Cybersecurity has become a white-hot topic in the world of technology. Not only are data breaches continuing unabated, but security companies themselves are very much in the spotlight as a result. One of the fastest-growing, Wiz, was the object of a now-abandoned $23 billion acquisition offer from Google.
Now, another cybersecurity startup, coincidentally closely associated with Wiz, has raised a significant round of funding. Dazz, which focuses on vulnerability remediation for enterprises that use cloud services, has raised $50 million in equity funding. The startup is not disclosing its valuation, but sources close to the company say the figure is just under $400 million post-money.
Dazz works with larger enterprises, and while it’s not disclosing revenue numbers, it claims that revenue has increased by more than 400% over the last year.
Existing investors Greylock Partners, Cyberstarts, Insight Partners and Index Ventures are collectively described as “leading” the round. Dazz, which launched in 2021, has now raised around $110 million in total.
Dazz is headquartered in Palo Alto, but its roots lie in Israel, and those roots run deep. Merav Bahat, its co-founder and CEO, worked for years at Microsoft’s cloud security business, which got its start when Microsoft acquired Adallom, the previous startup founded by the creators of Wiz.
Bahat was instrumental in taking Microsoft’s cloud security unit to a $2.5 billion business when she left to start Dazz in 2020. That subsidiary is now worth more than $20 billion.
Bahat picked up two very important things during her time at Microsoft.
The first of these was a close friendship with Assaf Rappaport, the CEO and co-founder of Adallom, and later Wiz. They are both based in NYC and Tel Aviv, and Bahat is Rappaport’s go-to dog sitter and informal second human family. In company with others, the two founders might even finish each other’s sentences. And when Rappaport was getting ready to start Wiz, Bahat became one of his first investors. (Yes, she would have stood to benefit greatly had the sale to Google gone through.)
The other thing Bahat picked up was a very solid understanding of what works in cloud security, what doesn’t, and what could use significantly more R&D and attention. It was with that knowledge that she co-founded Dazz with two other cybersecurity veterans, Tomer Schwartz (the CTO) and Yuval Ofir (VP R&D).
Prospects and customers, Bahat said, all work with a wide array of cloud security platforms like Palo Alto Networks, Wiz and CrowdStrike. But with all of these, she said, there remains a gap and opportunity to focus specifically on remediation, which is the next step after vulnerabilities, misconfigurations or breaches are identified and fixes are issued.
“When we talk to [security teams], what we hear is that when it comes to vulnerability, prioritization and remediation, nobody’s solved these issues.” Part of the reason, she explained, is that it’s a very manual and complicated process because of the volume of problems that arise in a typical network.
“All the security tools are really focused on visibility and detection and giving you what’s wrong. So much is wrong,” she said. “Some of the organizations I work with, they might find millions of unserved and unsolved vulnerabilities.” One customer had as many as 1.2 billion vulnerabilities identified in its network, she noted.
There are a number of other players in the remediation space out there, including big security platforms. Dazz’s breakthrough seems to be its technology to detect those vulnerabilities across multiple cloud architectures and environments (it describes this as “unified” remediation). The company has also created an AI-powered automation layer that prioritizes the problems, and identifies which vulnerabilities are near active work and which are sitting dormant so that security teams can organize more effectively.
Bahat noted that remediation efforts might have just addressed around 10% of vulnerabilities (hopefully the most alarming) in the past, but Dazz’s approach can hit more like 50%-80%.
Companies like Wiz have definitely benefited from the current trend at enterprises to procure IT from fewer “one-stop shop” providers. But there is still an argument to have point solutions for certain functions. Dazz and its investors believe remediation is one of those areas, especially when the so-called “single pane of glass” can address all of the assets of a company — whether they are in the cloud or on premises.