In the face of escalating cyberattacks and increased regulatory burden, RegScale raised $30 million from global investors to accelerate AI roadmap and expand go-to-market

RegScale, the leader in Continuous Controls Monitoring (CCM), today announced it has raised $30+ million in an oversubscribed Series B round led by Washington Harbour Partners, with additional investment from new investors M12, Microsoft’s Venture Fund, Hitachi Ventures, and Ankona Capital, as well as continued participation from existing investors SYN Ventures and SineWave Ventures. This raise confirms what customers and investors already know: RegScale isn’t building the next wave of cyber GRC, it’s redefining it, turning compliance from a burdensome, manual checklist process into a real-time and automated platform for the most heavily regulated industries.

“We invested in RegScale because the stakes could not be higher. Protecting critical infrastructure and high-value assets must be achievable, scalable, and resilient,” said Mina Faltas, Founder and CIO, Washington Harbour Partners. “RegScale has the technology, leadership, deep expertise, and market traction to transform GRC from a cost center into a force multiplier for security and resilience. With compliance debt dragging down agencies and enterprises alike, the company doesn’t just check compliance boxes; it increases security effectiveness while cutting compliance costs.”

The new capital will accelerate RegScale’s leadership in the $50+ billion GRC market and fuel key hires across R&D and sales, enabling the company to deliver increased impact to its growing customer base. It will accelerate RegScale’s RegML, industry-leading AI roadmap, expanding the only CCM platform with AI agents purpose-built to continuously monitor compliance, automate evidence collection/reviews, conduct audits, and analyze risk — capabilities no other provider delivers securely at scale. “RegScale’s AI-powered compliance-as-code approach delivers what today’s operators need most: faster certifications, lower costs, and a stronger security posture. This is the future of cyber GRC, and we’re excited to support RegScale as they scale to meet the growing demand,” said Todd Graham, Managing Partner at M12, Microsoft’s Venture Fund. See more here from BusinessWire…

Akamai Technologies (NASDAQ: AKAM), the cybersecurity and cloud computing company that powers and protects business online, today announced that it has signed a strategic agreement with Seraphic Security, a leader in enterprise browser security, to integrate secure enterprise browser (SEB) capabilities into its existing portfolio of enterprise Zero Trust security products.

As organizations accelerate digital transformation and adopt AI, employees need easy-but-secure access to private applications, SaaS platforms, and AI tools from any device, anywhere. At the same time, enterprises need to safeguard internet access against both traditional web threats and emerging AI risks like data leakage and malicious prompts. These risks go beyond network gaps. Meeting these demands requires a Zero Trust approach that enforces precise access controls and delivers intelligent browser-level protection to help ensure security without disrupting productivity.

This partnership enables Akamai to move beyond the traditional security service edge (SSE) approach to network access by providing a simpler and more cost-effective alternative that is easier to integrate with the rest of the security stack. By integrating Seraphic’s secure enterprise browser with its Zero Trust Network Access (ZTNA) product, Enterprise Application Access, Akamai can offer customers a comprehensive security solution that covers traditional SSE use cases.

“Enterprises are realizing that unmanaged browsers and risky AI tools create gaps traditional network security can’t cover,” said Ilan Yeshua, CEO and Co-Founder, Seraphic. “Partnering with Akamai allows us to extend secure browsing into a broader Zero Trust framework, ensuring organizations can adopt new technologies confidently while keeping users and data safe.”

“With Seraphic, we’re able to go beyond the limits of legacy SSE,” said Ofer Wolf, Senior Vice President and General Manager, Enterprise Security at Akamai. “By combining Seraphic’s enterprise secure browsing with our ZTNA solution we deliver a simpler way to secure apps, SaaS, and AI tools on any device, without the heavy infrastructure and complexity of traditional proxies.”

The partnership uses Akamai’s worldwide network to help provide an optimal experience, no matter where the users or apps are located. It also offers installation-free device posture checks, along with better data loss prevention for private application access.

Seraphic Security, a leader in enterprise browser security, announced that it has secured a $29 million Series A funding round led by GreatPoint Ventures (GPV), with participation from the CrowdStrike Falcon Fund and existing investors Planven, Cota Capital, Storm Ventures, Eastlink and Secure Octane. This milestone will enable the organization to accelerate its product roadmap and market expansion in North America and EMEA.

“With the rise of SaaS applications and a hybrid workforce, browsers have become a critical attack surface for today’s adversaries,” said Michael Sentonas, President, CrowdStrike. “Seraphic Security’s unique yet simple approach solves a critical gap in enterprise browser security, which is why we invested in this innovative technology and team.”

On the heels of significant growth with a 300% ARR increase YoY, Seraphic has emerged as an enterprise browser security leader with increasing adoption by Fortune 500 enterprises. This momentum stems from Seraphic’s breakthrough approach to browser security: creating a patented abstraction layer that effectively monitors, randomizes and secures the browser.

“Browsers dominate the enterprise, yet they are not secure enough,” said Ray Lane, Managing Partner at GreatPoint Ventures. “Seraphic is emerging as a powerful force in the rapidly growing Enterprise Browser Security market.”

“As enterprises rush to secure the browser, this Series A investment is a testament to the market’s recognition of Seraphic’s innovative approach to addressing a critical and growing need in the enterprise market – helping organizations mitigate browser vulnerabilities while reducing the cost and complexity of their security architecture,” said Ilan Yeshua, CEO and Co-Founder, Seraphic Security. “Our focus will be on scaling our operations in North America and EMEA, accelerating growth, and continuing to deliver unparalleled value to our customers.”

Acquisition of leading DSPM company will bolster Proofpoint’s human-centric security platform aiming to address the full spectrum of data security challenges across today’s complex data landscape

Proofpoint Inc., a leading cybersecurity and compliance company announced it has entered into a definitive agreement to acquire Normalyze, a leader in Data Security Posture Management (DSPM). With this acquisition, Proofpoint will further enhance its human-centric security platform with Normalyze’s leading AI-powered DSPM technology, allowing organizations to discover, classify and protect data at scale across SaaS, PaaS, public or multi-cloud, on-prem and hybrid environments, while prioritizing the reduction of human-centric risks in data security.

Addressing Human Risk in the Data-Driven Cloud Era

As organizations embrace AI and generative technologies to drive innovation, the human element in data security has become increasingly critical. The widespread adoption of AI platforms, Databases as a Service (DBaaS) and Continuous Integration/Continuous Development (CI/CD) practices has created a web of interconnected data environments that security teams can struggle to secure. This rapid technological evolution has led to increased complexity and heightened risks of improper data handling as development teams focus on quick outcomes, often bypassing essential security governance. As more access to data is granted to people and machines, gaps in visibility and control can emerge without appropriate governance or controls from security teams.

This evolving landscape presents complex challenges in discovering, classifying, and securing data, leading to an increased risk of data breaches due to forgotten and misclassified data, as well as overprivileged access. In fact, recent research from Enterprise Strategy Group reveals that over a quarter of businesses don’t know where their sensitive data is. By implementing DSPM technology, organizations are enabled to fill the security gaps created by their teams’ interactions with complex data environments and reduce the total data attack surface. 

“Today, data is at risk because of human behavior. Modern applications are rapidly changing, driven by small teams of developers working independently on microservices and various data sources, leading to an explosion of data,” said Mayank Choudhary, executive vice president and general manager, Data Security & Compliance, Proofpoint. “These modern applications are highly interconnected, making it hard for security teams to manage the heterogeneous and ever-growing sprawl of their data. By combining Proofpoint’s leading human-centric security platform with Normalyze’s pioneering DSPM technology, we can provide our customers with comprehensive visibility and control of their data posture so they can further mitigate human risk across their organization.”

“With the rapid proliferation of internally developed cloud applications, and use of SaaS applications procured by teams outside of IT, security teams are faced with the daunting challenge of inconsistent visibility and control of their critical data in the cloud,” said Ravi Ithal, cofounder and chief technology officer, Normalyze. “As data has become increasingly difficult to secure, the driving force behind our mission and technology has been to help organizations secure the data they care about, wherever it is. By joining forces with Proofpoint, we can empower organizations to further improve their data security posture, reducing the risk of data breaches caused by human errors and help them to prioritize data loss threats.” Read more here…

Last week, when a senior security executive at Twitter, Peiter "Mudge" Zatko filed a whistleblower report, it was the first time such a damming move was made against the CEO and Board of a publicly traded $30 billion market cap company. At the core, this blowup highlights a fundamental challenge of security - being a CISO is a thankless job. Almost 24% of Fortune 500 CISOs last in their roles for just about one year. The average CISO tenure is ~18/24 months. How can our businesses stay secure in such circumstances?

Manual data collection, manual reports, lack of visibility — this is 2020 and yet it feels like we are in 1920. The data management grunt work includes extracting, moving, cleaning, and merging data, as well as making, formatting, and presenting calculations….thanks to data decentralization, this world is changing.

Coding vulnerabilities will soon be identified and remediated automatically, complete with code suggestions ……

Snowflakes fall from clouds. And in a multi-cloud world, one snowflake plans to rule them all. A $20bn snowflake is about to drop in the IPO market, creating its own thunderstorm, smack in the middle of a COVID-ridden summer. How will this company change the cloud database landscape? What market forces are driving this company, which struggled mighty to raise its Series A round? As databases become great again, which companies are worthy of pursuit? Data is powering every part of the economy. Snowflake is powering the data machines. For one, if Snowflake achieves its true potential, it can become the next Oracle, even SalesForce of data. Read the rest of this post here