Business app infrastructure security company Valence Security today announced that it has raised $25 million in a Series A round led by M12, Microsoft’s corporate venture arm, alongside YL Ventures, Porsche Ventures, Akamai Technologies, Alumni Ventures and former Symantec CEO Michael. Fay said the new capital brings the company’s total raised to $32 million, which co-founder Shlomi Matchin said will be used for product development and will double Valence’s headcount of 25 people by the end of the year.
Matechin co-founded Valence Securities with Yoni Shoheit in 2021. A two-time entrepreneur, Shohet previously co-founded SCADAFence, an industrial IoT startup. Matechin was one of the founding members of Capster, a platform for listing videos of civic violations.
“In recent years, malicious actors have focused their attention on the connections between software-as-a-service (SaaS) applications, as we saw in the SolarWinds breach. Interview “Organizations struggle to ensure this [app] mesh – a growing, complex and connected environment of SaaS applications, third-party integrations, identities, privileges and data.
Matechin and Shohet built Valence to address these challenges around visibility into the SaaS supply chain, including misconfiguration, risk prioritization, and upgrades. The platform attempts to discover all of a company’s SaaS applications and contextualize them with a vendor risk assessment, providing tools to identify misconfigured security controls and the likes of established policies.
Valence also helps manage risky, passive and redundant authentication keys, third-party integrations and no- and low-code workflows, Matichin says — in addition to unsecured public-facing files and outbound emails. Identity security flows into Valence, meanwhile, which aims to ensure users are managed by a central identity provider, using multi-factor authentication and properly onboarded.
Driving the demand for these services, according to Matechin, are the increasing risks companies face — and the general proliferation of SaaS applications. While the average enterprise uses about 80 SaaS applications, BetterCloud estimates that businesses with more than 1,000 employees use more than 150 applications. This leaves organizations open to attack. According to a Dimensional study by Reversing Labs, a cybersecurity provider, more than half (51%) of IT security teams report that they can protect their software from supply chain attacks.
The impact of such attacks can be devastating. In a recent paper, Kaspersky estimated the cost of an organization’s supply chain software attack at $1.4 million. This does not account for lost revenue from additional vacation time during recovery, which can lead to costs (ranging from thousands to millions of dollars) and damage to the company’s reputation.
“Beyond security concerns, the consequences of SaaS supply chain attacks have been at the top of business priorities in the past two years, given the increasing number of SaaS supply breaches,” Matchin said. “These breaches can expose multiple interconnected SaaS applications to an organization and threaten business-critical data stored in those applications. This risk to business objectives, as well as business continuity and efficiency, is top of mind for the C-suite due to the significant impact these breaches have on SaaS usage.” must be.”
Tel Aviv-based Valence Canonical Security competes with several vendors in the supply chain SaaS application security space, including Atmosec ($6 million raised), Asterix Security ($15 million), Wing Security ($26 million), AppOmni ($123 million). million), Obsidian Security ($119.5 million) and Adaptive Shield ($34 million). When asked if he was concerned, Matechin responded by emphasizing the need for visibility and control of SaaS assets and the need to mitigate the risks.
“As remote work environments accelerate the adoption and use of SaaS applications, a unique and unaddressed risk landscape has created a need for SaaS security solutions that target the pervasive SaaS mesh,” Matchin said. “In this regard, Valence was in a strong position to address the unique security and business needs of the pandemic. [and] Valence will continue to set the standard for SaaS security going forward.
Matechin did not disclose Valence’s customer base or projected revenue. But even less than the company’s closest competitors, VCs seem ready and willing to throw their weight behind security providers. In the year In the first half of 2022, $12.5 billion in venture capital was invested in more than 530 deals, according to a report by investment firm Momentum Cyber – compared to $12.6 billion invested in H1 2021.