At a time when big rounds are a thing of the past, especially in early stages, Apiro, an application security startup, today announced a $100 million Series B round from several top Silicon Valley companies.
What makes this type of investment attractive at a time when investors are tightening their belts?
According to the company’s founder and CEO, Idan Plotnik, the company is working to help developers and security operations find and fix issues that cause vulnerabilities.
Today, developers and application security engineers are literally overwhelmed with hidden tools, manual risk assessment processes, and too many alerts with false positives without any context. Apiro helps developers and application security engineers proactively remediate business-critical threats using a single solution;
Unlike similar tools, Apiro doesn’t just test a CI/CD pipeline or product for vulnerabilities, it starts at the design stage. “When you create a user story with a new feature request at the design stage before you start coding, we analyze the text and raise a flag when a dangerous feature is requested,” he said.
Beyond that, the company aspires to be a set of guardrails for the development team as the application moves through design, construction, and production. What’s more, Plotnik says, it’s not just about pointing out potential vulnerabilities like Log4j, it’s about finding the ones that matter most to the team. That helps to reduce the volume and limit the number of repairs.
“Let’s say I have 5000 Log4j instances in my codebase with a CVSS score (risk assessment score) of 10, but you only have 100 in your run and only about 50 are exposed to the Internet in a high-impact application. That’s why we’re looking at the context… developers attackers can exploit the most.” To ensure that you fix only critical risks.
Quentin Clarke, managing director of Lead Investor, General Catalyst, said his firm invested this type of money because security is an ever-changing category and they see a lot of potential here.
“Security is one of those areas where tools have to be rebuilt to keep up with changes in development and operating platforms. So as the environment in which applications are being built changes, so must security tools, and there’s an opportunity to build a significant company here,” Clark told TechCrunch.
It probably doesn’t hurt that Plotnik reported that the company grew ARR 400% in the third quarter. The startup has up to 90 employees and will double in size next year with the help of this major investment.
He said building a diverse workforce is one of the company’s five core values, and he is striving to adhere to that as he grows the company. We’re actively hiring women, and we’re trying to train people to get into the software engineering and cybersecurity space. [to expand the available pool of underrepresented applicants],” he said.
Today’s $100 million round was led by General Catalyst with participation from Graylock and Kleiner Perkins. The company did not share the assessment. The total raised so far is $135 million, according to Crunchbase.
It’s worth noting that in September, Israeli business publication Globes reported a rumor that Palo Alto Networks was interested in buying the company for around $550 million. Last month, Jewish Business News reported that the talks had broken down and the company was seeking additional funding.
