Cyberpion, a cyber security and external attack surface management (EASM) startup, announced today that it has raised $27 million in a Series A funding round led by U.S. Venture Partners. Existing investors Team8 Capital and Hyperwise Ventures also participated in the round. Jacques Benkoski, a General Partner at U.S. Venture Partners, will be joining Cyberpion’s Board of Directors.

Following the COVID-19 pandemic, many companies are managing accelerated digitization processes. Unfortunately, these processes create a branched, dynamic attack surface that extends to unknown company assets that the company does not control. And so, these external attacks are becoming more and more prevalent; approximately 73% of the IT infrastructure of Fortune 500 companies is external to their enterprise and a quarter of them were found to have weak points that hackers could exploit. 24% of them have been breached. That is why EASM systems are more relevant today than ever before.

Online interaction among enterprise systems, employees, and customers involves technological partners and third-party solutions whenever new functionality is added to the enterprise's online presence. Moreover, each technology partner is also exposed to its own third-party IT assets and infrastructure, so all in all, an expanded attack surface poses a complex and significant challenge to manage and secure. Without this security, hackers can control or exploit the weak points of these assets to carry out attacks, leaving organizations very vulnerable. Currently, most third-party risk management solutions focus solely on IT infrastructures and suppliers connected directly to an enterprise and disregard their suppliers' suppliers as an immediate cyber risk. They, therefore, are not grasping the true scope of the problem, which leaves them exposed to cyber-attacks like the insertion of malicious third-party code and hostile takeover of assets.

Reducing the ever-expanding external attack surface

Cyberpion is taking a different approach. They help enterprises prevent threats by identifying and reducing the ever-expanding external attack surface, enabling security teams to secure their direct and indirect digital supply chain infrastructure. The platform does so by mapping and analyzing the online, broad, and dynamic ecosystem and thus illuminating weaknesses; it continuously detects vulnerabilities by identifying, examining, and monitoring the company's assets linked to the Internet through third-party and fourth-party systems. When a threat is detected, the platform warns security teams with preventative actions required to thwart an attack. All of this is done without the need for installations, adaptations, or human intervention. As Jacques Benkoski, a General Partner at U.S. Venture Partners stated, “Cyberpion is the only platform that operates outward and deals directly with the problem by constantly evaluating all the assets and providing automatic defence against expected attacks.”

The company has seen immense growth and a vast increase in the number of clients they have. The capital from the new round will allow Cyberpion to expand the platform's capabilities, accelerate its penetration and expansion of its target markets, and recruit talent in the field to double its manpower in the coming year.

Cyberpion's team. Credit: Rami Katzav

Cyberpion was founded in 2017 by Dr. Nethanel Gelernter (CEO), a cyber researcher, and Ori Engelberg (VP R&D), a cloud security expert. Later, Ran Nahmias (Chief Business Officer) joined them as a co-founder. To date, they have raised $36 million.