Cymulate snaps up $70M to help cybersecurity teams stress test their networks with attack simulations – TechCrunch
The cost of cybercrime is growing at a staggering 15% per year, expected It will reach $10.5 trillion by 2025. To meet the resulting challenges, organizations are turning to more and more AI tools to complement their existing security software and the work of security teams.Today, a company called cycle — It builds a platform to help these teams automatically and continuously stress-test their networks against potential attacks through simulations and provide advice on how to improve their systems to defend against real Attack – Announced a major round of growth funding after seeing strong demand for its tools.
The startup — founded in Tel Aviv with a second base in New York — has raised $70 million in Series D funding, which it will use to continue expanding globally and invest in expanding its technology (whether organically). or potentially via acquisition).
Today, Cymulate’s platform spans both on-premises and cloud networks, providing breach and attack simulation for endpoints, email, and web gateways, and more; automated “red teams”; and a “purple team” tool to create and launch for resource-starved organizations Different security breach scenarios, throwing people into a living red team – in short, a “total” solution for companies looking to ensure they get the most bang for your buck in the world of Eyal Wachsman, CEO of Cymulate , the network security architecture they already have.
“We’re giving our clients a different approach to cybersecurity and gaining insights [on] All products are already implemented in the network,” he said in an interview. The resulting platform finds particular appeal in the current market environment. While companies continue to invest in their security architecture, security teams are also feeling As the market tightens, this is affecting IT budgets and sometimes the number of employees in industries already facing expertise shortages. (Cymulate cites U.S. data National Institute of Standards and Technology There is an estimated global workforce shortage of 2.72 million security professionals. )
The idea behind Cymulate is that it builds things that help organizations make the most of what they already have. “Ultimately, we enable our clients to prioritize where they need to invest in order to close the gaps in their environment,” Wachsman said.
The round was led by One Peak with participation from Susquehanna Growth Equity (SGE), Vertex Ventures Israel, Vertex Growth and strategic backer Dell Technologies Capital. (All five companies backed Cymulate’s $45 million Series C round last year.) It’s a relatively large round for Cymulate, which doubled its total to $141 million, although the company The startup does not disclose its valuation, but I understand from sources that it is around the $500 million mark.
Wachsman points out that the funding comes after a big year for the startup (ironically, escalating cybersecurity concerns and a growing threat landscape are critical to the startup’s efforts to address this issue). good news for the company). Revenue doubled, although it didn’t disclose any figures today, the company now has more than 200 employees and works with around 500 paying clients in the enterprise and mid-market, including NTT, Telit and Euronext , higher than 300 customers per year before.
Wachsman, who co-founded the company with Avihai Ben-Yossef and Eyal Gruner, said he first came up with the idea of building a platform to continuously test an organization’s threat posture in 2016 after years of working in cybersecurity consulting for other companies. He found that no matter how much effort his clients and outside consultants put into building security solutions on an annual or semi-annual basis, those gains could be lost every time a malicious hacker makes an unexpected move.
“If bad guys decide to break into an organization, they can, so we need to find a different way,” he said. He uses AI and machine learning as a solution to complement everything that exists in an organization to build “a machine that allows you to continuously test your security controls and security posture on demand, and get immediate results… walk in before the hackers.”
Last year, Wachsman described Cymulate’s approach as “the largest cybersecurity consulting firm without consultants,” but the company does in fact have its own large team of in-house cybersecurity researchers who are white hat hackers trying to find new vulnerabilities — new Bugs, zero-days, and other exploits – Develop intelligence that powers the Cymulate platform.
These insights are then combined with other assets such as MITRE ATT&CK Framework, a knowledge base of threats, tactics, and techniques used by many other cybersecurity services, including others building continuous verification services that compete with Cymulate. (Competitors include FireEye, Palo Alto Networks, Randori, Attack IQ There are a lot more. )
Cymulate’s work comes in the form of a network map detailing a company’s threat profile, technical recommendations for remediation and mitigation, and an executive summary that can be presented to finance teams and management who may be auditing security spending. It also builds tools for running security checks when integrating any service or IT with a third party, such as during mergers and acquisitions or when working in a supply chain.
Today, the company is focused on cybersecurity, which is big enough in itself, but also leaves the door open for Cymulate to acquire companies in other areas (like application security) or build it for itself. “It’s on our roadmap,” Wachsman said.
If a potential merger brings more funding to Cymulate, the startup will be one of the few categories that will continue to receive widespread investor attention.
“Cybersecurity is clearly an area that we think will benefit from the current macroeconomic environment, rather than some capital-intensive businesses like consumer internet or food delivery,” said David Klein, managing partner at One Peak.Among them, he added, “the best companies [are those] Mission critical to their clients…these will continue to attract very good multiples. “