As companies grow they expose more of themselves online and become harder to defend in terms of cybersecurity. One report estimates that 30%-40% of a company’s IT infrastructure isn’t even known about by the security team.
So startups have appeared with an "offensive" profile in order to simulate cyber attacks.
One such is Amsterdam-based Hadrian, a "hacker-led" cybersecurity startup that offers a SaaS platform that simulates an attack.
It’s closed a €10.5 million seed round led by HV Capital, with participation from Picus Capital, Slimmer AI and angels including Adriaan Mol, Koen Köppen and Niklas Hellman.
Hadrian’s view is that conventional “pen testing” is time and labor intensive and tends to focus on the areas that companies already believe to be vulnerable. Hadrian’s says its platform scans the companies It infrastructure to look for weaknesses from the outside-in to create insights on digital threats and attack vectors.
Rogier Fischer, CEO at Hadrian, said in a statement:
Hadrian understands that CISOs and their teams can’t be expected to attend to every potential threat across the attack surface. Our autonomous technology identifies real threats and prioritizes where action is needed, connecting urgent tasks to existing workflow tools and processes so that the important stuff gets handled first.
Hadrian competes with Randori (raised $29.8 million), RiskIQ (acquired by Microsoft), Cortex and Cycognito (raised $153 million).
Fischer told me:
Right now the value of ASM is extremely difficult to extract. There’s massive amounts of data that analysts will have to comb through. We’d argue that the value given right now by ASM therefore doesn’t warrant the price (hence insurance companies don’t use the data yet, or at least they’re not outperforming insurance companies with it.)