Multi-Layered Defense Platforms and other terms we found in security press releases – ESW #355

$20M growth round led by Energy Impact Partners. Generates SBOMs, does SCA, ingests data from other scanners, provides remediation guidance.

$11.5M seed round led by Maverick Ventures and Ten Eleven Ventures. "BlueFlag Security offers a multi-layered defense platform that integrates identity security with open-source software risk management and developer tool posture management."

$10.5M round led by Two Bear Capital. Seems like an Eclypsium competitor. We had their CEO/founder on a while back, on episode 327.

$7 seed round led by Two Bear Capital. Another AI company trying to control input/output via a shim between users and LLMs.

$6.5M seed round led by SYN Ventures and SentinelOne's S Ventures. "Auguria drives the transformation of traditional security operations by encoding generations worth of hard-won human security experience into artificial intelligence (AI) models capable of cutting through a sea of multi-vendor event data."

Virtual SOC analyst?

$6M in seed funding led by Harpoon Ventures and Mango Capital. "One-click to build your security data lake."

£3m 'late' seed round, led by Fuel Ventures. Aiming to "deliver measurable secure behavior change" (security awareness training, then?) "Nudge your users to protect themselves..."

$2.8M pre-seed round led by 11.2 Capital. My best guess at what they do is some abstracted meta-API of all your other security APIs?

$1.6M seed round, led by Shasta Ventures. Another AI company trying to shim between users and LLMs.

Oxeye will reportedly help GitLab accelerate its SAST roadmap, and augment its SCA and compliance tools.

For the same price Zscaler picked up Avalor last week, Wiz gets a jump on the cloud detection and response space. Seems like this product is focused around useful, context-enhanced detections, and automated playbooks to do something about them.

"JumpCloud Acquires Resmo for Next Gen IT, SaaS, and Cloud Asset Management"

I've been a JumpCloud fan for over a decade now. It was originally designed to be a security product, but pivoted into an SMB alternative to Microsoft. The fact that they're still around proves the market really needed something more versatile and easier to deploy and manage than Entra ID in smaller environments.

As JumpCloud expands with acquisitions, I wonder how far they can go, in building an alternative to Microsoft, Okta, and other massive complex platforms.

We're starting to see some very cool purpose-built LLM models!

Another vuln with a marketing campaign. It's an interesting processor-focused sidechannel attack that amounts to privesc, much like Spectre. It's unlikely any attacker would ever need it or use it, but it has the potential to damage Apple M-series chip performance - the primary mitigation is to disable prefetch while executing cryptographic functions. M3 chips can disable prefetch, but M1 and M2 chips cannot.

For academic researchers, this is some cool research.

For defenders and IT folks, this is a nothing burger that might waste a lot of their time and hurt the performance of their users' systems.

The Cloud Security Alliance is working on an LLM threats taxonomy. Now is the time if you want to weigh in!

This highlights the need for technology-based benchmarks for new technologies in security. We're already seeing purpose-trained LLMs, so it makes sense that we'd want to test existing LLMs for efficacy at various security-related tasks.

Normally, I'd roll my eyes at this as just an empty announcement we'll never see any tangible benefits from, like when Intel acquired McAfee. However, as we see purpose-built LLMs start to pop up, I'm intrigued about what Crowdstrike could potentially do with custom cybersecurity-focused LLMs!