Valence Security raises fresh capital to secure the SaaS app supply chain • TechCrunch


parity securityToday, the company that insures business application infrastructure, announced that it has raised $25 million in a Series A round led by M12, an arm of Microsoft, with participation from YL Ventures, Porsche Ventures, Akamai Technologies, Alumni Ventures, and former Symantec CEO Michael Fey. The new capital brings the company’s total to $32 million, and co-founder Shlomi Matchin says it will be directed toward product development and doubling Valence’s 25-person staff by the end of the year.

Maticin co-founded Valence Security with Yoni Shohet in 2021. Two-time entrepreneur Shohet previously co-founded SCADAfence, an industrial IoT security startup. For his part, Matchin was a founding member of Capester, a platform for cataloging videos of civil abuse.

“In recent years, malicious actors have focused on the interconnection of Software as a Service (SaaS) applications, taking advantage of their capabilities in attack campaigns, as seen in the SolarWinds hack,” Matchin told TechCrunch in an email. an interview. Organizations are struggling to secure this [app] Network – A growing, complex, and interconnected environment for SaaS applications, third-party integrations, identities, privileges, and data. “

Matichin and Shohet built Valence to address these challenges around visibility in the SaaS supply chain, including misconfiguration and risk prioritization and remediation. The platform attempts to discover and contextualize all of the company’s SaaS applications with vendor risk assessments, providing tools to detect improperly configured security controls and deviations from established policies.

Valence can also help manage risky, inactive and redundant authentication keys, third-party integrations, zero-token or low-code workflows, Matchin says — as well as public-facing files and potentially insecure and spam emails. directed externally. Meanwhile, the identity security flows within Valence aim to ensure that users are managed by a central identity provider, using multi-factor authentication and properly outputting them.

According to Matichin, the increased demand for these services are the growing threats businesses face – and the general expansion of SaaS implementation. The average enterprise uses about 80 SaaS applications, with BetterCloud She estimates that companies with more than 1,000 employees use more than 150 apps. This opens companies to attack. According to Dimensional Research exploratory study Commissioned by ReversingLabs, a cybersecurity vendor, just over half (51%) of IT security teams report being able to protect their software from supply chain attacks.

The impact of such attacks can be devastating. In a recent research paper, Kaspersky estimated the cost of a supply chain software attack on an organization to be $1.4 million. This does not take into account the loss of revenue from additional downtime that arises during repair, which can add significantly to costs (in proportion to in thousands to me Millions of dollars) and affect the company’s reputation.

“Beyond security concerns, the fallout from SaaS supply chain attacks is a top business priority given the increasing number of high-profile SaaS supply breaches over the past two years,” Matchin said. “These breaches can expose many interconnected SaaS applications of a single organization as well as threaten business critical data stored in those applications. These risks to business objectives, as well as business continuity and efficiency due to the significant impact of these breaches on SaaS usage, should be a top priority. C-suite”.

Tel Aviv-based Valence competes with a number of vendors in the field of SaaS application security for the supply chain, including Canonic Security, Atmosic (which raised $6 million), Asterix Security ($15 million), wing security ($26 million), AppOmni ($123 million), Obsidian Security ($119.5 million), adaptive shield ($34 million). When asked if it worries him, Machin answered by highlighting what he sees as a growing need for visibility and control of SaaS assets and risk handling.

“With remote working conditions accelerating the adoption and use of SaaS applications, the unique, unaddressed surface of risk has exposed the growing need for SaaS security solutions targeting the sprawling SaaS network,” Matchin said. In this regard, Valence has been in a strong position to address unique security and commercial needs at the height of the pandemic, [and] Valence will continue to set the standard for SaaS security going forward.”

Maticin did not disclose the size of Valence’s customer base or expected revenue. But even if it falls short of the company’s close competitors, venture capital appears ready and willing to throw its weight behind the security vendors. In the first half of 2022, $12.5 billion was invested in venture capital across more than 530 deals, according to To a report from investment firm Momentum Cyber ​​- in line with H1 2021’s $12.6 billion investment.

Leave A Reply

Your email address will not be published.