We’re excited to bring Transform 2022 back to life on July 19th and virtually July 20-28. Join AI and data leaders for sensible conversations and exciting networking opportunities. Register today!
Cybersecurity is fraught with complexities, but there is one thing that is particularly big at the moment: the growing complexity of security has helped inspire a large number of innovations and venture investments – resulting in a large number of new startups in security.
Which leads to a different kind of complexity for all businesses to struggle with: an overabundance of vendors to choose from.
“You don’t need more than 1,000 cybersecurity startups. The industry doesn’t need that, “said John Brennan, a partner at security-focused venture capital firm YL Ventures.
And yet, in security, “there Is Huge problems yet to be solved, “Brennan told VentureBeat.
With this in mind, YL Ventures, which started in 2007, has chosen to take a very focused and selective approach when deciding which startup to fund. With only baking securities companies, YL invests exclusively in startups based in Israel – and only a few new seed investments each year. The firm also focused entirely on funding startups, which it initially supported at the seed level.
Brennan said the approach was acceptable “to ignore a lot of other great things that are happening.”
‘Really big problems’
However, this focus allows YL to devote all its energy to exposing Israeli security startups that are “facing really big problems – and that could inevitably build bigger companies,” he said.
To date, those companies have included cybersecurity asset management firm ExxonMobil, which in 2017 led a $ 4 million seed round led by YL. The venture firm pulled out of its investment in 2021 – selling its stake for $ 270 million – as ExxonMobil raised new funds at a valuation of 1.2 billion (the seller has since reached $ 2.6 billion valuation).
More recent seed investments, led by YL Ventures, include Orca Security, which offers a cloud protection platform and was valued at $ 1.8 billion in October – even though it was founded in 2019 alone. Orca now has more than 300 employees, more than three times its number, and the company says its customer base has grown 400% in the past year.
But what has this highly selective VC generation been investing in lately? YL has announced investments in six seed-stage cyber companies since 2020, one of which has already exited (build.security, which was acquired by Elastic). The other five startups are Anso Security, Grip Security, Piano, Valence and Eureka.
Following are the details of the five latest security startups supported by YL Ventures.
Seed round: 2020, 6 million
Product: Application Security Posture Management Solution that provides application discovery, classification and management.
A “new series” [for] Cyber Security World, “Application Security Posture Management” provides a systematic process for comprehensively managing and executing APSEC, “says Enso.
Enso Solutions offers a wide range of applications, visibility, inventory and discovery for the entire environment of the organization; Workflow management and automation in AppSec and developer teams; Coverage from day one with out-of-the-box app security testing; A contextualized and prioritized list of vulnerabilities and security gaps focusing on assets that are most important to the business; And executive reporting and monitoring, ”according to the company.
Differentiators: While many security programs focus on “managing defects only”, Enso says it brings “asset-first approaches”, in which default management is only on the component. “It is the first platform to build true AppSec maturity by focusing on operating the APSEC program holistically from start to finish and measuring comprehensively,” the company said. “Enso currently enables this by incorporating all the AppSec workflows and tools to break the distressed silos in enterprise systems, allowing improvements to have a greater impact across the application portfolio.”
Seed round: 2021, 6 million
Product: A platform to enable visibility, governance and data security to secure the use of software-a-service (SaaS).
Grip Legacy seeks to “revolutionize SaaS security” when transferring cloud access security broker (CASB) solutions and “helps enterprises implement much-needed automated and granular security for SaaS,” the company says.
“Grip’s unique architecture gives security teams comprehensive visibility and control over every SaaS used by the organization, including the shadow application, resulting in reduced or interrupted performance,” says Grip.
Differentiators: Unlike currently available solutions, Grip says it “eliminates performance degradation” – allows for zero friction or interference, while still ensuring that access controls and data governance are in place.
With the solution, “CISOs don’t have to police anyone,” Grip says. Meanwhile, unlike existing SaaS solutions, Grip’s platform covers all applications – and connections from anywhere – while offering a simple “Zero Touch” deployment, the company says.
Seed round: 2021, 9 million
Product: A platform for the protection and management of personally identifiable information (PII) in cloud-native applications.
Piiano is “the pioneer of data privacy engineering for the cloud, offering the industry’s first personal data protection and management platform to transform how an enterprise builds privacy-forward architectures and operates privacy practices,” the company says.
The company “offers a pre-built, developer-friendly infrastructure to dramatically simplify enterprise privacy engineering journeys,” the company says, including a “piano vault” to centralize and secure sensitive data.
Differentiators: Unlike current data protection solutions, the piano “goes straight to the root of privacy – the developer,” the company says. Using the piano platform, “developers can bridge security and privacy with C-level requirements for data security and privacy at the architecture level,” according to the company.
Seed round: 2021, 7 million
Product: A platform that aims to help businesses manage risks through third-party integration and secure connectivity between applications.
Valence says it adopts a zero-confidence approach to securing a “business application mash” – the number of applications and the connections between them on which businesses rely.
The Valence platform “provides comprehensive access visibility to the risk surface while identifying and minimizing the internal and third-party access risks associated with it,” the company says. “Providing fast, consistent and non-invasive business application mesh risk surface management, the Valence platform streamlines collaboration between business application teams and enterprise IT security teams.”
Differentiators: Unlike current identity and access management solutions that focus on “human-to-application interaction, Valence is the first company to focus on the non-human element that drives inter-connectivity between business applications,” the company says. “Unlike human identification, where you can apply MFA and managed devices, non-human identification operates on a machine-to-machine basis, requiring a separate set of security controls and rules.”
Seed round: 2022, 8 million
Product: Cloud Data Security Posture Management Platform aimed at helping security teams meet the growth of cloud data.
Eureka has launched the “Cloud Data Security Posture Management Initiative, a comprehensive approach to protecting all the data contained in enterprise cloud data stores, regardless of where they are or how they got there – and deep proficiency in how each data store operates. Without need, “says the company. “Eureka enables security teams to reduce the risk of data loss and theft in a multi-cloud environment by gaining control over their organization’s overall cloud data security posture and compliance.”
Differentiators: Eureka says it “offers a higher level of security than point solutions and original tools, in addition to its data-centric policy translation engine, providing comprehensive and real-time views of data stores and the risks associated with them.”
The engine “automatically translates data security policies surrounding privacy, risk, compliance and security into platform-specific controls that can be applied to any cloud data store,” according to the company.
Venturebeat’s mission Digital Town Square is set to become a place for technical decision makers to gain knowledge about the changing enterprise technology and practices. Learn more about membership.