Categoria: Funding/M&A

Guardz Emerges From Stealth Mode With $10 Million in Funding

Guardz today emerged from stealth mode with $10 million raised in a seed funding round led by Hanaco Ventures, with additional investment from iAngels, Cyverse Capital, and GKFF Ventures.

Founded in May 2022, the Tel Aviv, Israel-based startup has developed a platform designed to protect small and growing businesses from cyberattacks, and it also helps them obtain cyberinsurance from third parties.

Guardz’s platform covers devices, email, identity, web browsing, and cloud applications, and the company also helps organizations train employees to identify phishing and other types of malicious messages.

The platform continuously monitors an organization’s internal and external digital footprint to provide real-time protection, and allows administrators to immediately take action when necessary, from a single dashboard.

According to Guardz, by providing comprehensive cybersecurity protection, its platform also makes cyberinsurance available to companies that were previously ineligible.

The solution is also offered to managed services providers (MSPs).

The startup plans to invest the new funding in platform expansion, the cyber insurance line of business, and go-to-market distribution channels.

The post Guardz Emerges From Stealth Mode With $10 Million in Funding appeared first on SecurityWeek.

Saviynt Raises $205M; Founder Rejoins as CEO

Identity and access governance vendor Saviynt on Tuesday announced the closing of a $205 million financing round and the return of its founder Sachin Nayyar as chief executive.

The latest funding brings the total raised by the California company to $375 million and provides a growth-mode runway for Saviynt to establish a foothold in a very competitive marketplace.

The new $205 million round was led by AB Private Credit Investors’ Tech Capital Solutions group, an affiliate of global investment management firm AllianceBernstein.

Saviynt sells technology in the intelligent identity and access governance category. The company’s tools help organizations secure critical apps, data, and infrastructure in the cloud.

In tandem with the funding news, Saviynt said founder Sachin Nayyar will return to the company and take on the CEO role. Nayyar first led Saviynt from its creation in 2011 through 2018.

Saviynt said it is enjoying exceptional company growth driven by continued strong demand for its Enterprise Identity Cloud, a cloud-native converged identity platform for workforce, enterprise applications, privileged and third-party identities.

The company said businesses are using its EIC platform to maximize ROI, lower costs, reduce complexity, and streamline IAM processes.

The post Saviynt Raises $205M; Founder Rejoins as CEO appeared first on SecurityWeek.

Tenable Launches $25 Million Early-Stage Venture Fund

Vulnerability management software firm Tenable has launched a $25 million venture fund to place bets on early-stage startups in the attack surface and exposure management space.

The new Tenable Ventures plans to make seed- and early-stage investments in companies building technology to help businesses discover, assess and manage security risk.

The Columbia, Maryland-based Tenable said the fund will work with startups in highly-competitive cybersecurity markets such as Israel and the U.S., to help with the development and go-to-market strategies for exposure management solutions.

The venture fund also plans to work with startups to improve product design, create consistent and shareable data models, enterprise readiness and more.

“[We] will invest in companies tackling significant problems that require new and innovative approaches, data sets and platforms,” Tenable said in a note announcing the fund.

The company said it will look for companies that focus on a preventive approach to security using emerging technologies in cloud security, identity management, external attack surface management, operational technology and vulnerability management.

Such technologies would expand the exposure management ecosystem and could be considered for integration into the Tenable One Exposure Management platform, the company said.

Tenable Ventures has already made investments in three companies — software supply chain security play Lineaje, identity threat detection and response firm Authomize and API security startup Araali Networks.

Tenable has itself been active on the acquisition front, shelling out $45 million in 2022 to purchase attack surface management startup Bit Discovery. Prior to that, Tenable also acquired Accurics and Indegy for a combined $238 million.

The post Tenable Launches $25 Million Early-Stage Venture Fund appeared first on SecurityWeek.

Forward Networks Raises $50 Million in Series D Funding

Forward Networks, a company that specializes in security and reliability solutions for large enterprise networks, has raised $50 million in a Series D funding round.

The funding round, which brings the total invested in the company to more than $110 million, was led by MSD Partners, with participation from Section 32, Omega Venture Partners, Goldman Sachs Asset Management, Threshold Ventures, A. Capital and Andreessen Horowitz.

Forward Networks’ product creates a digital twin of the customer’s network, helping them gain insights that can be used to make better decisions and improve their network’s security, compliance and health. The platform supports AWS, Google Cloud Platform, and Microsoft Azure.

For network security, the company’s platform provides attack surface management, vulnerability management and security posture management capabilities.

Forward Networks claims to have quadrupled its customer base since 2019 and achieved an ARR growth of 139% from 2021 to 2022.

The post Forward Networks Raises $50 Million in Series D Funding appeared first on SecurityWeek.

Thoma Bravo to Buy Magnet Forensics in $1.3B Transaction

Thoma Bravo’s shopping spree in the cybersecurity lane is showing no signs of slowing down.

The private equity giant has announced plans to spend $1.3 billion to acquire Canadian software firm Magnet Forensics, a deal that expands Thoma Bravo’s push into the lucrative cybersecurity category.

Magnet Forensics, based in Waterloo, markets a suite of tools in the digital forensics and incident response space to help businesses hunt for early signs of data breaches.

Thoma Bravo said its newly created Morpheus unit will acquire Magnet Forensics for approximately $1.3 billion and take the company private.

Once the deal closes, Thoma Bravo said the plan is to combine Magnet Forensics with Grayshift, a third company that also sells digital forensics software and tools. Thoma Bravo has majority control of Grayshift after a strategic investment last July.

With the two combined entities, Thoma Bravo’s ambition is to create “a powerful end-to-end digital investigations platform” for public safety agencies to work on cybercrime cases.

Grayshift markets mobile device digital forensics tools to help with lawful access and extraction.

The transaction is expected to close by the second quarter this year.

Over recent years, Thoma Bravo has bought into the cybersecurity business in a big way, shelling out billions to acquire Ping Identity ($2.8 billion deal), SailPoint ($6.9 billion all-cash) and Sophos ($3.9 billion).

The private equity firm’s portfolio also includes Imperva, LogRhythm, AppOmni, Proofpoint and Venafi.

The post Thoma Bravo to Buy Magnet Forensics in $1.3B Transaction appeared first on SecurityWeek.

Critical Vulnerabilities Patched in OpenText Enterprise Content Management System

Several vulnerabilities described as having critical and high impact, including ones allowing unauthenticated remote code execution, have been found and patched in OpenText’s enterprise content management (ECM) product.

The vulnerabilities were discovered by a researcher at cybersecurity consultancy Sec Consult in OpenText’s Extended ECM, which is designed for managing the distribution and use of information across an organization. Specifically, the flaws impact the product’s Content Server component.

The security firm this week published three different advisories describing its findings.

OpenText was informed about the vulnerabilities in October 2022 and patched them earlier this month with the release of version 22.4, according to Sec Consult.

One of the critical vulnerabilities, tracked as CVE-2022-45923, can allow an unauthenticated attacker to execute arbitrary code using specially crafted requests.

The second critical flaw, CVE-2022-45927, impacts the Java Frontend of the OpenText Content Server component and can allow an attacker to bypass authentication. Exploitation could ultimately lead to remote code execution.

Sec Consult has also identified five types of vulnerabilities in the Content Server component that can be exploited by authenticated attackers.

These issues, rated ‘high impact’, can be exploited to delete arbitrary files on the server, escalate privileges, obtain potentially valuable information, launch server-side request forgery (SSRF) attacks, and execute arbitrary code.

Proof-of-concept (PoC) code is available for the high-impact issues, but the advisories describing the critical flaws do not include PoC code in an effort to prevent malicious exploitation.

The post Critical Vulnerabilities Patched in OpenText Enterprise Content Management System appeared first on SecurityWeek.