SonarSource, a Geneva-based code quality maintenance startup, raised $412 million at a $4.7 billion valuation co-led by Advent International and General Catalyst.

Why it matters: Perhaps only thing harder than writing source code is keeping it clean, particularly as new releases accelerate and proliferate.

That's creating a cottage industry of cloud software providers like SonarSource, which complement existing QA teams.

Other investors include Permira and Insight Partners.

The bottom line: "An alarming report from Veracode and Enterprise Strategy Group found that nearly half of organizations knowingly ship vulnerable code despite using cybersecurity tools, often to meet release deadlines." — Kyle Wiggers, TechCrunch