DATA SECURITY

NightDragon Closes $750M Growth Fund as Part of Next-Generation Cybersecurity, Safety, Security and Privacy Platform

NightDragon | August 02, 2021

NightDragon today announced the close of NightDragon Growth I, a new $750 million venture capital fund to invest in and advise late-stage and growth companies in the cybersecurity, safety, security and privacy industry. The fund will aim to advance the industry and close the gap between offense and defense amidst today's aggressive threat landscape.

The NightDragon team is led by Founder and Managing Director Dave DeWalt, a long-time cybersecurity veteran and the former CEO of FireEye, McAfee and Documentum. He is joined by Managing Director Ken Gonzalez and Partner Morgan Kyauk, bringing together decades of experience leading and operating some of cybersecurity and technology's most significant companies.

The fund comes at a time when physical and cybersecurity threats are significantly damaging businesses and government organizations around the world. The team plans to use its significant industry expertise, extensive network and government connections to identify the most critical gaps causing these challenges and invest in the companies that can solve them. 

"NightDragon is committed to investing and advising companies that we believe can help advance the state of security from silicon to satellite," said Dave DeWalt, Founder and Managing Director, NightDragon. "I could not be prouder to announce this NightDragon fund and work alongside this team, our partners and the broader NightDragon Network to support this critical mission."

NightDragon Growth I is part of the broader NightDragon Platform, which includes partnerships, people and programs at every stage of the startup journey from incubation to IPO and exit. This includes affiliations with leading incubators, early-stage investment firms, NightDragon Advisory, private equity companies, IPO experts and M&A firms. Partners in this platform include DataTribe, AllegisCyber Capital, Team8, YL Ventures and Momentum Cyber.

These partnerships add to a set of programs available exclusively to NightDragon portfolio companies under the NightDragon Network, including ND Talent, ND Government Services and ND Go-to-Market. These programs help give NightDragon companies the edge and expertise to break into new markets, recruit new talent, grow internationally, align with leading technology, service provider and systems integrator partners and more. Partners include Carahsoft, Macnica, Cyber Future Foundation and the Athena Alliance.

"At NightDragon, we know that growing a successful company is much more than investing capital. We have assembled a team that has the operational and industry expertise to help our portfolio companies thrive, not only for successful investment outcomes but also to achieve our broader security mission," said Ken Gonzalez, Managing Director, NightDragon.

"From widespread ransomware to supply chain attacks, it is clear we need a next generation of cybersecurity, safety, security and privacy companies to secure our digital ecosystem. Having worked with Dave, Ken, Morgan and the rest of the NightDragon team for many years, I have seen first-hand their industry and operational expertise and am confident they can help shape this industry for the better," said Admiral Michael Rogers, former Director of the NSA.

"The operational and industry expertise of the NightDragon team has been unparalleled in helping our company grow to new levels of success. We are honored to partner with them as a portfolio company and look forward to seeing their impact increase under this new fund," said Paul Martini, CEO, iboss, a NightDragon portfolio company.

"By partnering with NightDragon, we know we are helping our customers align with some of the most innovative companies in the cybersecurity, safety, security and privacy industry. We are proud to be part of the NightDragon Platform and contribute to the mission of better securing our nation's organizations and governments," said Craig P. Abod, President, Carahsoft.

About NightDragon
NightDragon is an investment and advisory firm focused on growth and late-stage investments within the cybersecurity, safety, security and privacy industries. Its platform and vast industry network provide unparalleled threat insights, deal flow, market leverage and operating expertise to drive portfolio company growth and increase shareholder value. The NightDragon team has more than 25 years of operational and market expertise and was founded by Dave DeWalt and Ken Gonzalez, who served as senior executives leading technology companies such as Documentum, EMC, Siebel Systems (Oracle), McAfee, Mandiant, Avast and FireEye.

Spotlight

"Do you know the most common risk factor for corporate cybercrime? Employees. Cyberthreats to your business are usually blamed on outsiders-nefarious programmers writing malicious code designed to pilfer your corporate intelligence, siphon your confidential customer information and/or raid your financial data. Sometimes, the threat actually originates from within, when employees' ignorance and/or negligence opens the door for cybercriminals."


Other News
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Sentra Joins Cloud Security Alliance

Sentra | November 04, 2022

Sentra, a cloud data security company, today formally announced that it has joined the Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. Backed by Bessemer Venture Partners and Zeev Ventures, Sentra enables security teams to gain full visibility and control of cloud data, as well as protect against sensitive data breaches across the entire public cloud stack. The company was recently recognized by Gartner® as a Sample Vendor for Data Security Posture Management in the Hype Cycle™ report for Data Security 2022.1 "As enterprise cloud adoption has accelerated across industries over the past two years, data security has become an inevitable challenge for all organizations –– Sentra's platform takes the guesswork out of what data needs to be protected. "We look forward to collaborating with CSA's extensive network of industry peers to create a secure cloud environment for all organizations. With Sentra's new North American headquarters in New York City, we're eager to align our product mission and security expertise with CSA's initiatives as we expand our global customer base." Yoav Regev, co-founder and CEO of Sentra "We're excited to welcome Sentra as a member of CSA," said Jim Reavis, co-founder and CEO of the Cloud Security Alliance. "Sentra's visibility-driven data security platform and its founders' decades of cyber security experience are an asset to our organization. We look forward to collaborating with Sentra to increase awareness of the importance of data protection in the cloud." GARTNER and HYPE CYCLE are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. About Sentra Sentra is a cloud data security platform that helps organizations discover and remediate the top data security risks in their public cloud. Sentra automatically detects if sensitive data is vulnerable due to misconfigurations, over-permissions, unauthorized access, data duplication or other security issues. The company was founded in 2021 in Tel Aviv, Israel, and has raised $23 million in seed funding to date. The company is now co-headquartered in New York City and Tel Aviv. About the Cloud Security Alliance The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA's activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Blackpoint Cyber Launches Three Product Features

Blackpoint Cyber | November 11, 2022

Blackpoint Cyber, a leading technology-focused cybersecurity company, has released three product features this fall, as they look ahead to 2023. “I am consistently blown away by the Blackpoint Cyber team. Our desire to improve the security posture for our partners is an ongoing journey as we continue to expand an ecosystem of products which address the needs of MSPs and customers in todays’ dynamic threat landscape. As someone with previous experience in the MSP space, it is refreshing to see how much our team really loves the channel and strives to regularly provide additional value by helping MSPs to secure themselves as well as their customers,” said Justin Weller, Director of Business Development at Blackpoint Cyber. Blackpoint partners can stay ahead of cyberthreats with the following products: Security Configuration Benchmarks for M365 – Vulnerability Mapping to CIS Benchmarks for Cloud Environments CIS foundation benchmark for M365 and Azure provide prescriptive guidance for establishing a secure baseline configuration. Blackpoint has reviewed every control on your behalf and made recommendations on several to harden your customer environments. Now you can compare your security measures to Center of Internet Security Benchmarks directly in the Blackpoint portal. Assess your standing against these internationally recognized security standards and implement the recommended changes to reduce the attack surface in cloud tenants. MDE Vulnerability Report—Security Visibility Unlocked The capabilities of Blackpoint’s product bundle, Blackpoint Response, have grown. With Managed Defender for Endpoint, we've introduced internal vulnerability reporting to help you better assess your customers’ security posture, directly within the portal. The reports include recommendations for remediation and simplify the process to action them. Improvements based on the reports may pertain to expiring certificates, device exposure, or vulnerable software. macOS Agent—The Power of MDR Within Your Mac After many requests from their partner community, due to a lack of true Mac MDR, Blackpoint’s flagship MDR product, SNAP-Defense, is now available to monitor and respond to threats on Apple devices running macOS. As the macOS market share in business settings continues to grow, Blackpoint partners now have the capability to provide protection to those assets. About Blackpoint Cyber Blackpoint Cyber offers the only world-class, nation-state-grade cybersecurity ecosystem serving the MSP community. Using its own software and SOC, Blackpoint’s true 24/7 MDR service not only detects breaches earlier than any other solution on the market, but also provides an actual response rather than just an alert to keep your and your clients’ networks safe from widespread damage.

Read More

ENTERPRISE IDENTITY,PLATFORM SECURITY,SOFTWARE SECURITY

Bearer Launches Data-First Security Solution

Bearer | November 15, 2022

Bearer, the data-first security software company, today announced the general availability of the Bearer Data Security Platform. Based on extensive interviews with more than 130 enterprise CISOs at high-growth and global 2,000 companies, Bearer is in beta use across multiple industries with one customer protecting the private data of more than 75 million medical patients. “At Bearer, we strongly believe the best approach for a data-first security approach is to start at the beginning of the journey, following the shift-left security trend. “Data-first security should start in the code. And to be truly effective, it should never impede developers and never allow access to private data itself while still providing ownership context and protecting against vulnerabilities created in the business logic of an application or service.” said Guillaume Montard, CEO and co-founder of Bearer Why Bearer Data Security Platform Now Data security is becoming a top priority for businesses, with customers and governments demanding better data protection driven by the demands of GDPR, CCPA, PDPA and more. Bearer’s detection engine protects PD, PHI, PII and financial data. Cloud native organizations have more complex and fragmented architectures than ever before, making properly-implemented data security risk controls impossible without a proper solution. More than two-thirds of the enterprise 2,000 are focusing on cloud-native applications. DevSecOps is gaining huge traction. 57% of security teams have shifted security left already or are planning to this year, making them ready to use a solution such as Bearer. Bearer has been tested on more than 20,000 open source software projects as well as more than 6,000 data repositories at beta users, partners and early customers. The Bearer Data Security Platform Bearer is a SaaS platform that enables scalable deployments and workflow automation for security management. It discovers sensitive data flows automatically by continuously scanning source code and associated metadata. By monitoring data security risks proactively, it can automatically detect gaps within data security policies during coding and in production. Finally, it can remediate data security issues at a massive scale, giving developers immediate actionable advice on how to mitigate as well as prioritize an issue. Bearer accomplishes these results through three major innovations: Identification of data security risks – Including business logic flaws: Bearer pinpoints data security technical and business logic flaws in code before it’s too late and costly to correct. It then provides actionable context and ownership information to fix issues quickly – in minutes. Before Bearer, pinpointing business logic flaws could only be achieved manually – often left ignored. Frictionless deployment: Bearer is a data security SaaS solution that fits into the development cycles of Global 2000 enterprises without requiring any changes to how software engineering teams work. Additionally, Bearer does not require access to the underlying source code nor the sensitive data itself. Extreme automation: Designed by developers for developers in a world of constant code iterations, Bearer automates the burden of data security compliance for software engineers so they don’t have to become experts on data security regulations across different global markets. Security and compliance teams love how Bearer prioritizes the most critical issues in remediation workflow to allow for speedy resolution between security and development. About Bearer Bearer, the data-first security software company, pioneered a solution for developers to automatically detect sensitive data flow and data security risks while coding. Its policy engine proactively monitors data security policies before releasing code and its unique remediation workflow prioritizes the most critical issues – including business logic flaws – for quick resolution between security and engineering teams. Venture-backed with more than $8 million in seed financing, Bearer is used in markets where privacy protection and data security are business-critical, including eCommerce, financial services, and healthcare.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Safe Security Launches First Cybersecurity MGA to Underwrite Cyber Insurance Based on Continuous “Inside-Out” Cyber Risk Telemetry

Safe Security | December 19, 2022

Safe Security Inc., global leader in cyber risk quantification and management (CRQM), today launched SafeInside Insurance, the first cybersecurity Managing General Agent (MGA) leveraging API-based cyber risk telemetry and quantified insights to underwrite cyber insurance. Backed by an AM Best “A-rated” carrier and panel of prominent, global reinsurance partners, SafeInside is introducing dynamic insurance policies for companies hosted in one or a combination of the leading public cloud service providers and leading SaaS solutions. For example, Amazon Web Services, Microsoft Azure and Microsoft Office 365, Google Cloud Platform and Google Workspace, Salesforce, and Zoom. “Safe Security is thrilled to become the world’s first MGA for cyber insurance using actual cyber telemetry for underwriting. Our vision is to establish a new, de-facto industry standard for how cyber insurance is underwritten, and to provide more transparency between the investment in cybersecurity and cyber insurance. “We are paving the way for a sustainable, profitable cyber insurance ecosystem based on trust and certainty for all stakeholders. Safe Security looks forward to helping insurance buyers get the right cyber insurance policy at the right price for their organization’s specific requirements, as well as assisting brokers and underwriters make more informed decisions and dynamically adjust their portfolios.” Saket Modi, co-founder and CEO, Safe Security The underwriting process through SafeInside takes less than 20 minutes to assess an organization. All insureds also receive access to the SAFE CRQM platform, winner of the 2022 CISO Choice Award for Risk Management, which simultaneously accumulates signals using APIs from existing cybersecurity products, external threat intelligence, and business context to provide unprecedented visibility into possible areas of cyber exposure, and the exact financial risk associated with those cyber exposures. With an objective of improving underwriting standards across the industry, Safe Security will also provide access to its cyber risk quantification platform to other carriers and reinsurers. Safe Security recently announced a partnership with Mosaic Insurance to offer real-time cyber risk evaluation. “Safe Security’s inside-out approach is differentiated from existing market offerings by focusing on the most common techniques used by attackers and examining how attackers think and behave, not how internal IT teams think they behave,” added Steven Schwartz, VP of Insurance Strategy and Underwriting, Safe Security. “This approach removes subjectivity, allowing companies to answer questions about their security controls with precision instead of guess work, at all times. We are working with the entire insurance ecosystem to improve the standards of cyber underwriting.” About Safe Security Safe Security Inc. is a leader in cyber risk quantification and management (CRQM), with a mission to build a safer digital future. Safe Security’s CRQM platform – SAFE – enables organizations to manage cyber risks in real-time. Its platform automatically collects signals from inside and outside a company’s environment to give the company-specific cyber risk rating, or SAFE Score, the financial impact of a potential breach, and an action plan. This enables organizations to have a common language across teams - from the board all the way down to an analyst - to align with a consistent risk metric. Other benefits include justifying investments in cybersecurity and purchase of cyber insurance for the organization.

Read More

Spotlight

"Do you know the most common risk factor for corporate cybercrime? Employees. Cyberthreats to your business are usually blamed on outsiders-nefarious programmers writing malicious code designed to pilfer your corporate intelligence, siphon your confidential customer information and/or raid your financial data. Sometimes, the threat actually originates from within, when employees' ignorance and/or negligence opens the door for cybercriminals."

Resources