One of the big security issues for many companies is knowing which of their SaaS applications are going to cause them problems and knowing how to fix them before they happen. Every organization has a collection of applications that they use on a daily basis, and Israeli startup Suridata’s platform offers organizations and companies to use NLP (Natural Language Processing) to identify all the mines from these applications; they have just finished a fresh round of funding.
We want the CISOs to deal with what is important
Suridata.ai's system manages the risks for information security managers by using natural language processing in the SaaS applications that the company uses - whether it's GitHub, Box or all the others. The system knows how to map the important applications to organizations by the areas in which they work - and prioritizes them when it examines the possible weaknesses in the applications that each organization uses.
For this purpose, the system uses human-like capabilities, based on NLP algorithms that independently analyze the various risks that the applications can present to the organization. It then alerts the information security managers about the possible risks and how to handle them.
In a conversation with Geektime, the company's CEO and one of the founders - Lee Kappon - says that the company's use of NLP as a basis for understanding the risk inherent in any SaaS application has become a significant advantage for them. "We shouldn’t be overwhelming the security teams with all the gaps but prioritize it for them and only show them the biggest risks - those that could have the biggest impact on their business. By doing so, we save them over 60% of the manual work,” says Kappon.
According to Kappon, the role of the CISO (Chief Information Security officer) today is a business role, not a technical role, so the layer we add - the BIP (or business impact prioritization) - is a layer that allows them to concentrate only on the security risks that have a business impact, and not waste time on other "noise". “Some organizations use Suridata to protect the organization's GitHub. Suridata identifies configurations that have been incorrectly defined by developers and pose a risk to the organization,” says Kappon, while giving the example of code that was accidentally made available to the whole world because it was defined as publicly accessible. In addition, she says, Suridata also identifies risks of plugins approved by employees, without knowing that they endanger the organization's information, "We not only allow detection but also automatically close these gaps at the push of a button."
The great showdown: Otters vs Meerkats
If you’re like us, you’re probably wondering what the origin of the name Suridata is (‘Surikata’ is Hebrew for meerkat); Kappon tells us about an inside joke that ended up becoming her company’s name. "During a conversation between the founders, we started talking about meerkats and otters, which look very similar but meerkats are smart and sophisticated animals, while otters apparently can be very violent, even sexually (Read more about that here)," says Kappon. In addition, she says that meerkats live in mobs, and within each mob, there is a meerkat "guard" whose role is to observe and identify if there is any danger approaching. The guard warns the mob with a unique whistle that warns the animals to descend into the tunnels to defend themselves from the danger. This is essentially what the startup does. Eventually, Suridata became the company name - which is an excellent pun on the Hebrew word for meerkat.
Today (Tuesday) the company announced that it has raised $9 million. The round was led by the Israeli New Era Capital Partners with participation from Tom Banahan from Tenaya Capital, Kevin Mahafi one of the founders of the American cyber company Lookout, and several angel investors. Existing investors YYM and Israel's Aristagora VC also partook in the round.
"No one knows what the market will look like in another year or two. We could have taken a lot of money from one of the largest funds in the world and we decided that because we have no idea what the market will look like in two years, we prefer to be careful and only take what we need to get to the next milestone,” says Kappon regarding their fundraising process. “We chose to go through a quick process with partners who see things as we do and give us added value at the product and market levels. For us, fundraising is a means of building the product and the company and not the goal.”