: To be effective at defense, it helps to start with an excellent offense. That’s the approach we take at Hunted Labs. By proactively searching for malicious actors and unearthing their hiding places, we can root them out, intercept them upstream, reduce risk, and extend the defensive reach of our customers, which, ultimately, is our goal.”
Through its product, Entercept™, Hunted Labs, born out of Red Cell’s Cyber Practice, provides customers with command and control over their software supply chain. With features like Threat-to-Code™, which hunts for risks and vulnerabilities within codebases, Entercept gives customers comprehensive visibility into their software supply chain’s attack surface – from source code repositories to runtime Kubernetes environments – to help them determine the affected blast radius if a breach occurs. In addition, the platform also provides AI-driven reconnaissance that actively investigates open source software to alert customers of potentially malicious contributors; and a threat-aware code assistant that automates threat hunting, prioritizes action against dangerous vulnerabilities, and expedites remediation.
Hunted Labs is the first incubation to join Red Cell via Red Cell Go, an invitation-only application program which allows entrepreneurs with deep domain expertise to incubate their business concept within the firm as they explore and validate early-stage models. Since its launch, the Hunted Labs team has established a robust pipeline of public and commercial customers and secured government funding.
In addition to Smith, Aguayo, and Barone, Hunted Labs also includes a world-class group of Advisors that includes Jim Higgins, CISO of Coreweave, who previously worked as CISO of Snap Inc.; Kris Merritt, former Senior Director of Threat Hunting Operations for CrowdStrike and former Intrusion Detection Lead for GE Aviation; and George Barnes, the President of Red Cell’s Cyber Practice and former Deputy Director of the National Security Agency.
Share
Build With Us
Our formula for success begins with those who dare to look beyond what’s possible.
Get Started