SafeBreach Announces $15 Million in Series B; Deepens Focus on Breach and Attack SimulationSafeBreach Announces $15 Million in Series B; Deepens Focus on Breach and Attack Simulation
SafeBreach Announces $15 Million in Series B; Deepens Focus on Breach and Attack Simulation
May 9, 2018
SUNNYVALE, CA – May 8th, 2018 – SafeBreach, the leader in Breach and Attack Simulation, today announced new funding, new product capabilities and record growth. Bookings increased more than 470 percent year-over-year with expanded traction in the Fortune 100. The company added $15 million in strategic funding led by Draper Nexus with participation from PayPal and existing investors Sequoia Capital, Deutsche Telekom Capital Partners and HPE Pathfinder. The company also introduced major new capabilities that set it apart by allowing customers to not only simulate attacks and assess risk, but more effectively prioritize areas for remediation, and take action to stay ahead of attacks.
“CISOs and their security teams have spent considerable amounts of time and money implementing best-of-breed technologies, but today’s ever changing IT environments make it challenging to understand whether these security products can actually stand up to attacks,” said Managing Director Rio Maeda at Draper Nexus. “The SafeBreach platform has seen hypergrowth adoption in helping security teams continually prove people, process and technology are actually working. We invest in transformative technologies, and are excited to partner with the leader in this market.”
Accelerated momentum comes at a time when Breach and Attack Simulation as a sector is drawing increased attention and investment. Industry analyst firm Gartner has established category coverage and last year named SafeBreach among the "Cool Vendors in Monitoring and Management of Threats to Applications and Data 2017."
SafeBreach offers the most comprehensive Breach and Attack Simulation platform in the industry -- with a playbook of over 3400 breach methods, along with the most flexible prioritization capabilities and most extensible remediation options. The platform is designed to be continuous, automated and intuitive, removing human testing biases and eliminating the need for manual creation of methods. As a result, the SafeBreach platform has been able to uncover unknown or unexpected security issues in the most sophisticated security environments.
“Simulating attacks is critical to understanding the bigger picture of infrastructure and asset risk, but alone, it’s not enough,” said Guy Bejerano CEO & co-founder, SafeBreach. “Simulations need to inform prioritized actions. Our new, unique capabilities were built to provide the most effective breach method coverage, identify and prioritize critical results, and quickly remediate issues to enable customers to stay ahead of attacks.”
The most important new capabilities include:
Up-to-date Simulations Aligned to US-CERT Alerts and MITRE ATT&CK Framework – With a new ability, powered by SafeBreach Labs, to produce new simulations of critical attacks in less than 24 hours, the Hacker’s Playbook™ continues to represents the largest and most thorough simulation knowledge base in the industry, and growing every day. More than 700 attacks -- aligned with US-CERT alerts and the MITRE ATT&CK framework -- were added last year, bringing the total of breach methods to more than 3400. The company also recently announced an integration with Visa Threat Intelligence to weaponize payment industry indicators of compromise by transforming them into breach methods. SafeBreach Labs also continues to publish a bi-annual Hacker’s Playbook Findings report of deployment findings and best practices for security product deployments, while also producing unique intelligence and discoveries such as the ability to abuse third-party plugins in text editors and exfiltrate data using online public sandboxing.
Informed and Actionable Prioritization Right-Sized for Every Security Team – To accommodate varied security prioritization preferences for enterprises, SafeBreach now offers multiple ways to prioritize and drill down into breach simulation results. Organizations can use the Risk Trends, Kill Chain Explorer and simulation analysis dashboards available on the platform, integrate with existing security operations workflows via SafeBreach partnership with industry leading SIEM providers such as Splunk and Arcsight, or utilize existing Business Intelligence tools such as Tableau and Kibana to target critical areas of focus and vastly reduce alert fatigue.
Accelerated Remediation Via Automation and Orchestration, and Ticketing Systems – SafeBreach offers the most extensible platform for remediation, integrating with enterprise ticketing systems like Jira and ServiceNow, along with automation and orchestration platforms such as Phantom and Demisto to support remediation workflows.
SafeBreach received numerous awards and accolades throughout 2017, including:
Making Bloomberg’s “50 Most Promising Startups You’ve Never Heard of” List
Winning the HPE and SAP Startup Showcase
Earning a spot on the Momentum Partners' “Q1 2017 Quarterly Market Report Watch List”
Named a Cool Vendor in the “Cool Vendors in Monitoring and Management of Threats to Applications and Data 2017” report by Gartner
SC Media named SafeBreach Co-Founder and CTO Itzik Kotler a Rising Star in the Reboot Awards and the company as an Industry Innovator in Security Infrastructure category
San Francisco Chamber of Commerce selected SafeBreach as the Winner of the Ebbies Awards in the ‘Innovation in Technology’ category
CRN named SafeBreach as a Finalist in the Tech Innovator Awards and an Emerging Vendor in the ‘Security’ category
Companies interested in seeing the SafeBreach platform in action can sign up for a demo. Successful techniques and insights from SafeBreach deployments are available in the Hacker’s Playbook Findings Report.
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Everything You Need to Know About DNS Attacks
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks
How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Gone Phishing: How to Defend Against Persistent Phishing Attempts Targeting Your Organization
The Evolving Ransomware Threat: What Business Leaders Should Know About Data Leakage
The Rise of Extended Detection & Response