Sweet Security raises $33 million to identify and address cloud risks

Six months after coming out of stealth, Sweet Security is announcing a $33 million Series A funding round.

The round was led by Evolution Equity Partners, joined by Munich Re Ventures and Glilot Capital Partners. Capitalizing on its strong market traction, Sweet, which leverages deep runtime analysis to better identify and address cloud risks, will use the funding to scale up its operations in the U.S. and expand its platform. Sweet is also unveiling enhancements to its unified runtime platform, adding first-to-market capabilities for runtime posture enhancement and runtime non-human identity management.

It’s prime time for runtime

Without runtime visibility and insights, companies simply do not have an applicable way to manage their cloud risks. The recently discovered set of RunC vulnerabilities underscore how easily companies can be caught off guard by new cloud risks and be forced to spend days — if not weeks — trying to understand what happened and how to fix it.

In August 2023, Sweet launched the first unified runtime security platform for the cloud. Its patent-pending eBPF-based technology identifies critical anomalies across applications, networks, and non-human identities. It provides deep and actionable insights about who, where and what is happening.

From detection and response to vulnerability management, posture enhancement and non-human identity management (NHI), Sweet’s innovative technology identifies risks that matter, instead of creating a backlog of noisy alerts from passive API scans. Sweet’s “boots on the cloud” approach enables security teams to cut through the noise and address critical cloud risks as they unfold.

Runtime gets sweeter

The cloud presents significant challenges relating to non-human identities: As such, Sweet is introducing first-to-market functionality into its runtime security suite: runtime posture enhancement and runtime NHI management. Using its novel sensor-based technology and Layer 7 capabilities, Sweet’s behavioral analysis reveals which machine was the origin of a chain of actions and for what purpose.

Sweet’s novel technology completely upgrades an organization’s posture through runtime insights, as well as takes their NHI management to the next level.

“We piloted Sweet for its cloud attack detection capabilities and kept it because the runtime insights it provides also transform the way we manage our vulnerabilities. Sweet’s runtime suite enables us to be much more precise and strategic in how we secure, configure and lock down our cloud workloads.” said Cyrus Tibbs, CISO at PennyMac. “The value it provides exceeded our expectations.”

Sweet’s offering was the brainchild of co-founder and CEO, retired Brigadier General Dror Kashti, former CISO of the Israel Defense Forces (IDF); retired Colonel Eyal Fisher, former head of the Cyber Department at Unit 8200; and Orel Ben-Ishay, former R&D Cybersecurity Group Leader at the Special Operations Division.

Since its launch, Sweet has doubled its headcount, closed dozens of new customers and has been recognized by CSO Online, CRN and Gartner for its unique approach.

“Sweet’s solution shifts cloud security right. Owing to its innovative behavior-based security technology that factors in applications, networks, and identities, the Sweet platform unifies risk reduction across cloud use-cases” said Yuval Ben-Itzhak, General Partner, Evolution Equity Partners. “The outstanding team, technology, and timing – it’s as Sweet as it gets. We’re excited to join and support the journey.”

In a November 2023 Gartner report titled “Emerging Tech – Mitigate Advanced Persistent Threats in SaaS and Cloud” that cites Sweet as a Sample Provider for Runtime and Workload Security, Gartner analysts advise that companies: “Focus more on the runtime; get events directly from the runtime environment, not just via third-party APIs. Use agents that support for example, extended Berkeley Packet Filter (eBPF), open telemetry, where directly gathered telemetry enables more in-depth real-time events for faster detection, contextualization and response or blocking.”

“At first, our broad vision for cloud runtime security was met with skepticism, but we trusted our experience because we have lived the pain our customers experience every day and we knew we could build something they’d love,” said Dror Kashti, CEO, Sweet Security. “This round is an incredible validation of our approach; it will enable us to expand our U.S. presence and make cloud runtime insights actionable across a wider set of practitioners.”

More about

Don't miss