Security Experts:

Breach-and-Attack Simulation Firm SafeBreach Raises $19 Million

SafeBreach has raised a further $19 million to improve and expand its breach-and-attack simulation platform, which allows customers to assess their security posture against a continuous barrage of genuine, but safe, hacker behaviors.

Sunnyvale, Calif-based breach-and-attack simulation (BAS) firm SafeBreach has raised $19 million in a Series C funding round led by OCV Partners. Previous investors Sequoia Capital, Deutsche Telekom Capital Partners, DNX Ventures, Hewlett Packard Pathfinder, and PayPal participated in the round, which brings the total raised to date to over $50 million. The money will be used to develop new product capabilities and services, and to expand its strategic partnerships and channel relationships.

SafeBreach logo

The SafeBreach BAS platform allows users to continually test and assess their security posture by delivering simulated breach methods from an extensive playbook of more than 13,000 breach behaviors. This allows companies to detect whether they have adequate controls in place, and whether those controls are correctly configured.

"The explosive growth of cyberattacks, combined with the increasing complexity of managing IT infrastructure, creates a pressing need for continuous attack simulation," commented Hemi Zucker, managing principal at OCV Partners. "In addition, overstretched security teams need the ability to visualize their entire attack surface, receive guidance on remediation decisions, and ultimately reduce business risk." 

SafeBreach, added Guy Bejerano, co-founder and CEO of SafeBreach, allows CISOs and their security teams "to improve their security stance on an ongoing basis and avoid the misconfigurations and security lapses of their existing security controls that make possible the vast majority of serious security incidents today."

Simply buying and installing new security controls doesn't mean they work. As a result, organizations generally have little understanding of their actual rather than targeted security posture. "Spending and hoping," Bejerano told SecurityWeek, "is not an adequate security strategy.  What is missing is a way to validate the controls on a continuous basis, so that defenders can really know if the controls are effective."

The solution to the paradox of increasing breaches despite increasing security controls is not to buy yet more security controls, but to fix the misconfigurations that are letting attackers through. This is the function of SafeBreach. Most attacks use similar tactics. This means that on the one hand, attackers don't need to reinvent new approaches, but on the other hand, defenders can learn them. BAS automates the role of a red team, safely simulating the actual steps that an attacker would use to see if the company's installed controls will detect the 'intrusion'. 

SafeBreach also collects and correlates the data from the controls being used, so that it knows what the controls actually see. It knows which, if any, security product detects the simulation, and provides a map of the security posture. "Over the past year," added Bejerano, we've also added the ability to mitigate any failed detections. The SafeBreach BAS no longer just helps the customer to understand its security posture, but helps it to improve the posture in an automated fashion. We take the gaps we find and loop them back into the security controls in order to improve and refine the configuration so that the same behaviors will no longer be available to a real attacker."

Another recent enhancement has been the ability to reach out to remote devices and check their security posture -- a capability that has become particularly relevant to the current COVID-19 pandemic and the increase in working from home. 

The playbooks used by SafeBreach in its simulated attacks are continually enhanced and expanded as new hacker methodologies are discovered. So, for example, "when the COVID-19 phishing and malware attacks became known," said Bejerano, "we added simulations to our playbooks within six hours." New threats are found from multiple sources, but the firm also has its own https://www.securityweek.com/new-ransomware-process-leverages-native-win... resource">SafeBreach that constantly looks for and evaluates possible attack scenarios. "During 2019," he added, "this team discovered 23 zero-days."

SafeBreach was founded by Guy Bejerano and Itzik Kotler (CTO) in 2014. It raised $15 million in a Series A funding round in July 2016, and a further $15 million in a Series B round in May 2018.

Related: Fact vs Fiction: The Truth About Breach and Attack Simulation Tools 

Related: Attack Simulation Firm Cymulate Raises $15 Million 

view counter
Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.