SafeBreach Raises $15M to Help Firms Test Their Security Readiness

The security firm aims to better help organizations defend against the "Hacker Playbook," techniques used by attackers to infiltrate a network.


After seven months of general availability, security vendor SafeBreach on July 26 announced that it has raised $15 million in a Series A round of funding, bringing total funding to date for the company to $19 million. SafeBreach will use the new funding help its research and development efforts as well as market expansion.

SafeBreach officially launched in January with the promise of helping organizations run simulated attacks to test for security readiness. Among its Series A investors are Deutsche Telekom Capital Partners, Hewlett Packard Pathfinder, Maverick Ventures and Sequoia Capital.

"A lot things have happened at SafeBreach since January. We've acquired dozens of customers from various verticals that have validated our value proposition," Guy Bejerano, CEO and co-founder of SafeBreach, told eWEEK. "Today we have customers using our platform in production, looking at security posture and identifying gaps."

Bejerano noted that he's particularly happy that a number of his early customers have begun taking SafeBreach analysis reports to their company boards of directors. The security discussion at the board level now is about data from SafeBreach reports, he added.

Board-level reporting is a topic that was discussed earlier this year in a report from security firm Bay Dynamics, which found that many boards don't get the information they need.

A core promise of the SafeBreach platform is that the technology makes use of what Bejerano refers to as the Hackers' Playbook. The Hackers' Playbook is the set of techniques and methods used by attackers to infiltrate a network.

Since the initial launch of SafeBreach, the set of techniques in the Hackers' Playbook has been expanded to look beyond just the network to external systems and the cloud, according to Bejerano. SafeBreach has a partnership with FireEye's iSight division, bringing in threat intelligence feeds and building attack simulations from the feeds.

"We're also looking at multiple integrations with other vendors, including SIEM [Security Information and Event Management] solutions such as Splunk and HP Arcsight," Bejerano said.

With the SIEM integration, he said, the idea is to enable SafeBreach customers to work through the entire operational cycle of a security team. Bejerano said that he's not interested in just knowing that, for example, a firewall failed to block an attack; rather, the goal is to understand the full impact of a failed security control against various attacks.

"We're bringing the offensive Hackers' Playbook into a different play that can help defenders to be very efficient in understanding what needs to be mitigated," Bejerano said.

SafeBreach is working on expanding its ability to help organizations in an integrated way with remediation controls for identified vulnerabilities, he said.

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.