Security operations teams are faced with a daunting task these days, which is to stop malicious hackers and their increasingly sophisticated approaches to hacking into networks. It also represents a gap in the market: creating tools to help those security teams do their jobs. Today, what’s called an Israeli startup regillion It’s doing just that — building automation tools for DevSecOps, the area of IT that addresses the needs of security teams and the technical tasks they need to do in their jobs — announcing $30 million in funding Is.
Guggenheim Investments leads the round with JPV and Kindred Capital contributing. Resilien said unnamed executives from Google, Microsoft, Crowdstrike, IBM, Cisco, PayPal, JPMorgan Chase, Nasdaq, eBay, Symantec, RedHat, RSA and Tenable are also in the round. Earlier the company had raised $80 million.
Resilien’s funding is coming in part because of strong initial growth for the startup in its first two years of operation.
Its customer base is made up of some of the largest companies in the world, including two of the “Fortune 10” (Top 10). fortune 500) CEO Liran Tankman, who co-founded Resilion with CTO Shlomi Boutnaru, said one of those two is one of the world’s largest software companies, and the other is a major connected device vendor, but declined to say. done. (For the record, the top 10 include Amazon, Apple, and Alphabet/Google.)
Tankman and Boutnaru previously co-founded another security startup, Cyactive, which was acquired by PayPal in 2015; The pair worked together until they left to start Resilience.
There are a plethora of tools on the market now to help developers automate various aspects of security and security tasks. Rezilion focuses on a specific part of DevSecOps: Large businesses have established a lot of processes over the years that need to be followed and make the most thorough efforts possible to detect security threats. Today, this can involve inspecting every single suspicious activity to determine what the implications might be.
The problem is that with the amount of information that comes in, taking the time to observe and understand each suspicious activity can put a huge strain on an organization: it’s time-consuming, and as it turns out, time consuming. Not the best use is included due to the signal to noise ratio. Typically, it can take 6-9 hours for each vulnerability to be properly tested, Tankman said. “But usually about 70-80% of them are not absorbable.” This represents a very inefficient use of the security team’s time and energy.
“Eight out of ten patches are a waste of time,” Tankman said of the approach that is commonly followed today. He believes that as its AI continues to grow and its knowledge and solutions become more sophisticated, “it could soon be a 9 out of 10.”
Resilien has built a taxony and an AI-based system that does essentially that inspection task as a human would: It spots any new, or suspicious, code, detects that it What is trying to do, and make it run against the company’s existing code. and systems to see how and if it could actually be a threat to it or cause more problems down the line. If it’s all good it essentially whitelists the code. If not, it flags the team.
The stickiness of the product stems from how Tankman and Boutnaru understand large enterprises, especially those heavy with technology stacks, have become a very challenging environment for cybersecurity teams these days.
“They are using us to expedite their delivery processes while staying safe,” Tankman said. “They have strict compliance departments and they have to follow certain standards,” in terms of the protocols they carry out security work, he said. “They want to leverage DevOps to release it.” He said Rezilion has won over customers in large part by helping them understand and work better within that culture and process in general. “Companies become users of our product because we have shown them that at a fraction of the effort, they can be more secure.” It has a particular resonance in the tech world, though financial services and others that essentially leverage technology as an important base to use are also in the startup’s user base.
Down the line, Rezilion plans to add in treatment and mitigation to the mix to expand what can be done with its automation tools, which is also part of where the funding is going, Boutanaru said. . But he doesn’t believe it will ever replace a human in the equation.
“It will just focus on the places where you need more human thinking,” he said. “We’re only removing the need for tedious work.”
In that grand tradition of enterprise automation, it will be interesting to see which other automation-focused platforms can step into security with the other automation they are building. For now, Resilien continues to create an interesting enough territory for itself to get investors interested.
“Resilien’s product suite is a game changer for security teams,” Rusty Parks, senior MD at Guggenheim Investments, said in a statement. “This creates a win-win, allowing companies to bring innovative products and features to market while increasing their security posture. We believe Resilien has created a truly attractive value proposition for security teams, which greatly enhances timely returns and completely protects one’s infrastructure.”