Synack, a startup that has built a platform for “crowdsourced security testing”, announced on Thursday that it has closed a $1.5 million seed round of financing.
Founded in 2013 by Jay Kaplan and Mark Kuhr, Menlo Park, California-based Synack is looking to disrupt the traditional model of vulnerability assessments and penetration testing.
Synack’s platform provides a means for organizations to conduct “Crowdsourced Vulnerability Discovery” using its virtual private testing environment (VPTE), while also giving clients access to a network of security researchers from around the world.
Synack “formalizes existing models” for companies that offer bug bounty programs and gives customers a turnkey solution to manage all parts of a vulnerability testing and rewards program.
Synack’s platform allows organizations to launch a full vulnerability assessment in just a few hours, the company explained, giving enterprises the ability to collect quick feedback, and decrease time to market and patch critical vulnerabilities.
In a recent analysis of bug bounty programs, academic researchers from the University of California, Berkeley concluded that the programs were cheaper to run than hiring expert security researchers to find software vulnerabilities.
“Synack’s founders have leveraged their experience at the National Security Agency to deliver a solution that finds and vets the very best computer scientist researchers around the world and applies their unique skills to vulnerability testing with hundreds of different research perspectives applied to target technologies,” the company said in an announcement.
The funding came from Kleiner Perkins Caufield & Byers (KPCB), Greylock Partners, Wing Venture Partners, Allegis Capital, and Derek Smith, CEO of Shape Security, another security firm backed by KPCB.
“Synack is developing stealth technologies that will form a new standard for vulnerability discovery. Companies like Google and Facebook have demonstrated that using global white hat researchers is an outstanding way to identify security problems and Synack can deliver this capability to any commercial company without compromising security, privacy, and confidentiality,” said Ted Schlein, general partner, KPCB.
“We were looking for technology which would go beyond any one company’s testing methodology,” said Derek Smith, CEO of Shape Security. “Synack gives us a holistic end-to-end view of our security posture, derived from hundreds of different researchers with different backgrounds.”
More information is available on Synack’s website.
