Did you miss a session at the Data Summit? Watch On-Demand Here.
Today, vulnerability management and process automation platform Nucleus Security announced that it had raised $20 million as part of a Series B funding round, achieving a valuation of more than $100 million.
Nucleus Security’s platform enables users to automate vulnerability management processes and workflows, leveraging the latest threat intelligence from sources including Mandiant, EPSS and the CISA Bod KEV.
It also integrates data from other third-party tools like asset inventories, vulnerability scanners and penetration testing tools to provide visibility over the entire tech stack.
For enterprises and technical decision-makers, Nucleus Security offers a solution for monitoring their organization’s security posture, so they can identify and respond to vulnerabilities throughout the environment and reduce the chance of unwanted intrusions.
Unifying vulnerability management
As the number of technologies organizations use has increased, the number of vulnerabilities that attackers can exploit has also multiplied to the extent that researchers discovered 18,378 vulnerabilities in 2021, including 3,646 high-risk vulnerabilities.
Today, even the most experienced security team cannot mitigate such a high number of vulnerabilities manually.
The only way to consistently mitigate these vulnerabilities is by automating the vulnerability management process. That’s not just automating vulnerability scanning, but also being able to integrate the data generated by vulnerability scanners, penetration testing tools and asset inventories into a single location.
“Many people associate vulnerability management with scanning, but that’s only one important part of the process. Being able to manage all the data being generated by scanners of different types and then making it actionable so that the business can react appropriately is a developing space where Nucleus sits,” said Scott Kuffer, cofounder of Nucleus Security.
“This type of vulnerability management ‘at scale’ provides unique challenges that can only be solved through data unification and smart automation of tasks throughout the entire pipeline. Nucleus integrates with existing tools to aggregate, normalize, prioritize and enrich the vulnerability data in an enterprise,” Kuffer said.
In short, Nucleus Security’s solution to this challenge is to provide organizations with a central solution for ingesting and processing asset and vulnerability data that integrates with external workflow tools, to automate time-consuming tasks around vulnerability management.
The next generation of security and vulnerability management
Nucleus Security is a part of the security and vulnerability management market, which researchers valued at $6.7 billion in 2020 and estimate will reach a total value of $15.86 billion by 2030.
The provider is competing against a number of competitors including Kenna Security (owned by Cisco, a customer of Nucleus), a risk-based vulnerability management tool which scans for vulnerabilities and provides a risk score, alongside an overview of vulnerable assets and fixes, which achieved a valuation of $98 million in 2019 following a series D funding round of $48 million.
Another competitor is Vulcan Cyber, a SaaS-based vulnerability management platform with remediation intelligence, risk prioritization, and security risk analytics, which raised $21 million as part of a Series B funding round last year.
Although, Kuffer argues that one of the key differentiators of Nucleus Security is its fast deployment time.
“Nucleus differentiates by being extremely partnership-driven with its approach. We listen to customers and want to be the best security software vendor that organizations work with. We often get the feedback that we are the easiest vendor to work with … we also get consistent feedback that we can be deployed much quicker than competitors to a full program deployment,” Kuffer said.
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn More