Randori announced that it raised $9.75M in funding led by Accomplice, with participation from .406 Ventures and Legion Capital. The company will use the capital to fuel development of a nation-state caliber attack platform designed to emulate the behavior of threat actors.
The Randori founding team includes CEO Brian Hazzard, former executive at Carbon Black, and CTO David Wolpoff, a respected hacker who has led red team engagements for many of the world’s largest corporations. Mike Viscuso, Accomplice Venture Partner and co-founder of Carbon Black, and Greg Dracon, Partner at .406 Ventures, have joined the company’s board of directors.
“Cyber security is fundamentally broken. Despite massive investments of time and capital, organizations often don’t know where they’re vulnerable until after they’re hit. Simulated environments can’t account for the changing tactics of today’s attacker,” said Brian Hazzard, CEO, Randori.
“The seed round allows us to rapidly scale the development of the world’s most authentic attack platform and, for the first time, give organizations a real-time understanding of how attackers actually view their organization.”
Combining reconnaissance with the execution of real attacks, Randori is building the cloud-based attack platform. It will provide CISOs with visibility into where threat actors will strike next and the ability to validate and understand the impact specific attacks pose to their organizations.
Randori is currently working with more than 20 customers and design partners, including some of the world’s largest organizations.
“Whether it’s a nation-state or a criminal enterprise, today’s threat actors don’t launch attacks in a simulated environment or limit themselves to two-week engagements. They come after you hard and fast, targeting and exploiting real weaknesses,” said Bill Brown, SVP & CISO at Houghton Mifflin Harcourt.
“When testing security, authenticity matters. What Randori is developing will allow us to scrimmage against the best by safely launching real attacks of all caliber against the same systems and people hackers will go after, better preparing my team for the next attack.”
By 2020, organizations will spend more than $12 billion globally on penetration testing. However, legacy penetration tests are by their nature expensive and their insights limited to specific points in time.
This approach can’t keep pace with the dynamic nature of today’s attacker. By automating the approach real attackers take and applying it to an organization’s defenses, Randori makes red teams stronger and prepares security professionals to face the next cyber attack.
“One of the biggest security challenges that CISOs have today is truly understanding where and how they will be attacked next,” said Mike Viscuso, Venture Partner at Accomplice.
“Randori’s unique approach of emulating real attackers and giving CISOs a real-time and continuous assessment of where they’re most likely to be hit will provide enterprises globally the ability to assess and secure their most critical weak points. I know first-hand the strength and expertise of the Randori leadership team, which is why I’m excited to make Randori my first investment with the Accomplice team.”
Randori is headquartered in Boston, MA with offices in Denver, CO, and is focused on expanding its engineering and product teams and adding customers as design partners.
“Historically, organizations have thought about risk management purely as regulatory compliance checklists and audits. This approach leaves organizations vulnerable,” said Doug Cahill, Senior Analyst and Group Director, ESG Global Research.
“We are increasingly seeing CISOs seek out and demand testing technologies that enable them to assess risk based on the techniques, tactics, and procedures used by today’s adversaries as part of a broader risk mitigation strategy.”