Horizon3 secures $40M to expand its pen testing platform


Share post:

Cybersecurity funding is falling after enjoying impressive heights in the last few years. According to Crunchbase, VC financing for security declined to just over $1.6 billion in Q2 2023, marking a 63% drop compared to the same quarter last year — when startups landed nearly $4.3 billion.

But that’s not to suggest deals have dried up entirely.

Enter Horizon3, a startup providing a platform designed to improve the effectiveness of organizations’ cybersecurity solutions. Horizon3 today announced that it raised $40 million in a Series C round led by Craft Ventures with participation from Signal Fire and Okta Ventures. Bringing the company’s total raised to $78.5 million, the round will be put toward R&D, expanding Horizon’s channel presence and growing its team of engineers, CEO Snehal Antani says.

Horizon3 was founded in 2019 by a team of former U.S. Special Ops cyber operators, entrepreneurs and cybersecurity practitioners including Antani. Previously, Antani was the CTO at Splunk and a team leader within the U.S. Military’s Joint Special Operations Command, which studies special operations requirements and techniques.

According to Antani, Horizon3’s founding team sought to build a solution that could solve the common security problems faced by enterprise organizations, namely the ineffective security tools, false positives and lead times in hiring consultants for security assessments and manual testing.

“Our thesis is using the attacker’s perspective to cut through the noise and help organizations find and fix exploitable attack vectors,” Antani told TechCrunch in an email interview. “We deliver this by enabling continuous, autonomous testing and other operations to identify proven attack paths and weaknesses in our users’ networks. We aim to deliver the best-in-class autonomous security risk management platform that provides accurate risk insights and actionable recommendations for technical users, decision-makers and auditors.”

Horizon3’s software attempts to continuously find, fix and verify exploitable attack surfaces by revealing attack paths, showing how possible weaknesses might impact the organization, prioritize and detail fixes teams should make and verify that those fixes are effective.

The platform has hundreds of exploit modules that can find and “safely” exploit specific weaknesses in networks, Antani explained. IT teams can use these modules to proactively fix security issues within their infrastructure, while security teams can tap them to tune third-party security tools, assess software supply chain risks and gain strategic insights.

The platform — a self-service software-as-a-service solution in the truest sense — requires no additional hardware or software to maintain.

“On its own, Horizon3 pivots through a user’s network, chaining weaknesses together just as an attacker would — and then safely exploits them,” he added. “The platform uncovers blind spots in organizations’ security posture that go beyond known exploits and patchable vulnerabilities, such as easily compromised credentials, exposed data, misconfigurations, poor security controls and weak policies. Weaknesses are prioritized based on their impact to the organization so users know immediately what they should fix first — and guidance on how to do it most efficiently.”

Horizon3 competes against Strike Security, Cobalt.io and HackerOne among others in a penetration testing tool market that could be worth as much as $2.7 billion in 2027, according to Markets and Markets.

Antani asserts that Horizon3 has seen great uptake, though, with a customer base that recently eclipsed 300 organizations, including several government agencies. He anticipates that as more regulatory actions take place and new security guidelines and recommendations that support autonomous penetration testing approach, the demand for Horizon3’s solutions will grow.

“Since the cyber threat landscape continues to expand, so will Horizon3’s revenue and customer base grow as well,” Antani said. “Organizations are beginning to reconsider legacy approaches to security assessments and
penetration testing, and instead, are adopting autonomous pentesting at a considerable rate.”

Source link

Lisa Holden
Lisa Holden
Lisa Holden is a news writer for LinkDaddy News. She writes health, sport, tech, and more. Some of her favorite topics include the latest trends in fitness and wellness, the best ways to use technology to improve your life, and the latest developments in medical research.

Recent posts

Related articles

California governor vetoes bill to ban driverless AV trucks

California Gov. Gavin Newsom vetoed a bill Friday that would have required a human safety operator to...

A conversation with Cruise’s Kyle Vogt, Bird scoops up Spin, and self-driving trucks live to see another day in Cali

The Station is a weekly newsletter dedicated to all things transportation. Sign up here — just click The Station —...

Building an equitable cap table puts more tools in a startup’s toolbox

The person a founder chooses to back their company is important beyond the capital these investors provide....

Despite the ups and downs of the fintech space, people still really care about it

Welcome back to The Interchange, where we take a look at the hottest fintech news of the previous...

Elon Musk threatens to charge for X, OpenAI launches DALL-E 3 and Cisco acquires Splunk

Welcome to Week in Review (WiR), TechCrunch’s regular newsletter covering the past few days in tech. The...

Disability tech startups kill the cynic in me

Welcome to the TechCrunch Exchange, a weekly startups-and-markets newsletter. It’s inspired by the daily TechCrunch+ column where...

India’s PhonePe launches app store with zero fee in challenge to Google

PhonePe launched the Indus AppStore Developer Platform on Saturday, promising zero platform fee and no commission on...

How CFOs can reduce SaaS spend by 30% in these tough times

CloudEagle founder and CEO Nidhi Jain has over two decades of leadership experience in companies like ServiceNow,...