devOcean announced its launch out of stealth as well as the completion of a $6 million seed financing round. The funding round was led by Glilot Capital Partners with participation from angel investors, including Former Google CISO Gerhard Eschelbeck, Amazon’s Head of Security Audit Adam Hirsch, and Dome9 Security founder Zohar Alon, among others.
The move to cloud requires a completely new approach to security operations. Cloud native applications are composed of multiple layers, with each layer having its own security issues which require unique, specialized security solutions. Additionally, each layer of an app is created and managed by a different development team within an organization.
Taken together, this creates a multilayered and siloed environment, with a chaotic web of responsibilities, tools, and alerts. This becomes even more complex when combined with the lack of standardization in policies and infrastructures between public cloud providers.
The constant need to navigate this complex web in order to prioritize security issues and determine which team is responsible for resolving them is a significant cause of frustration for CISOs. Additionally, the current best practice to prioritize and assign responsibility for fixing these issues is by manually going through each security tool and inputting every alert.
According to Gartner research conducted by Mark Wah, Sr Director Analyst, and Charlie Winckless, Sr Director Analyst, titled “Emerging Technologies: Future of Cloud Native Security Operations,” (November 17, 2021), “adoption of cloud-native services is growing and cloud-native workloads are ephemeral, with a rapid rate of change from development to production that will extend security operations use cases to development.”
devOcean’s SaaS platform enables security teams to overcome these challenges by collecting security insights from all cloud and security tools, generating a single “pane of glass” that exposes each risk and its corresponding effect on every part of the cloud application. With an understanding of the most critical threats, security teams can prioritize risks and work alongside operations, product, and development teams to effectively install security policies, while enabling CISOs to accurately suggest which team is responsible for patching a vulnerability and fixing an issue.
Additionally, devOcean’s platform provides recommendations on how to fix the risk as efficiently as possible. Security teams and developers can even open tickets on the platform to create automated workflows and assign tasks directly to the relevant team.
“devOcean is the first platform to create a dedicated cloud SecOps layer that is aimed at making order out of cloud application security chaos,” said Doron Naim, Co-founder and CEO of devOcean. “Security teams use sophisticated detection tools to find issues, but none of them help solve those effectively across all layers. Our goal is to make cloud security operations effective and efficient, enable SecOps teams to solve more issues, focus on the most critical risks, and shorten the remediation lifecycle.”
“devOcean’s technology combines our deep knowledge of both cybersecurity and the cloud environment and was formed with the mission to help companies close a significant risk in their cloud deployments,” said Gil Makmel, CTO of devOcean. “Our solution cuts through the multi-layered environment that is inherent in cloud native applications, giving our customers the ability to freely develop the apps they want while ensuring the highest levels of security.”
“The complexity and agility of Cloud Native applications makes it almost impossible to handle without a dedicated system, leading some organizations to attempt to build their own cloud native security management platforms at a great cost and with limited success,” said Kobi Sambrousky, Co-Founder and Managing Partner at Glilot Capital Partners. “We are proud to invest in devOcean and look forward to working closely with the team as it deploys a product that we anticipate will have immediate and immense market demand.”
“devOcean’s unique capability to tell a multilayered story that gathers security data from multiple sources – saves precious time and drives down costs.” said Gerhard Eschelbeck, former CISO, Google.