Security Experts:

Connect with us

Hi, what are you looking for?


Cybersecurity Funding

Synack Raises $1.5 Million to Expand Crowdsourced Security Testing Platform

Synack, a startup that has built a platform for “crowdsourced security testing”, announced on Thursday that it has closed a $1.5 million seed round of financing.

Synack, a startup that has built a platform for “crowdsourced security testing”, announced on Thursday that it has closed a $1.5 million seed round of financing.

Founded in 2013 by Jay Kaplan and Mark Kuhr, Menlo Park, California-based Synack is looking to disrupt the traditional model of vulnerability assessments and penetration testing.

Synack’s platform provides a means for organizations to conduct “Crowdsourced Vulnerability Discovery” using its virtual private testing environment (VPTE), while also giving clients access to a network of security researchers from around the world.

synackSynack “formalizes existing models” for companies that offer bug bounty programs and gives customers a turnkey solution to manage all parts of a vulnerability testing and rewards program.

Synack’s platform allows organizations to launch a full vulnerability assessment in just a few hours, the company explained, giving enterprises the ability to collect quick feedback, and decrease time to market and patch critical vulnerabilities.

In a recent analysis of bug bounty programs, academic researchers from the University of California, Berkeley concluded that the programs were cheaper to run than hiring expert security researchers to find software vulnerabilities.

“Synack’s founders have leveraged their experience at the National Security Agency to deliver a solution that finds and vets the very best computer scientist researchers around the world and applies their unique skills to vulnerability testing with hundreds of different research perspectives applied to target technologies,” the company said in an announcement.

The funding came from Kleiner Perkins Caufield & Byers (KPCB), Greylock Partners, Wing Venture Partners, Allegis Capital, and Derek Smith, CEO of Shape Security, another security firm backed by KPCB

“Synack is developing stealth technologies that will form a new standard for vulnerability discovery. Companies like Google and Facebook have demonstrated that using global white hat researchers is an outstanding way to identify security problems and Synack can deliver this capability to any commercial company without compromising security, privacy, and confidentiality,” said Ted Schlein, general partner, KPCB.

“We were looking for technology which would go beyond any one company’s testing methodology,” said Derek Smith, CEO of Shape Security. “Synack gives us a holistic end-to-end view of our security posture, derived from hundreds of different researchers with different backgrounds.”

More information is available on Synack’s website

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.


Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.


Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.