2 months ago
23 ARTICLE AD
Cybersecurity has become a white-hot topic in the world of technology. Not only are data breaches continuing unabated; but security companies themselves are very much in the spotlight as a result – with one of the fastest-growing, Wiz, the object of a (now abandoned) $23 billion acquisition bid from Google. Now, another cyber startup – coincidentally with a close association to Wiz – has raised a significant round of funding to capture more business in the space for itself.
Dazz, which focuses on vulnerability remediation for enterprises that use cloud services – has raised $50 million in equity funding. Dazz is not disclosing its valuation but sources close to the company say that the figure is just under $400 million post-money.
The company works with larger enterprises and while it’s not disclosing revenue numbers it claims that revenues have grown over 400% over the last year.
Greylock Partners, Cyberstarts, Insight Partners and Index Ventures – all previous backers – are collectively described as “leading” the round. Dazz, which launched in 2021, has now raised around $105 million in total.
Dazz is headquartered in Palo Alto, but its roots lie in Israel, and those roots run deep. Merav Bahat, Dazz’s co-founder and CEO, worked for years at Microsoft running its cloud security business. That cloud security business got its start when Microsoft acquired Adallom – the previous startup founded by the creators of Wiz – and Bahat was instrumental in building that larger operation from $0 in ARR to one that was worth $2.5 billion when she left to found Dazz in 2020. It is now worth more than $20 billion.
Bahat picked up two very important things during her time at Microsoft.
The first of these was a close friendship with Assaf Rappaport, the CEO and co-founder of Adallom, and later Wiz. They both are based across NYC and Tel Aviv and Bahat is Rappaport’s go-to dog sitter and informal second human family. In company with others, the two founders might even finish each other’s sentences. And when Rappaport was getting ready to start Wiz, Bahat became one of his first investors. (And yes, she would have stood to benefit greatly had the sale to Google gone through.)
The second thing Bahat picked up was a very solid understanding of what is working in cloud security, what is not, and what could do with significantly more R&D and attention. It was with that knowledge that she co-founded Dazz with two other cybersecurity veterans, Tomer Schwartz (the CTO) and Yuval Ofir (VP R&D).
The challenge goes something like this: Prospects and customers, Bahat said, all work with a wide array of cloud security platforms like Palo Alto Networks, Wiz, and CrowdStrike (which is why its big technical bump last week had such a disastrous impact). But with all of these, she said, there remains a gap and opportunity to focus specifically on remediation, which is what happens when vulnerabilities, misconfigurations or even breaches are identified and fixes get issued.
“When we talk to [security teams], what we hear is that when it comes to vulnerability, remediation, prioritization and remediation, nobody’s solved these issues.” Part of the reason, Bahat added, is that it’s a very manual process, and it’s a complicated one because of the volume of problems that arise in a typical network.
“All the security tools are really focused on visibility and detection and giving you what’s wrong, what’s wrong, what’s wrong. So much is wrong,” she said. “Some of the organizations I work with, they might find millions and unserved and unsolved vulnerabilities.” One customer had as many as 1.2 billion vulnerabilities identified in its network.
There are a number of other players in remediation out there, including big security platforms. The breakthrough that Dazz has come up with is that it’s built the technology to detect those vulnerabilities across multiple cloud architectures and environments (it describes this as “unified” remediation). It’s also created an AI-powered automation layer that then prioritizes the problems, identifies what are vulnerabilities that are near active work, and which are sitting dormant, so that security teams organize their work more effectively.
Bahat notes that while in the past remediation efforts might have just addressed around 10% of vulnerabilities (hopefully the most alarming), Dazz’s approach can hit more like 50-80%.
Companies like Wiz have definitely benefited from the current trend among enterprises to procure IT from fewer “one-stop shop” providers. But there is an argument still to have point solutions for certain functions, and Dazz and its investors believe remediation is one of those areas, especially when the so-called “single pane of glass” can address all of the assets of a company, regardless of whether they are in the cloud or on premises.
