Best of Cyber April Fools, Tons of Free Tools, runZero positioned to disrupt? – ESW #401

This week's vibe check asks, "what's the biggest reason cybersecurity tools don't get fully adopted?"

The answer was a tie, with "lack of internal expertise" and "poor integration with existing workflows" dead even. Just behind them was "tools overpromise and underdeliver". Same as it ever was, sadly. Something I call "the customization tax" is central here. It's the work that the vendor can't or doesn't do for you, that YOU, as the buyer, have to do post-purchase before the product becomes useful, or even FUNCTIONAL.

Our funding for this week includes:

• Adaptive raises a $43M ???? from A16Z and OpenAI for phishing testing and security awareness??? Say that again? Isn't that one of the most saturated and commoditized product categories infosec has? I went a bit down a rabbit hole with this one. Can't find Adaptive on Tracxn or Crunchbase, so no idea if this is their first round or fifth, though I did find an A16Z post about the investment that mentions founder Brian Long is a Nine Inch Nails fan ¯_(ツ)_/¯
• Straiker raised a $21M Series A from Bain & Lightspeed for AI app & agent security
• GetReal raised a $17.5M Series A from Forgepoint Capital for a verification platform that can prevent deepfakes and impersonations
• SplxAI raised a $7M seed round from LAUNCHub Ventures, also for AI application security

Some of the security vendors out there are not like the others. They're often the ones to watch. That's why I've had my eye on runZero, which started out solving one of security's biggest challenges: asset discovery and identification. Traditional vuln scanners are terrible at asset identification, which ruins any subsequent analysis or attempts to identify vulns.

runZero quickly pivoted into the CAASM space, adding integrations at a rapid pace.

This new update brings vulnerability identification into the mix. It's basic, but focuses on what matters (stuff that's on KEV, for example, devices with default creds). By being basic, and focusing on what matters, they're either intentionally or unintentionally enabling buyers to sidestep both the traditional infrastructure vuln scanning solutions (Tenable, R7, Qualys), AND the vuln prioritization vendors (Nucleus, Vicarious, the now-acquired Vulcan Cyber, etc). Could runZero replace traditional vuln mgmt solutions? Probably not in the short term, but they're sure flirting with the idea in a way that would have me worried if I were in that space.

What's more, these new features are available in the community edition I use at home for my lab environment! Consider my interest piqued.

Huge potential impact on EMEA for US cybersecurity sellers. As the cloud buying trends go, I'd expect cybersecurity to follow.

SO COOL, I could have really used this 10+ years ago. I tried building something like this, didn't have great results when it came to automatically sorting the screenshots though.

Not a vulnerability, and not in the LLM. We'll explain.

Also check out Leslie Carhart's post with similar advice!

https://tisiphone.net/2025/04/01/lesley-what-happened-to-the-cybersecurity-skills-shortage/

The greatest insider threat case in recent memory just dropped some even more jaw-dropping details

Absolutely hypnotized by this story - the idea that an entire country could decline to destruction simply by not having enough babies, and this happening within my lifetime to a major country has my attention. Apparently, by the time my kids are my age, South Korea's population will be only 1 child for every 100 adults.

The best of April Fools 2025