Hear from CIOs, CTOs, and other C-level and senior execs on data and AI strategies at the Future of Work Summit this January 12, 2022. Learn more
Cloud security remediation startup Dazz, which today announced it has raised $60 million in funding, said it plans to launch its AI-driven product into general availability in the first quarter of 2022 after having deployed the platform with a dozen paying customers — half of them in the Fortune 500. The one-year-old startup is focused on rapidly fixing cloud security issues with the help of automation, and doing so in a “developer-friendly” manner, cofounder and CEO Merav Bahat told VentureBeat.
The funding includes a new $50 million series A round and a previously undisclosed $10 million seed round raised earlier this year. The investments come from backers including Insight Partners, Greylock Partners, Index Ventures, and Cyberstarts.
Bahat was formerly the general manager of Microsoft’s cloud security business and deputy general manager of the Microsoft Israel R&D Center, and she cofounded Dazz in January 2021. Joining her as founders are chief technology officer Tomer Schwartz, who previously founded the Microsoft Security Response Center in Israel and cofounded IoT security firm Armis; and vice president of R&D Yuval Ofir, who previously headed R&D at IoT security firm Claroty.
Cloud security or cloud insecurity?
The Dazz platform addresses major cloud security pitfalls like misconfigurations, which are blamed for the vast majority of breaches in the cloud, Gartner has reported. A recent study from Fugue and Sonatype found that 36% of organizations suffered a serious cloud data leak or a breach over the previous 12 months, due largely to misconfiguration issues.
Insight Partners managing director Steve Ward, who led his firm’s investment into Dazz, told VentureBeat that the company addresses an “urgent security need” created by the rapid adoption of cloud computing and security point solutions — both of which have been accelerated by the pandemic. The product enables chief information security officers (CISOs) and other security stakeholders to gain a unified view of remediation efforts, allowing them to more effectively prioritize incidents, Ward said.
And secondly, Dazz traces back misconfigurations and vulnerabilities to the team and individual developer who owns the problem, pulling up the corresponding code snippet and recommending new code to prevent future incidents, he said.
“Dazz is the kind of solution that as a former CISO would help me sleep at night,” said Ward, who was previously CISO at The Home Depot before joining Insight Partners. “Knowing active vulnerabilities are being remediated down to the code owner and snippet, and proactive measures are being taken to avoid future cloud security challenges, is what got us so excited [in Dazz].”
Ultimately, “every enterprise CISO needs it,” he said. And so far, Dazz has had an “impressive pace of product execution and growth,” Ward said.
Automating cloud security
There are hundreds of tools available today for finding cloud security problems, and those tools often do a good job in detecting potential risk, Bahat said. However, customers struggle to consume all the information and take action on the findings, she said.
Dazz, on the other hand, “sits across those tools and focuses on remediating security issues quickly and in a developer-friendly way,” Bahat said.
Automation is key to the company’s cloud security remediation technology, which includes “significant” use of AI, she said. The Dazz core technology is driven by an explainable AI engine that the company developed, according to Bahat.
And with its new funding, the startup plans to expand its AI team and cover new use cases that customers have been requesting, she said.
Among the startup’s 12 current customers are six companies in the Fortune 500. The companies span the healthcare, pharmaceutical, financial services, distribution, retail, and high-tech industries, Bahat said. One customer that is being named so far is Takeda Pharmaceuticals, which is Japan’s largest pharmaceutical company by revenue.
For Takeda, Dazz has shown itself able “to get issues to our developers more quickly, identify misconfigurations for direct remediation, and aggregate aspects of development security that were previously fractured and inconsistent,” said Mike Towers, CISO at Takeda Pharmaceuticals, in a news release.
Dazz is on track to launch its product into general availability by the middle of Q1 2022, which will signify larger coverage, integrations, and support for the product, the company said. Prior to that, the company needs to hit several maturity and readiness milestones, Bahat noted.
In terms of market expansion, Dazz is targeting the U.S., the United Kingdom, and Europe to start, she said.
Building the team
The startup has offices in Palo Alto, Calif., and Tel Aviv, Israel. Dazz currently has a 30-person engineering team, and has plans to more than double the engineering team in 2022 to at least 75. The company also aims to build a go-to-market team in the U.S. of 25 to 35 people next year, Bahat said.
She added, “I am aware of my rare position as one of just a few female CEOs and founders in cybersecurity.” And having the opportunity to raise “one of the biggest early rounds in the market” is even more uncommon, Bahat said.
Thus, “I am committed to using my unique status to promote and celebrate women in technology, cyber, startups, and leadership,” she said.
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
- up-to-date information on the subjects of interest to you
- our newsletters
- gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
- networking features, and more