SaaS security provider raises $50 million to improve application security

Managing the attack surface of modern enterprises is difficult. With organizations that a average of 254 SaaS apps, security teams must have full visibility into the hybrid cloud to quickly mitigate application security vulnerabilities, something few have the tools to do.

SaaS security providers love skybox Securitywhich announced today that it has raised $50 million in funding from CVC Growth Funds, Pantheon and JP Morgan, aims to increase transparency across the attack surface through the use of security policy management and vulnerability management.

Skybox Security uses a combination of infrastructure context and threat intelligence to increase visibility of the attack surface across IT, hybrid cloud, and OT environments. With this information, security teams can detect, prioritize, and remediate for potential exploits across the cloud.

This latest funding highlights that protecting SaaS apps is critical to protecting the attack surface as it spans the hybrid cloud.

Why application security is key to securing the attack surface

While the widespread increase in cloud adoption has paved the way for new apps in the workplace, these fast-growing apps have introduced new vulnerabilities. In fact, research shows that 85% of apps have “critical” vulnerabilities.

As more and more apps enter hybrid workspaces, security analysts need the visibility to identify these apps and monitor them for vulnerabilities at scale if they want to protect the attack surface.

“The rapid adoption of new technologies, driven by digital transformation, cloud migration, the hybrid work culture and the rise of the IIoT (industrial internet of things) [have] left security teams struggling to manage an ever-expanding attack surface and skyrocketing number of vulnerabilities,” said Mordecai Rosen, CEO of Skybox Security.

“Today’s modern businesses must be agile and flexible to succeed, and both IT and OT hybrid cloud environments must keep pace with the rapid pace of change. As networks grow in size and become more fragmented, IT teams are challenged to manage an almost countless number of devices, rules and security vulnerabilities while maintaining alignment across functional silos and resource constraints,” said Rosen.

Skybox Security aims to provide this by providing a solution for managing the risk of app migration, testing for exposures across the entire attack surface, and mitigating vulnerabilities before threat actors can exploit them.

For example, the solution collects and aggregates vulnerability data from scanners, EDRs, CMBDs, security controls, OT assets, and threat intelligence to identify vulnerabilities where they exist in the environment.

The SaaS security market

Skybox Security’s focus on SaaS application security places it in the category of the global SaaS security market, which researchers estimated at $8.2 billion by 2021 and is estimated to grow to $21.1 billion by 2028.

The organization competes with a number of suppliers, including Shelf life, a vulnerability and exposure management provider, providing vulnerability and misconfiguration detection and risk scoring. Tenable recently announced it will raise $174.9 billion gain in the financial results of the third quarter of 2022.

Another competitor is Tufin, a firewall management and network security provider, providing automated firewall and security policy management in addition to automating network security changes. Tufin recently announced that he has raised $29.5 million gain in the second quarter of 2022.

According to Rosen, the main differentiator between Skybox Security and other competitors is the combination of exposure management and vulnerability management in a single platform.

“Skybox is the first company to release a SaaS solution for security policy and vulnerability management in both on-premises and multi-cloud environments,” said Rosen.