Israeli startup Vulcan Cyber today announced $4 million in seed funding for its mission to eliminate the vulnerability remediation gap that unnecessarily exposes enterprises to massive cyber risk.
Vulcan Cyber co-founders, from left to right: CTO Roy Horev, CEO Yaniv Bar-Dayan and CPO Tal Morgenstern
Backing for the technology platform, which lets security teams gain the insight needed and take the action required to continuously eliminate exposed vulnerabilities in their production systems, comes from YL Ventures with participation from additional prominent cybersecurity investors.
The Vulcan Cyber Continuous Vulnerability Remediation platform eliminates the most critical risks caused by vulnerabilities while at the same time avoiding any unexpected impact to business operations. Vulcan reduces dwell time from weeks and months to hours.
Vulcan Cyber’s data collection aggregates data from dozens of scanning tools while its advanced exposure analytics deliver insight into the true risk of existing vulnerabilities in the deployed enterprise stack. Vulcan then automatically prioritizes, plans, orchestrates and validates remediation.
“Enterprises today are experiencing a state of continuous risk exposure,” said Yoav Leitersdorf, managing partner at YL Ventures, who led the Vulcan Cyber funding round. “This exposure is a board level concern. The speed of change and innovation and volume of constant probes and attacks has simply outpaced the tools and skilled resources IT security teams have. And for many teams, it simply feels like they’re in a never-ending storm of crisis and reactive activities.”
IT security and operations teams today rely on dozens of vulnerability assessment and patch management tools and are using manual processes and custom scripting to tie them together.
By automating the collection and integration of all the relevant vulnerability data from these tools across the enterprise IT stack, and correlating this information with risk exposure, Vulcan provides insight that enables continuous evaluation of exposure and prioritization of remediation. Vulcan then orchestrates patch management, IT service management tools and the teams and tasks needed to continuously remediate the most critical exposure in production environments. Lastly, Vulcan validates remediation effectiveness and feeds the new data back into the insight engine. Vulcan integrates out of the box with all popular scanning, configuration management and patching tools as well as provides open APIs to connect new scanners, tools and feeds into the platform.
“The team at Vulcan has the right vision to deliver IT security teams unprecedented insight and the ability and confidence needed to successfully eliminate exposure and risk. Vulcan has the potential to be transformative for enterprises, taking them from a state of continuous exposure to continuous protection,” Leitersdorf added.
Andy Ellis, CSO of Akamai, concurred, “Organizations today have diverse ecosystems, from on-premise bespoke applications to cloud-deployed services. Keeping track of the state of these applications and systems — often owned by distinct engineering and operations teams — in order to ensure that system maintenance keeps up with the never-ending flow of vulnerabilities and exposures is vital. Continuous and integrated visibility into remediation is the first step to remediation orchestration for enterprises.”
“Vulcan’s approach to enable and empower both IT security teams and their operations counterparts is a leap forward, giving us a vision for a world where companies aren’t being breached every day with exploits against vulnerabilities that have been known about for months or years”, said Ellis.
Yaniv Bar-Dayan, Vulcan Cyber CEO and co-founder explains that vulnerabilities are the “dirty” but critical work of IT security. “It has become almost impossible for CISOs and their teams to understand and manage the significant and systemic risk of vulnerabilities in their production systems, leaving them in a state of continuous exposure. It might sound more glamorous to talk about zero day and next generation threats, but vulnerability remediation is truly where the rubber meets the road. The only way to deal with this continuous risk exposure is through continuous remediation, achieved with robust data collection, advanced analytics, automation, and closed loop remediation planning, orchestration and validation. This is exactly what we are delivering to IT security teams with Vulcan Cyber.”
The Vulcan Platform is currently in limited availability to qualified customers. General availability will be in late 2018. More information about the launch is available in the video below: