Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


11:30 AM
Dark Reading
Dark Reading
Products and Releases

Cado Security Closes $10M in Funding to Accelerate Adoption of Cloud-Native Digital Forensics Platform

Blossom Capital leads Series A investment round; Cado Security platform enables security teams to effectively investigate and respond to cyber incidents at cloud speed.

LONDON--(BUSINESS WIRE)--Cado Security, provider of the first and only cloud-native digital forensics platform, today announced that it closed $10 million in Series A funding, bringing the company’s total capital raised to $11.5 million. Led by Blossom Capital with participation from existing investors including Ten Eleven Ventures, the new funding comes only six months after the company closed its seed round, due to the significant demand for its platform. The new capital will be used to accelerate Cado Security’s growth through the expansion of key functions including engineering, customer support and go-to-market operations.

According to Gartner, nearly 70 percent of enterprises plan to accelerate spending in cloud services in 2021. As more data moves to the cloud, attacks on cloud infrastructures are increasing significantly, putting new pressures on security teams to respond quickly. When a cyber incident occurs in the cloud today, forensic analysts spend countless days using a patchwork of rudimentary tools to manually collect and process the data needed for an investigation.

“Over the past year, enterprises have compressed their cloud adoption timelines while protecting the applications that enable their remote workforces,” said Imran Ghory, partner at Blossom Capital. “Yet as high-profile breaches like SolarWinds illustrate, the complexity of cloud environments makes rapid investigation and response extremely difficult since security analysts typically are not trained as cloud experts. Cado Security solves for this with an elegant solution that automates time-consuming tasks like capturing forensically sound cloud data so security teams can move faster and more efficiently. The opportunity to help Cado Security scale rapidly is a terrific one for Blossom Capital.”

When security teams detect malicious activity in cloud environments, they must immediately respond to triage and understand the incident. During this process, forensic analysts typically only have 5% or less of the data available to them to conduct the investigation. With so little information, they often determine that it’s not worth further investigation due to the level of effort required to dig deeper.

The Cado Response platform automates data collection from multiple sources, including cloud and containers, while also supporting traditional, on-premises systems to provide 100% of the data with no extra effort. Its patent-pending architecture scales up and down to provide rapid processing when needed, and save costs when not. Its analytics engine correlates all systems, users, processes and files so analysts can immediately visualize the scope and conduct an investigation in aggregate, rather than analyzing at the system level, in order to get to the root cause of an incident quickly and precisely.

“Sophisticated threat actors are more adept at using the complexity of cloud environments to their advantage,” said Matt Georgy, CTO of [redacted] and Cado Security advisor. “We use Cado Security to level the playing field by enabling our analysts to move faster than the attackers in investigating malicious activity in the cloud. Cado’s solution is not only modern and scalable, but it also can ensure all legal and regulatory compliance standards have been met.”

“Legacy forensic tools were built decades ago to support on-premises environments, but the problem is that data doesn’t live there anymore. It’s moving to the cloud at exponential rates and where data goes, cyber attackers follow,” said James Campbell, CEO and co-founder of Cado Security. “We’re bringing our decades of experience helping enterprises respond to cyber incidents and knowledge of cloud forensics to automate and centralize what’s required to investigate a breach at cloud speed. This funding allows us to significantly grow our team and expand the value of the Cado Response platform for our customers.”

For more information on the Cado Security platform and to request a demo, please visit https://www.cadosecurity.com/.

About Cado Security

Cado Security provides the first and only cloud-native digital forensics platform for enterprises. By automating data capture and processing across cloud and container environments, Cado Security enables security teams to effectively investigate and respond to cyber incidents at cloud speed. Backed by Blossom Capital and Ten Eleven Ventures, Cado Security is based in London. For more information, please visit https://www.cadosecurity.com/ or follow us on Twitter @cadosecurity.

About Blossom Capital

Blossom is a VC fund that connects US know-how, expertise, networks and ambition, with Europe’s unrivaled opportunity. Blossom concentrates on early-stage investments in consumer and enterprise, particularly focusing on finance, design, marketplaces, travel, developer-focused tools, infrastructure and API-first companies. Based in London, but covering the whole of Europe, Blossom competes with the top-ranked VC investors in Europe and the US to champion the next European startups capable of making it on the global stage. Find out more at www.blossomcap.com.

About Ten Eleven Ventures

Ten Eleven Ventures is the original venture capital firm focused solely on investing in digital security. The firm invests globally and at all stages, from seed to growth (the latter via its Joint Investment Alliance with KKR). Since its founding in Silicon Valley in 2015, Ten Eleven Ventures has raised nearly $US 500 million and invested in 27 leading cybersecurity companies including Twistlock, Verodin, Cylance, KnowBe4, Darktrace, and Ping Identity. For more information, please visit www.1011vc.com or follow us on Twitter @1011vc.


Maryellen Sartori
fama PR for Cado Security
[email protected]


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
A Startup With NSA Roots Wants Silently Disarming Cyberattacks on the Wire to Become the Norm
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/11/2021
Cybersecurity: What Is Truly Essential?
Joshua Goldfarb, Director of Product Management at F5,  5/12/2021
3 Cybersecurity Myths to Bust
Etay Maor, Sr. Director Security Strategy at Cato Networks,  5/11/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google Maps is taking "interactive" to a whole new level!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-17
Cross Site Scripting (XSS) in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post.
PUBLISHED: 2021-05-17
Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary code and delete a specific article via the component " /admin.php?action=page."
PUBLISHED: 2021-05-17
Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary code and delete specific images via the component " /admin.php?action=images."
PUBLISHED: 2021-05-17
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637.
PUBLISHED: 2021-05-17
A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051.