Opus Security, a cloud security orchestration and remediation platform, today emerged from stealth with $10 million in seed funding led by YL Ventures, with participation from Tiger Global and angel investors. CEO Meny Har tells TechCrunch that the proceeds will be put toward launching Opus' platform in general availability, expanding the startup's footprint in the U.S. and product R&D.
It's Har's assertion that cloud security teams rely heavily on manual processes to resolve security incidents, which isn't scalable. He's not an unbiased source, exactly. But to his point, a survey commissioned by Orca Security found that 59% of security teams receive more than 500 alerts about public cloud security every day. In a separate poll from ISACA and HCL Technologies released last May, 61% of IT security professionals said their teams were understaffed.
"Today, in order to remediate the multiplying number of security findings, it has become necessary to include a wide array of teams and stakeholders within the organization in security processes critical for remediation," Har told TechCrunch in an email interview. "This complex collaboration -- with no streamlined orchestration process -- creates friction and time drainage as the teams fail to communicate clearly. This friction leads to a general lack of visibility into how well the organization is secure, how remediation processes are undertaken and what needs to be improved."
Har co-founded Opus with Or Gabay, with whom he worked at security orchestration startup Siemplify. Har was a member of the founding team at Siemplify, which was acquired by Google earlier this year.
"We witnessed firsthand the challenges security operations teams face when trying to analyze, prioritize and remediate security risks using cumbersome, distributed processes and various detection tools -- without oversight or management," Har said. "Opus’ vision is to empower security operations teams to see beyond alerts and threats and gain knowledge, capabilities and control to dramatically cut down the time to resolve them."
To this end, Opus draws on operational and technical data from existing cloud security tools to create a "connective tissue" between security operations teams and other enterprise departments. The attempts to orchestrate the response and remediation process with guidelines and playbooks, leveraging automation to resolve issues that commonly don't need human involvement -- and delivering key metrics along the way.
"Organizations today may choose to use a common ticketing platform such as ServiceNow or Jira and potentially add 'background' security automation platforms, used to craft processes manually to support the security operations and DevOps functions. Generic ticketing platforms may help with management but do little in terms of efficiency through automation," Har said. "With instant visibility and mapping of remediation ... Opus removes blind spots and provides security and business executives with immediate and tangible insights into the state of their risk."
That's a lot to promise -- especially in the face of competition like cloud security startups Wiz, Paladin Cloud and Laminar. But in an encouraging sign (potentially), Har says that Opus has seen early adoption among a "handful" of design partners, who are working to build out the platform ahead of a broad launch sometime in Q1 2023. In the lead-up to general availability, Opus plans to expand its headcount from 10 employees currently to 20 to 25 by the end of the year, according to Har.
"As organizations recover from the aftermath of the COVID-19 pandemic, and with looming budget and workforce cuts plaguing the industry, Opus is a tailored solution devised specifically with these external effects in mind," Har said. "Implementing Opus’ solution is simple, and as Opus drives automation within all remediation processes, it is the right fit for organizations striving to do more with less."
Like many other startups, Opus is benefiting from VC dollars that, despite the macroeconomic downturn, haven't stopped flowing in the cybersecurity sector. According to Momentum Cyber’s latest cybersecurity market review, investors poured $11.5 billion in total venture capital financing into cybersecurity startups in the first half of 2021, up from $4.7 billion during the same period a year earlier.
John Brennan, senior partner at YL Ventures, added in an emailed statement: "The proliferation of cloud-focused security solutions has dramatically raised organizational awareness to the scope of their risk surface. While visibility in the cloud has greatly improved, customers now express a need for a dedicated solution to address the drastically increasing number of alerts ... Meny and Or have leveraged their unique experience at Siemplify to build the industry’s first cloud-native
remediation orchestration and automation platform."