Cybersecurity continues to grow in complexity due to the ever-increasing threat landscape -- more services in the cloud, more digital operations and more devices mean more attack surfaces and variations for malicious hackers to worm into networks, and thus more tools to fight this -- and that is creating more work for operations teams tasked with responding to security threats. Today a startup called Seemplicity is emerging from stealth with $32 million in funding for a platform that it believes will help reduce that load.
Funding for the Israel-based startup is coming in the form of a $6 million seed round and a $26 million Series A. Glilot Capital Partners, by way of its early growth fund Glilot+, is leading the Series A with new backers NTTVC and Atlantic Bridge and previous backers S Capital and Rain Capital also participating. S Capital led its seed round.
Ravid Circus -- Seemplicity's CPO who co-founded the company with Yoran Sirkis (CEO) and Rotem Cohen Gadol (CTO) -- said the company was choosing now to come out of stealth and launch publicly with news of its funding in part because the second round had recently closed, and in part because it has racked up a decent number of customers already: 20 enterprises covering Fortune 500 and publicly traded companies in various sectors (none of whom are willing to have their names disclosed yet).
Seemplicity is a portmanteau of "see" and "simplicity", and that is effectively what it is doing: helping DevOps and SecOps teams see a more complete picture of the state of an organization's security, by simplifying how to view it.
The problem is a pretty basic but thorny one: these days, DevOps teams are faced with a difficult task that in some ways is only getting harder. The number of breaches growing, according to both general and specific accounts; and that is translating to an ever-expanding range of tools targeting different aspects of security covering specific areas and use cases such as applications, SaaS, cloud and endpoint security. But while there has been a big evolution in security towards much more automation to handle a portion of the alerts that are generated by these different security apps, there are still a number of items that require human involvement to address and ultimately resolve.
This in turn results in a huge shower of data that comes down on those DevOps teams that is hard to parse even before any action is taken.
This is where a product like Seemplicity comes into the picture: It takes all of those alerts and orchestrates them, to figure out which are related, which can be bundled together, which are more urgent (because they are central to how something operates, or because it could signal a cascading problem, for example) and which can be fixed by fixing something else.
By doing so, "We allow an organization to fix and remediate more effectively so that they are less in the business of firefighting," Circus said. "The way to get to shorter times in security incidents is to remediate them faster." The platform can be configured by organizations, but it also learns from how it is used, Circus said.
This is an especially acute problem for larger organizations, the enterprises that Seemplicity is already serving and targeting for more business. Its customers typically have over 20,000 employees and might have as many as 15 or 20 DevOps and SecOps teams with multiple security programs and protocols already in place, so this is about channelling work more effectively across those organizations, as much as it is about identifying how best to tackle the trove of work. Given that teams are more distributed than ever these days, that's also a reason for needing better tooling to manage how they work, and what they are working on.
"In fact, I'd say that the main factor is not complexity but just the amount of remediation," Circus said.
Seemplicity is joining what appears to be a growing number of tools to help manage SecOps -- Rezilion is another aiming to improve some of the busywork of SecOps teams; SeviceNow is also building more in this area; and something like Jira, already so ubiquitous in DevOps, might also be used to address this. But Circus said that it looks like Seemplicity is the only purpose-built tool today that aims to consolidate and prioritize notifications from security apps that address all of the different aspects of how a network operates, giving it a kind of moat (at least for now). The three founders come with a collectively long history in enterprise security, meaning that they understand the challenges firsthand and have built this product to address those.
“The ever-changing threat landscape of cybersecurity opens up organizations to more risks, necessitating the adoption of more security solutions. Ironically, the more cybersecurity tools a company uses, the less efficient its security team becomes at controlling and reducing risk,” said Lior Litwak, managing partner of Glilot+, Glilot Capital’s early growth fund, in a statement. “By streamlining the operational element of cybersecurity and building a dynamic, real-time bridge between security and remediation teams, Seemplicity enables organizations to both significantly improve their cyber risk posture and address their ever-increasing workloads.”
“From the get-go we knew we were dealing with strong founders who are leading subject matter experts. The vision they set out quickly translated into a platform that provides significant value to its customers, which over the past year has continued to grow,” said Aya Peterburg, managing partner of S Capital.
"CISOs are having to rethink their security automation and processes as they navigate challenges with access to talent and lead increasingly distributed teams,” said Vab Goel, founding partner at NTTVC. “Seemplicity offers a unique, simple, and powerful automation platform that aligns the entire security organization around the highest impact actions."