New York based Silk Security has raised $12.5 million in a seed funding round led by Insight Partners and Hetz Ventures, with the CrowdStrike Falcon Fund and angel investors including Shlomo Kramer, Mickey Boodaei and Rakesh Loonkar also participating.
The company is on a mission to break down the silos between security and development with a new integrated ‘find and fix’ platform.
Silk was founded in 2022 by Yoav Nathaniel (CEO, formerly head of threat intelligence at Avanan), Or Priel (CPO, formerly VP enablement at Ermetic), and Bar Katz (CTO, formerly product manager at Facebook).
The primary purpose of the Silk platform is to bridge the gap that exists between security teams (those who find risks in the system), and development teams (those who fix the risks). Better integration between these silos will lead to shorter remediation lag. In December 2022, HackerOne reported aviation and aerospace companies had a median time to remediate of 148.3 days, while medical technology organizations took 73.9 days. During this period, organizations are at increased risk.
Silk consolidates alerts from multiple detection systems, and performs automatic triaging based on threats to the customer’s environment and assets. During this process it can also recognize connected or overlapping threats, and discover the root cause of the problem or problems.
It generates a remediation priority scheme that is made available to the development team (including specific remediation advice). The information is bi-directional: progress on the remediation plan is automatically available to the security team. In this way, the automated triaging, remediation proposal, and progress monitoring integrates security and development into a combined unit that efficiently finds and fixes threats.
The platform operates by integrating with best of breed threat detection solutions and collaboration tools. “Silk uses an agentless approach to connect to the customer’s environment (CI/CD pipeline, cloud environment, detection tools, ITSM tools, user management, workflow tools), and then moves the data through an AI/ML pipeline,” explained Nathaniel.
Using AI technologies, the first step is to normalize and consolidate the detection findings, looking to identify any duplicates. “The next step is context enrichment,” he continued. This provides an asset-centric view of the findings, generated from information provided by the security team, integration with threat intelligence feeds, and severity ratings from CVSS or other frameworks – providing a likelihood-of-exploitability rating. Silk is also able to identify the remediation owner.
“Silk packages the logic that informed the prioritization output,” said Nathaniel. “Rather than simply pushing a detection tool’s finding into something like a Jira ticket, Silk generates a clear and concise recommendation, with a reason for the remediation request – such as a ‘high severity threat on an internet accessible asset’ to the right owner using the right workflow tool.”
The detection tool or tools, and ‘the right workflow tool’ are integrations with the platform. ‘Integrations’ are key to the functionality and user friendliness of the platform, ultimately allowing the platform to be tailored to individual customers’ preferences.
“At the heart of what Silk does is looking at the risk resolution process from a holistic perspective,” continued Nathaniel. “Key to improving the resolution process is working with the workflow tools that developers, infrastructure or IT teams use on a daily basis – and then using bidirectional integration to allow security teams to monitor and gain visibility into remediation status.”
He gave Monday as an example. “A customer requested the bidirectional integration since the team uses the project management features for staging and deploying assets to their cloud infrastructure. Visibility across workflow tools helps CISOs understand their current remediation status at a high level, as well as compare how teams are performing on a relative basis, and potentially identify where there are technical or organizational issues.”
If the relative priority of a finding changes, and the remediation task has not been completed, security teams can use the workflow tools to escalate the priority.
Silk includes a ready-made range of integrated detection tools, and is committed to widening this on an ongoing basis. it also comes with an API that allows customers a ‘bring your-own-inegration’ for the rapid integration of other preferred detection, scanners or workflow apps.
“As a former CISO, my teams wasted so much time managing findings out of multiple spreadsheets and then throwing them over the fence to infrastructure and DevOps teams. It was inefficient and impossible to prioritize,” commented Steve Ward, MD at investing firm Insight Partners. “Silk gives cybersecurity teams the ability to aggregate and prioritize findings in a way that simplifies an overwhelming space for the teams that are responsible for the fix.”
The Silk platform is designed to better integrate the separate functions of the security team (risk detection) and the developers (remediation). Its purpose is to increase the speed and effectiveness of risk resolution within the combined security epithet it dubs ‘find and fix’.
Related: Trackd Snags $3.35M Seed Funding to Automate Vuln Remediation
Related: WhiteSource Becomes Mend, Adds Automatic Code Remediation
Related: Vulnerability Remediation Platform Vicarius Raises $24 Million
Related: Analysis of ICS Exploits Can Help Defenders Prioritize Vulnerability Remediation
