Personal blog of Yzmir Ramirez

Perigee founder Mollie Breen used to work for NSA where she built a security solution to help protect the agency’s critical infrastructure. She spent the last two years at Harvard Business School talking to Chief Information Security Officers (CISOs) and fine-tuning that idea she started at NSA into a commercial product.

Today, the solution that she built moves into public beta and will compete at TechCrunch Disrupt Battlefield with other startups for $100,000 and the Disrupt Cup.

Perigree helps protect things like heating and cooling systems or elevators that may lack patches or true security, yet are connected to the network in a very real way. It learns what normal behavior looks like from an operations system when it interacts with the network, such as what systems it interacts with and which individual employees tend to access it. It can then determine when something seems awry and stop an anomalous activity before it reaches the network. Without a solution like the one Breen has built, these systems would be vulnerable to attack.

“Perigee is a cloud-based platform that creates a custom firewall for every device on your network,” Breen told TechCrunch. “It learns each device’s unique behavior, the quirks of its operational environment and how it interacts with other devices to prevent malicious and abnormal usage while providing analytics to boost performance.”

Image Credits: Perigee

One of the key aspects of her solution is that it doesn’t require an agent, a small piece of software on the device, to make it work. Breen says this is especially important since that approach doesn’t scale across thousands of devices and can also introduce bugs from the agent itself. What’s more, it can use up precious resources on these devices if they can even support a software agent.

“Our sweet spot is that we can protect those thousands of devices by learning those nuances and we can do that really quickly, scaling up to thousands of devices with our generalized model because we take this agentless-based approach,” she said.

By creating these custom firewalls, her company is able to place security in front of the device preventing a hacker from using it as a vehicle to get on the network.

“One thing that makes us fundamentally different from other companies out there is that we sit in front of all of these devices as a shield,” she said. That essentially stops an attack before it reaches the device.

While Breen acknowledges that her approach can add a small bit of latency, it’s a tradeoff that CISOs have told her they are willing to make to protect these kinds of operational systems from possible attacks. Her system is also providing real-time status updates on how these devices are operating, giving them centralized device visibility. If there are issues found, the software recommends corrective action.

It’s still very early for her company, which Breen founded last year. She has raised an undisclosed amount of pre-seed capital. While Perigee is pre-revenue with just one employee, she is looking to add paying customers and begin growing the company as she moves into a wider public beta.

As we go deeper into the pandemic, many buildings sit empty or have limited capacity. During times like these, having visibility into the state of the building can give building operations peace of mind. Today, Verkada, a startup that helps operations manage buildings via the cloud, announced a new set of environmental sensors to give customers even greater insight into building conditions.

The company had previously developed cloud-based video cameras and access control systems. Verkada CEO and co-founder of Filip Kaliszan says today’s announcement is about building on these two earlier products.

“What we do today is cameras and access control — cameras, of course provide the eyes and the view into building in spaces, while access control controls how you get in and out of these spaces,” Kaliszan told TechCrunch. Operations teams can manage these devices from the cloud on any device.

The sensor pack that the company is announcing today layers on a multi-function view into the state of the environment inside a building. “The first product that we’re launching along this environmental sensor line is the SV11, which is a very powerful unit with multiple sensors on board, all of which can be managed in the cloud through our Verkada command platform. The sensors will give customers insight into things like air quality, temperature, humidity, motion and occupancy of the space, as well as the noise level,” he said.

There is a clear strategy behind the company’s product road map. The idea is to give building operations staff a growing picture of what’s going on inside the space. “You can think of all the data being combined with the other aspects of our platform, and then begin delivering a truly integrated building and setting the standard for enterprise building security,” Kaliszan said.

These tools, and the ability to access all the data about a building remotely in the cloud, obviously have even more utility during the pandemic. “I think we’re fortunate that our products can help customers mitigate some of the effects of the pandemic. So we’ve seen a lot of customers use our tools to help them manage through the pandemic, which is great. But when we were originally designing this environmental sensor, the rationale behind it were these core use cases like monitoring server rooms for environmental changes.”

The company, which was founded in 2016, has been doing well. It has 4,200 customers and roughly 400 employees. It is still growing and actively hiring and expects to reach 500 by the end of the year. It has raised $138.9 million, the most recent coming January this year, when it raised an $80 million Series C investment led Felicis Ventures on a $1.6 billion valuation.

Containers have become a ubiquitous cornerstone in how companies manage their data, a trend that has only accelerated in the last eight months with the larger shift to cloud services and more frequent remote working due to the coronavirus pandemic. Alongside that, startups building services to enable containers to be used better are also getting a boost.

StackRox, which develops Kubernetes-native security solutions, says that its business grew by 240% in the first half of this year, and on the back of that, it is announcing today that it has raised $26.5 million to expand its business into international markets and continue investing in its R&D.

The funding, which appears to be a Series C, has an impressive list of backers. It is being led by Menlo Ventures, with Highland Capital Partners, Hewlett-Packard Enterprise, Sequoia Capital and Redpoint Ventures also participating. Sequoia and Redpoint are previous investors, and the company has raised around $60 million to date.

HPE is a strategic backer in this round:

“At HPE, we are working with our customers to help them accelerate their digital transformations,” said Paul Glaser, VP, Hewlett Packard Enterprise, and head of Pathfinder. “Security is a critical priority as they look to modernize their applications with containers. We’re excited to invest in StackRox and see it as a great fit with our new software HPE Ezmeral to help HPE customers secure their Kubernetes environments across their full application life cycle. By directly integrating with Kubernetes, StackRox enables a level of simplicity and unification for DevOps and Security teams to apply the needed controls effectively.”

Kamal Shah, the CEO, said that StackRox is not disclosing its valuation, but he confirmed it has definitely gone up. For some context, according to PitchBook data, the company was valued at $145 million in its last funding round, a Series B in 2018. Its customers today include the likes of Priceline, Brex, Reddit, Zendesk and Splunk, as well as government and other enterprise customers, in a container security market that analysts project will be worth some $2.2 billion by 2024, up from $568 million last year.

StackRox got its start in 2014, when containers were starting to pick up momentum in the market. At the time, its focus was a little more fragmented, not unlike the container market itself — it provided solutions that could be used with Docker containers as well as others. Over time, Shah said that the company chose to hone its focus just on Kubernetes, originally developed by Google and open-sourced, and now essentially the de facto standard in containerisation.

“We made a bet on Kubernetes at a time when there were multiple orchestrators, including Mesosphere, Docker and others,” he said. “Over the last two years Kubernetes has won the war and become the default choice, the Linux of the cloud and the biggest open-source cloud application. We are all Kubernetes all the time because what we see in the market are that a majority of our customers are moving to it. It has over 35,000 contributors to the open-source project alone, it’s not just Red Hat (IBM) and Google.” Research from CNCF estimates that nearly 80% of organizations that it surveyed are running Kubernetes in production.

That is not all good news, however, with the interest underscoring a bigger need for Kubernetes-focused security solutions for enterprises that opt to use it.

Shah says that some of the typical pitfalls in container architecture arise when they are misconfigured, leading to breaches; as well as around how applications are monitored; how developers use open-source libraries; and how companies implement regulatory compliance. Other security vulnerabilities that have been highlighted by others include the use of insecure container images; how containers interact with each other; the use of containers that have been infected with rogue processes; and having containers not isolated properly from their hosts.

But, Shah noted, “Containers in Kubernetes are inherently more secure if you can deploy correctly.” And to that end that is where StackRox’s solutions attempt to help: The company has built a multi-purposes toolkit that provides developers and security engineers with risk visibility, threat detection, compliance tools, segmentation tools and more. “Kubernetes was built for scale and flexibility, but it has lots of controls, so if you misconfigure it, it can lead to breaches. So you need a security solution to make sure you configure it all correctly,” said Shah.

He added that there has been a definite shift over the years from companies considering security solutions as an optional element into one that forms part of the consideration at the very core of the IT budget — another reason why StackRox and competitors like TwistLock (acquired by Palo Alto Networks) and Aqua Security have all seen their businesses really grow.

“We’ve seen the innovation companies are enabling by building applications in containers and Kubernetes. The need to protect those applications, at the scale and pace of DevOps, is crucial to realizing the business benefits of that innovation,” said Venky Ganesan, partner, Menlo Ventures, in a statement. “While lots of companies have focused on securing the container, only StackRox saw the need to focus on Kubernetes as the control plane for security as well as infrastructure. We’re thrilled to help fuel the company’s growth as it dominates this dynamic market.”

“Kubernetes represents one of the most important paradigm shifts in the world of enterprise software in years,” said Corey Mulloy, general partner, Highland Capital Partners, in a statement. “StackRox sits at the forefront of Kubernetes security, and as enterprises continue their shift to the cloud, Kubernetes is the ubiquitous platform that Linux was for the Internet era. In enabling Kubernetes-native security, StackRox has become the security platform of choice for these cloud-native app dev environments.”

When we last reported on Snyk in January, eons ago in COVID time, the company announced $150 million investment on a valuation of over $1 billion. Today, barely nine months later, it announced another $200 million and its valuation has expanded to $2.6 billion.

The company is obviously drawing some serious investor attention, and even a pandemic is not diminishing that interest. Addition led today’s round, bringing the total raised to $450 million with $350 million coming this year alone.

Snyk has a unique approach to security, building it into the development process instead of offloading it to a separate security team. If you want to build a secure product, you need to think about it as you’re developing the product, and that’s what Snyk’s product set is designed to do — check for security as you’re committing your build to your git repository.

With an open-source product at the top of funnel to drive interest in the platform, CEO Peter McKay says the pandemic has only accelerated the appeal of the company. In fact, the startup’s annual recurring revenue (ARR) is growing at a remarkable 275% year over year.

McKay says even with the pandemic his company has been accelerating, adding 100 employees in the last 12 months to take advantage of the increasing revenue. “When others were kind of scaling back we invested and it worked out well because our business never slowed down. In fact, in a lot of the industries it really picked up,” he said.

That’s because as many other founders have pointed out, COVID is speeding up the rate at which many companies are moving to the cloud, and that’s working to Snyk’s favor. “We’ve just capitalized on this accelerated shift to the cloud and modern cloud-native applications,” he said.

The company currently has 375 employees, with plans to add 100 more in the next year. As it grows, McKay says that he is looking to build a diverse and inclusive culture, something he learned about as he moved through his career at VMware and Veeam.

He says one of the keys at Snyk is putting every employee through unconscious bias training to help limit bias in the hiring process, and the executive team has taken a pledge to make the company’s hiring practices more diverse. Still, he recognizes it takes work to achieve these goals, and it’s always easy for an experienced team to go back to the network instead of digging deeper for a more diverse candidate pool.

“I think we’ve put all the pieces in place to get there, but I think like a lot of companies, there’s still a long way to go,” he said. But he recognizes the sooner you embed diversity into the company culture, the better because it’s hard to go back after the fact and do it.

Addition founder Lee Fixel says he sees a company that’s accelerating rapidly and that’s why he was willing to pour in so big an investment. “Snyk’s impressive growth is a signal that the market is ready to embrace a change from traditional security and empower developers to tackle the new security risk that comes with a software-driven digital world,” he said in a statement.

Snyk was founded in 2015. The founders brought McKay on board for some experienced leadership in 2018 to help lead the company through its rapid growth. Prior to the $350 million in new money this year, the company raised $70 million in 2019.

A newly discovered bug in a cloud system used to manage SonicWall firewalls could have allowed hackers to break into thousands of corporate networks.

Enterprise firewalls and virtual private network appliances are vital gatekeepers tasked with protecting corporate networks from hackers and cyberattacks while still letting in employees working from home during the pandemic. Even though most offices are empty, hackers frequently look for bugs in critical network gear in order to break into company networks to steal data or plant malware.

Vangelis Stykas, a researcher at security firm Pen Test Partners, found the new bug in SonicWall’s Global Management System (GMS), a web app that lets IT departments remotely configure their SonicWall devices across the network.

But the bug, if exploited, meant any existing user with access to SonicWall’s GMS could create a user account with access to any other company’s network without permission.

From there, the newly created account could remotely manage the SonicWall gear of that company.

In a blog post shared with TechCrunch, Stykas said there were two barriers to entry. Firstly, a would-be attacker would need an existing SonicWall GMS user account. The easiest way — and what Stykas did to independently test the bug — was to buy a SonicWall device.

The second issue was that the would-be attacker would also need to guess a unique seven-digit number associated with another company’s network. But Stykas said that this number appeared to be sequential and could be easily enumerated, one after the other.

Once inside a company’s network, the attacker could deliver ransomware directly to the internal systems of their victims, an increasingly popular tactic for financially driven hackers.

SonicWall confirmed the bug is now fixed. But Stykas criticized the company for taking more than two weeks to patch the vulnerability, which he described as “trivial” to exploit.

“Even car alarm vendors have fixed similar issues inside three days of us reporting,” he wrote.

A SonicWall spokesperson defended the decision to subject the fix to a “full” quality check before it was rolled out, and said it is “not aware” of any exploitation of the vulnerability.

Four years after the Great Recession, France’s newly elected socialist president François Hollande raised taxes and increased regulations on founder-led startups. The subsequent flight of entrepreneurs to places like London and Silicon Valley portrayed France as a tough place to launch a company. By 2016, France’s national statistics bureau estimated that about three million native-born citizens had moved abroad.

Those who remained fought back: The Family was an early accelerator that encouraged French entrepreneurs to adopt Silicon Valley’s startup methodology, and the 2012 creation of Bpifrance, a public investment bank, put money into the startup ecosystem system via investors. Organizers founded La French Tech to beat the drum about native startups.

When President Emmanuel Macron took office in May 2017, he scrapped the wealth tax on everything except property assets and introduced a flat 30% tax rate on capital gains. Station F, a giant startup campus funded by billionaire entrepreneur Xavier Niel on the site of a former railway station, began attracting international talent. Tony Fadell, one of the fathers of the iPod and founder of Nest Labs, moved to Paris to set up investment firm Future Shape; VivaTech was created with government backing to become one of Europe’s largest startup conference and expos.

Now, in the COVID-19 era, the government has made €4 billion available to entrepreneurs to keep the lights on. According to a recent report from VC firm Atomico, there are 11 unicorns in France, including BlaBlaCar, OVHcloud, Deezer and Veepee. More appear to be coming; last year Macron said he wanted to see “25 French unicorns by 2025.”

According to Station F, by the end of August, there had been 24 funding rounds led by international VCs and a few big transactions. Enterprise artificial intelligence and machine-learning platform Dataiku raised a $100 million Series D round, and Paris-based gaming startup Voodoo raised an undisclosed amount from Tencent Holdings.

We asked 12 Paris-based investors to comment on the state of play in their city:

• Alison Imbert, partner, Partech
• Alexandre Mordacq, partner, 360 Capital Partners
• Emmanuel Delaveau, partner, Partech
• Boris Golden, partner, Partech
• Jean de La Rochebrochard, managing partner, Kima Ventures
• Paul Bolardi, associate, AXA Venture Partners
• Shiraz Mahfoudhi, Speedinvest
• Guillaume Dupont, founding partner, CapHorn
• Martin Mignot, partner, Index Ventures
• Bartosz Jakubowski, principal, Alven
• Pierre Entremont, founding partner, Frst Capital
• Pierre-Eric Leibovici, founding partner, Daphni

Alison Imbert, Partech

What trends are you most excited about investing in, generally?

All the fintechs addressing SMBs to help them to focus more on their core business (including banks disintermediation by fintech, new infrastructures tech that are lowering the barrier to entry to nonfintech companies).

What’s your latest, most exciting investment?

77foods (plant-based bacon) — love that alternative proteins trend as well. Obviously, we need to transform our diet toward more sustainable food. It’s the next challenge for humanity.

What are you looking for in your next investment, in general?
Impact investment: Logistic companies tackling the life cycle of products to reduce their carbon footprint and green fintech that reinvent our spending and investment strategy around more sustainable products.

Which areas are either oversaturated or would be too hard to compete in at this point for a new startup? What other types of products/services are you wary or concerned about?
D2C products.

How much are you focused on investing in your local ecosystem versus other startup hubs (or everywhere) in general? More than 50%? Less?
100% investing in France as I’m managing Paris Saclay Seed Fund, a €53 million fund, investing in pre-seed and seed startups launched by graduates and researchers from the best engineering and business schools from this ecosystem.

Which industries in your city and region seem well-positioned to thrive, or not, long term? What are companies you are excited about (your portfolio or not), which founders?
Deep tech, biotech and medical devices. Paris, and France in general, has thousands of outstanding engineers that graduate each year. Researchers are more and more willing to found companies to have a true impact on our society. I do believe that the ecosystem is more and more structured to help them to build such companies.

How should investors in other cities think about the overall investment climate and opportunities in your city?
Paris is booming for sure. It’s still behind London and Berlin probably. But we are seeing more and more European VC offices opening in the city to get direct access to our ecosystem. Even in seed rounds, we start to have European VCs competing against us. It’s good — that means that our startups are moving to the next level.

Do you expect to see a surge in more founders coming from geographies outside major cities in the years to come, with startup hubs losing people due to the pandemic and lingering concerns, plus the attraction of remote work?
For sure startups will more and more push for remote organizations. It’s an amazing way to combine quality of life for employees and attracting talent. Yet I don’t think it will be the majority. Not all founders are willing/able to build a fully remote company. It’s an important cultural choice and it’s adapted to a certain type of business. I believe in more flexible organization (e.g., tech team working remotely or 1-2 days a week for any employee).

Which industry segments that you invest in look weaker or more exposed to potential shifts in consumer and business behavior because of COVID-19? What are the opportunities startups may be able to tap into during these unprecedented times?
Travel and hospitality sectors are of course hugely impacted. Yet there are opportunities for helping those incumbents to face current challenges (e.g., better customer care and services, stronger flexibility, cost reduction and process automation).

How has COVID-19 impacted your investment strategy? What are the biggest worries of the founders in your portfolio? What is your advice to startups in your portfolio right now?
Cash is king more than ever before. My only piece of advice will be to keep a good level of cash as we have a limited view on events coming ahead. It’s easy to say but much more difficult to put in practice (e.g., to what extend should I reduce my cash burn? Should I keep on investing in the product? What is the impact on the sales team?). Startups should focus only on what is mission-critical for their clients. Yet it doesn’t impact our seed investments as we invest pre-revenue and often pre-product.

What is a moment that has given you hope in the last month or so? This can be professional, personal or a mix of the two.
There is no reason to be hopeless. Crises have happened in the past. Humanity has faced other pandemics. Humans are resilient and resourceful enough to adapt to a new environment and new constraints.

Data protection and data privacy have gone from niche concerns to mainstream issues in the last several years, thanks to new regulations and a cascade of costly breaches that have laid bare the problems that arise when information and data security are treated haphazardly.

Yet that swing has also thrown up a whole series of issues for organisations and business functions that depend on sharing and exchanging data in order to work. Today, a startup that has built a new way of exchanging data while still keeping privacy in mind — starting first by applying the concept to the “marketing industrial complex” — is announcing a round of funding as it continues to pick up momentum.

InfoSum, a London startup that has built a way for organizations to share their data with each other without passing it on to each other — by way of a federated, decentralized architecture that uses mathematical representations to organise, “read” and query the data — is today announcing that it has raised $15.1 million.

Data may be the new oil, but according to founder and CEO Nick Halstead, that just means “it’s sticky and gets all over the place.” That is to say, InfoSum is looking for a new way to use data that is less messy, and less prone to leakage, and ultimately devaluation.

The Series A is being co-led by Upfront Ventures and IA Ventures. A number of strategics using InfoSum — Ascential, Akamai, Experian, British broadcaster ITV and AT&T’s Xandr — are also participating in the round. The startup has raised $23 million to date.

Nicholas Halstead, the founder and CEO who previously had founded and led another big data company, DataSift (the startup that gained early fame as a middleman for Twitter’s firehose of data, until Twitter called time on that relationship to push its own business strategy), said in an interview that the plan is to use the funding to continue fueling its growth, with a specific focus on the U.S. market.

To that end, Brian Lesser — the founder and former CEO of Xandr (AT&T’s adtech business that is now a part of AT&T’s WarnerMedia), and previous to that the North American CEO of GroupM — is joining the company as executive chairman. Lesser had originally led Xandr’s investment into InfoSum and had previously been on the board of the startup.

InfoSum got its start several years ago as CognitiveLogic, founded at a time when Halstead was first starting to get his head around the problems that were becoming increasingly urgent in how data was being used by companies, and how newer information architecture models using data warehousing and cloud computing could help solve that.

“I saw the opportunity for data collaboration in a more private way, helping enable companies to work together when it came to customer data,” he said. This eventually led to the company releasing its first product two years ago.

In the interim, and since then, that trend, he noted, has only gained momentum, spurred by the rise of companies like Snowflake that have disrupted the world of data warehousing, cookies have started to increasingly go out of style (and some believe will disappear altogether over time) and the concept of federated architecture has become much more ubiquitous, applied to identity management and other areas.

All of this means that InfoSum’s solution today may be aimed at martech, but it is something that affects a number of industries. Indeed, the decision to focus on marketing technology, he said, was partly because that is the industry that Halstead worked most closely with at DataSift, although the plan is to expand to other verticals as well.

“We’ve done a lot of work to change the marketing industrial complex,” said Lesser, “but its bigger use cases are in areas like finance and healthcare.”

It’s been quite a day in the tech world, with a bushel of S-1s being filed to go public. Not to be left out, the ever acquisitive Palo Alto Networks announced its intent to acquire The Crypsis Group, an incident response, risk management and digital forensics consulting firm, for a crisp $265 million.

Nikesh Arora, chairman and CEO at Palo Alto Networks, sees a company that builds on the foundation of services the cybersecurity giant already provides, giving customers a set of services to lean on when a breach happens.

“By joining forces, we will be able to help customers not only predict and prevent cyberattacks but also mitigate the impact of any breach they may face,” he said. While the kinds of tools that Palo Alto provides are designed to prevent attacks, the fact is no set of tools is foolproof, and it’s always going to be a cat and mouse game between companies like Palo Alto and the attackers trying to breach their defenses.

Crypsis can help figure out how a breach happened and ways to close up the cracks in the foundation to prevent access through that particular weak point in the future. “We have dedicated ourselves to creating a more secure world through the fight against cybercrime. Together with Palo Alto Networks, we will be able to help businesses and governments better respond to threat actors on a global scale,” Bret Padres, CEO of The Crypsis Group said in a statement.

When the deal closes, and The Crypsis Group is in the fold, Palo Alto will gain more than 150 highly trained consultants, who have been handling approximately 1,300 incidents a year. This gives Palo Alto some serious consulting fire power to deal with those times when attackers get through their defenses.

The Crypsis Group has up until now been part of a larger security consultancy called ZP Group. The deal is expected to close in the fiscal first quarter of 2021, which just started when Q42020 closed today. Per usual, the acquisition will be subject to regulatory scrutiny, as Palo Alto is a public company.

When you start a company, it can be tempting to keep it simple. You want something that investors and customers can easily understand. While it might be easier to go that route, that is not something that Cloudflare did when it launched a decade ago at TechCrunch Disrupt. Instead, the company decided to go big or go home, and went with the wild idea of building a faster and safer internet. Not too much pressure.

It launched in 2010 with a free product and a paid tier and grew that original notion of delivering speed and security into a suite of products and services. Today, a decade later, Cloudflare is a public company with a market cap of nearly $12 billion.

We are going to talk to company co-founder and chief operating officer Michelle Zatlyn in a one-on-one interview at TechCrunch Disrupt 2020 about what it took to build off that vision as an early stage company. They were going after established giants like Akamai at the time. They needed to build a network of data centers around the world, starting with five on three continents at launch.

None of this could have been easy from an operations perspective. They were offering the bold assertion that they could make the world’s websites faster and safer and do it in a way that didn’t require any additional hardware and software. As an early adherent to the notion of cloud computing, they were giving customers the ability to do things that up until that point were only in reach of the largest internet properties, selling a value proposition that is common today, but was pretty unusual at the time.

We’re going to ask Zatlyn how they built this early product, how they grew the product set and expanded their data center coverage to over 200 around the world and what it took do all that and eventually become a public company.

You can see this session on the Disrupt stage along with all the programming on the Extra Crunch stage, network with CrunchMatch and discover hundreds of early-stage companies in Digital Startup Alley with your Digital Pro Pass purchase for just $345. There are discounts available for students, government and nonprofit employees as well as a great offer for early-stage founders who want to exhibit in Digital Startup Alley. Get your pass today before prices increase!

Adaptive Shield, a Tel Aviv-based security startup, is coming out of stealth today and announcing its $4 million seed round led by Vertex Ventures Israel. The company’s platform helps businesses protect their SaaS applications by regularly scanning their various setting for security issues.

The company’s co-founders met in the Israeli Defense Forces, where they were trained on cybersecurity, and then worked at a number of other security companies before starting their own venture. Adaptive Shield CEO Maor Bin, who previously led cloud research at Proofpoint, told me the team decided to look at SaaS security because they believe this is an urgent problem few other companies are addressing.

Pictured is a representative sample of nine apps being monitored by the Adaptive Shield platform, including the total score of each application, affected categories and affected security frameworks and standards. (Image Credits: Adaptive Shield)

“When you look at the problems that are out there — you want to solve something that is critical, that is urgent,” he said. “And what’s more critical than business applications? All the information is out there and every day, we see people moving their on-prem infrastructure into the cloud.”

Bin argues that as companies adopt a large variety of SaaS applications, all with their own security settings and user privileges, security teams are often either overwhelmed or simply not focused on these SaaS tools because they aren’t the system owners and may not even have access to them.

“Every enterprise today is heavily using SaaS services without addressing the associated and ever-changing security risks,” says Emanuel Timor, general partner at Vertex Ventures Israel . “We are impressed by the vision Adaptive Shield has to elegantly solve this complex problem and by the level of interest and fast adoption of its solution by customers.”

Onboarding is pretty easy, as Bin showed me, and typically involves setting up a user in the SaaS app and then logging into a given service through Adaptive Shield. Currently, the company supports most of the standard SaaS enterprise applications you would expect, including GitHub, Office 365, Salesforce, Slack, SuccessFactors and Zoom.

“I think that one of the most important differentiators for us is the amount of applications that we support,” Bin noted.

The company already has paying customers, including some Fortune 500 companies across a number of verticals, and it has already invested some of the new funding round, which closed before the global COVID-19 pandemic hit, into building out more integrations for these customers. Bin tells me that Adaptive Shield immediately started hiring once the round closed and is now also in the process of hiring its first employee in the U.S. to help with sales.