Sweet Security raises $12M seed round for its cloud security suite

Sweet Security, a Tel Aviv-based cloud security startup, right this moment introduced that it has raised a $12 million seed round led by Glilot Capital Partners, with participation from CyberArk Ventures and numerous angel buyers together with Gerhard Eschelbeck, a former CISO at Google and Travis McPeak, who led product security at Databricks.

Sweet supplies companies with a real-time cloud-native security suite that goals to assist security groups shortly cease assaults on cloud workloads. The firm was co-founded by numerous security veterans: Dror Kashit, the previous CISO of the Israel Defence Forces (IDF), Eyal Fisher, the previous head of the Cyber Department on the IDF’s Unit 8200, and Orel Ben-Ishay, the previous head of cybersecurity on the IDF’s R&D group Unit 81.

Kashit famous that towards the tip of his time within the IDF, the Israeli authorities and navy ready for Project Numbus, the cloud computing venture that seemed into how Israel may transfer its delicate workloads securely into the cloud (a venture, we should always notice, that wasn’t uncontroversial).

“I needed to sign the security paragraph of this project,” Kashit mentioned. “As a CISO, you don’t have any insurance policy. You need to manage your risk. […] But I couldn’t find any good tools for detect and response in real time in the cloud. I looked for half a year and I couldn’t find anything.” So when he retired from the IDF, he referred to as up Fisher and the 2 determined to workforce as much as remedy this drawback.

One of the core applied sciences that Sweet is basing its answer on is eBPF, which permits sanboxed packages to run within the Linux kernel, the place they will gather metrics about community site visitors and useful resource utilization with out creating numerous overhead. While the idea has been round for nearly ten years, it’s solely grow to be considerably mainstream in the previous couple of years, partially as a result of it makes monitoring cloud-native infrastructure loads simpler.

Current options, Fisher famous, weren’t constructed for defending cloud-native purposes. “They weren’t intended for applications running on public clouds,” he mentioned. “They were intended for on-prem and stuff like that and someone migrated them and took them and said: ‘Okay, now use it for cloud.’ The problem is that it consumes a lot of resources. It’s not the right solution. It won’t detect the attacks that we believe are more relevant for those environments.”

Because of this massive overhead, numerous corporations merely don’t implement the prevailing cloud security options. Sweet’s use of eBPF and different applied sciences guarantees to maintain useful resource utilization to a minimal, all whereas offering real-time insights into an organization’s assault floor.

As the workforce famous, Sweet labored exhausting to maintain alert fatigue to a minimal. Given how sophisticated cloud environments are, there’s at all times one thing occurring. Sweet determined to go along with a baseline method to maintain notifications related. The system will alert customers when one thing deviates from this baseline (along with numerous different proprietary strategies for detecting assaults).

Kashit famous that the corporate at the moment has two sorts of consumers (and there are not any main surprises right here): those that had been born within the cloud and people who are in the midst of the digital transformation journey.

With a workforce of fewer than 20 individuals, Sweet plans to make use of the brand new funding to construct out its product and proceed to work with its early design companions to broaden the service.

One space the workforce is considering, Kashit famous, is including some type of automated remediation. In the long term, the corporate might also take a look at API security and different adjoining areas. He careworn that Sweet doesn’t wish to be a function firm however that the workforce is constructing a product suite.

“Investing in Sweet Security was a no-brainer,” mentioned Kobi Samboursly, Founding Partner, Glilot Capital Partners. “First, it’s addressing an increasingly problematic cloud security gap – cloud runtime defense. Second, Dror, Eyal and Orel bring superpowers to the table: the depth and breadth of their cloud security expertise and their ability to build and mentor talented, high-performing teams. Sweet is off to a great start and we look forward to supporting its success.”