Blossom Capital

Auto Added by WPeMatico

Cado Security locks in $10M for its cloud-native digital forensics platform

As computing systems become increasingly bigger and more complex, forensics have become an increasingly important part of how organizations can better secure them. As the recent SolarWinds breach has shown, it’s not always just a matter of being able to identify data loss, or prevent hackers from coming in in the first place. In cases where a network has already been breached, running a thorough investigation is often the only way to identify what happened, if a breach is still active and whether a malicious hacker can strike again.

As a sign of this growing priority, a startup called Cado Security, which has built forensics technology native to the cloud to run those investigations, is announcing $10 million in funding to expand its business.

Cado’s tools today are used directly by organizations, but also security companies like Redacted — a somewhat under-the-radar security startup in San Francisco co-founded by Facebook’s former chief security officer Max Kelly and John Hering, the co-founder of Lookout. It uses Cado to carry out the forensics part of its work.

The funding for London-based Cado is being led by Blossom Capital, with existing investors Ten Eleven Ventures also participating, among others. As another signal of demand, this Series A is coming only six months after Cado raised its seed round.

The task of securing data on digital networks has grown increasingly complex over the years: Not only are there more devices, more data and a wider range of configurations and uses around it, but malicious hackers have become increasingly sophisticated in their approaches to needling inside networks and doing their dirty work.

The move to the cloud has also been a major factor. While it has helped a wave of organizations expand and run much bigger computing processes as part of their business operations, it has also increased the so-called attack surface and made investigations much more complicated, not least because a lot of organizations run elastic processes, scaling their capacity up and down: This means when something is scaled down, logs of previous activity essentially disappear.

Cado’s Response product — which works proactively on a network and all of its activity after it’s installed — is built to work across cloud, on-premise and hybrid environments. Currently it’s available for AWS EC2 deployments and Docker, Kubernetes, OpenShift and AWS Fargate container systems, and the plan is to expand to Azure very soon. (Google Cloud Platform is less of a priority at the moment, CEO James Campbell said, since it rarely comes up with current and potential customers.)

Campbell co-founded Cado with Christopher Doman (the CTO) last April, with the concept for the company coming out of their respective experiences working on security services together at PwC, and respectively for government organizations (Campbell in Australia) and AlienVault (the security firm acquired by AT&T). In all of those, one persistent issue the two continued to encounter was the issue with adequate forensics data, essential for tracking the most complex breaches.

A lot of legacy forensics tools, in particular those tackling the trove of data in the cloud, was based on “processing data with open source and pulling together analysis in spreadsheets,” Campbell said. “There is a need to modernize this space for the cloud era.”

In a typical breach, it can take up to a month to run a thorough investigation to figure out what is going on, since, as Doman describes it, forensics looks at “every part of the disk, the files in a binary system. You just can’t find what you need without going to that level, those logs. We would look at the whole thing.”

However, that posed a major problem. “Having a month with a hacker running around before you can do something about it is just not acceptable,” Campbell added. The result, typically, is that other forensics tools investigate only about 5% of an organization’s data.

The solution — for which Cado has filed patents, the pair said — has essentially involved building big data tools that can automate and speed up the very labor intensive process of looking through activity logs to figure out what looks unusual and to find patterns within all the ones and zeros.

“That gives security teams more room to focus on what the hacker is getting up to, the remediation aspect,” Campbell explained.

Arguably, if there were better, faster tracking and investigation technology in place, something like SolarWinds could have been better mitigated.

The plan for the company is to bring in more integrations to cover more kinds of systems, and go beyond deployments that you’d generally classify as “infrastructure as a service.”

“Over the past year, enterprises have compressed their cloud adoption timelines while protecting the applications that enable their remote workforces,” said Imran Ghory, partner at Blossom Capital, in a statement. “Yet as high-profile breaches like SolarWinds illustrate, the complexity of cloud environments makes rapid investigation and response extremely difficult since security analysts typically are not trained as cloud experts. Cado Security solves for this with an elegant solution that automates time-consuming tasks like capturing forensically sound cloud data so security teams can move faster and more efficiently. The opportunity to help Cado Security scale rapidly is a terrific one for Blossom Capital.”

Powered by WPeMatico

Backed by Blossom, Creandum and Index, grocery delivery and dark store startup Dija launches in London

Dija, the London-based grocery delivery startup, is officially launching today and confirming that it raised £20 million in seed funding in December — a round that we first reported was partially closed the previous month.

Backing the company is Blossom Capital, Creandum and Index Ventures, with Dija seemingly able to raise pre-launch. In fact, there are already rumours swirling around London’s venture capital community that the upstart may be out raising again already — a figure up to £100 million was mooted by one source — as the race to become the early European leader in the burgeoning “dark” grocery store space heats up.

Image Credits: Dija

Over the last few months, a host of European startups have launched with the promise of delivering grocery and other convenience store items within 10-15 minutes of ordering. They do this by building out their own hyper-local, delivery-only fulfilment centres — so-called “dark stores” — and recruiting their own delivery personnel. This full-stack or vertical approach and the visibility it provides is then supposed to produce enough supply chain and logistics efficiency to make the unit economics work, although that part is far from proven.

Earlier this week, Berlin-based Flink announced that it had raised $52 million in seed financing in a mixture of equity and debt. The company didn’t break out the equity-debt split, though one source told me the equity component was roughly half and half.

Others in the space include Berlin’s Gorillas, London’s Jiffy and Weezy, and France’s Cajoo, all of which also claim to focus on fresh food and groceries. There’s also the likes of Zapp, which is still in stealth and more focused on a potentially higher-margin convenience store offering similar to U.S. unicorn goPuff. Related: goPuff itself is also looking to expand into Europe and is currently in talks to acquire or invest in the U.K.’s Fancy, which some have dubbed a mini goPuff.

However, let’s get back to Dija. Founded by Alberto Menolascina and Yusuf Saban, who both spent a number of years at Deliveroo in senior positions, the company has opened up shop in central London and promises to let you order groceries and other convenience products within 10 minutes. It has hubs in South Kensington, Fulham and Hackney, and says it plans to open 20 further hubs, covering central London and Zone 2, by the summer. Each hub carries around 2,000 products, claiming to be sold at “recommended retail prices”. A flat delivery fee of £1.99 is charged per order.

“The only competitors that we are focused on are the large supermarket chains who dominate a global $12 trillion industry,” Dija’s Menolascina tells me when I ask about competitors. “What really sets us apart from them, besides our speed and technology, is our team, who all have a background in growing and disrupting this industry, including myself and Yusuf, who built and scaled Deliveroo from the ground up”.

Menolascina was previously director of Corporate Strategy and Development at the takeout delivery behemoth and held several positions before that. He also co-founded Everli (formerly Supermercato24), the Instacart-styled grocery delivery company in Italy, and also worked at Just Eat. Saban is the former chief of staff to CEO at Deliveroo and also worked at investment bank Morgan Stanley.

During Dija’s soft-launch, Menolascina says that typical customers have been doing their weekly food shop using the app, and also fulfilling other needs, such as last-minute emergencies or late night cravings. “The pain points Dija is helping to solve are universal and we built Dija to be accessible to everyone,” he says. “It’s why we offer products at retail prices, available in 10 minutes — combining value and convenience. Already, Dija is becoming a key service for parents who are pressed for time working from home and homeschooling, as one example”.

Despite the millions of dollars being pumped into the space, a number of VCs I’ve spoken to privately are skeptical that fresh groceries with near instant delivery can be made to work. The thinking is that fresh food perishes, margins are lower and basket sizes won’t be large enough to cover the costs of delivery.

“This might be the case for other companies, but almost everyone at Dija comes from this industry and knows exactly what they are doing, from buying and merchandising to data and marketing,” Menolascina says, pushing back. “It’s also worth pointing out that we are a full-stack model, so we’re not sharing our margin with other parties. In terms of the average basket size, it varies depending on the customer’s need. On one hand, we have customers who do their entire grocery shop through Dija, while on the other hand, our customers depend on us for emergency purchases e.g. nappies, batteries etc.”

On pricing, he says that, like any retail business, Dija buys products at wholesale prices and sells them at recommended retail prices. “Going forward, we have a clear roadmap on how we generate additional revenue, including strategic partnerships, supply chain optimisation and technology enhancements,” adds Menolascina.

Dija testing on Deliveroo

Image Credits: TechCrunch

Meanwhile, TechCrunch has learned that prior to launching its own app, Dija ran a number of experiments on takeout marketplace Deliveroo, including selling various convenience store items, such as potato chips and over-the-counter pharmaceuticals. If you’ve ever ordered toiletry products from “Baby & Me Pharmacy” or purchased chocolate sweets from “Valentine’s Vows,” you have likely and unknowingly shopped at Dija. Those brands, and a number of others, all delivered from the same address in South Kensington.

“Going direct to consumer without properly testing pick & pack is a big risk,” Menolascina told me in a WhatsApp message a few weeks ago, confirming the Deliveroo tests. “We created disposable virtual brands purely to learn what to sell and how to replenish, pick & pack, and deliver”.

Powered by WPeMatico

Taking on the business scenario-planning giants, Pigment raises a $25.9M Series A led by Blossom Capital

Realizing that modern, complex businesses can no longer be adequately managed using spreadsheet-style programs, the founders of Pigment decided there had to be a better solution. Their business forecasting platform has now raised a substantial Series A of $25.9 million, led by Blossom Capital. Also participating was New York-based FirstMark Capital and Frst, as well as angel investors including Paul Melchiorre, former CEO of business planning giant Anaplan, and David Clarke, the ex-CTO of Workday, another business planning incumbent.

Those last two investors are significant because Paris-based Pigment competes with both Anaplan and Workday. Also of note is the fact that another planning product, Adaptive Insights, was sold to Workday for $1.6 billion.

Pigment has so far secured large-scale enterprise and pre-IPO startup clients for its beta product, including a major European bank — although it declined to name any of its clients so far.

Pigment says it aims to overhaul the painful experience of using error-prone spreadsheets and inflexible software to do business forecasting, instead presenting a dashboard-like approach in real time through charts, simulations and continuous modeling.

Eléonore Crespo, co-founder and co-CEO of Pigment, said in a statement: “We’re a bit like Minecraft for business strategy – with that kind of creative, organic potential for the user. Standard planning solutions are basically mechanical, treating a business like a machine with levers that you just push and pull.”

Ophelia Brown, partner at Blossom Capital, said: “Existing planning software was built around 20th-century models of how to do business. Pigment is a 21st century platform that reflects the way successful companies need to work today – socially and environmentally conscious, proactively scanning the horizon for risks and opportunities, and capable of unlocking new opportunities in an increasingly complex and uncertain world.”

Pigment was founded in 2019 by Crespo, a former data analyst at Google and investor at Index Ventures, and Romain Niccoli, the former CTO and co-founder of Criteo — the adtech company which IPO’d on Nasdaq in 2013.

Powered by WPeMatico

Dija, a new delivery startup from former Deliveroo employees, is closing in on a $20M round led by Blossom

Dija, a new U.K.-based startup founded by senior former Deliveroo employees, is closing in on $20 million in funding, TechCrunch has learned.

According to multiple sources, the round, which has yet to close, is being led by Blossom Capital, the early-stage venture capital firm founded by ex-Index and LocalGlobe VC Ophelia Brown. It’s not clear who else is in the running, although I understand it was highly contested and the startup had offers from several top-tier funds. Blossom Capital and Dija declined to comment.

Playing in the convenience store and delivery space, yet to launch Dija is founded by Alberto Menolascina and Yusuf Saban, who both spent a number of years at Deliveroo in senior positions.

Menolascina was previously director of Corporate Strategy and Development at the takeout delivery behemoth and held several positions before that. He also co-founded Everli (formerly Supermercato24), the Instacart-styled grocery delivery company in Italy, and also worked at Just Eat.

Saban is the former chief of staff to CEO at Deliveroo and also worked at investment bank Morgan Stanley.

In other words, both are seasoned operators in food logistics, from startups to scale-ups. Both Menolascina and Saban were also instrumental in Deliveroo’s Series D, E and F funding rounds.

Meanwhile, few details are public about Dija, except that it will offer convenience and fresh food delivery using a “dark” convenience store mode, seeing it build out hyper local fulfilment centers in urban high population areas for super quick delivery. It’s likely akin to Accel and SoftBank-backed goPuff in the U.S. or perhaps startup Weezy in the U.K.

That said, the model is yet to be proven everywhere it’s been tried and will likely be a capital intensive race in which Dija is off to a good start. And, of course, with everybody making the shift to online groceries while in a pandemic, as ever, timing is everything.

Powered by WPeMatico

Accel and Index back Tines, as the cybersecurity startup adds another $11M to its Series A

It was just a couple of months ago that Tines, the cybersecurity automation startup, raised $4.1 million in Series A funding led by Blossom Capital. The Dublin-based company is now disclosing an $11 million extension to the round.

This additional Series A funding is led by venture capital firm Accel, with participation from Index Ventures and previous backer Blossom Capital. The extra cash will be used to continue developing its cybersecurity automation platform and for further expansion into the U.S. and Europe.

Founded in February 2018 by ex-eBay, PayPal and DocuSign security engineer Eoin Hinchy, and subsequently joined by former eBay and DocuSign colleague Thomas Kinsella, Tines automates many of the repetitive manual tasks faced by security analysts so they can focus on other high-priority work. The pair had bootstrapped the company as recently as October.

“It was while I was at DocuSign that I felt there was a need for a platform like Tines,” explained Hinchy at the time of the initial Series A. “We had a team of really talented engineers in charge of incident response and forensics but they weren’t developers. I found they were doing the same tasks over and over again so I began looking for a platform to automate these repetitive tasks and didn’t find anything. Certainly nothing that did what we needed it to, so I came up with the idea to plug this gap in the market.”

To remedy this, Tines lets companies automate parts of their manual security processes with the help of six software “agents,” with each acting as a multipurpose building block. The idea is that, regardless of the process being automated, it only requires combinations of these six agent types configured in different ways to replicate a particular workflow.

In addition, the platform doesn’t rely on pre-built integrations to interact with external systems. Instead, Tines is able to plug in to any system that has an API. “This means integration with commercial, off-the-shelf products, or existing in-house tools is quick and simple, with most security teams automating stories (workflows) within the first 24 hours,” says the startup. Its software is also starting to find utility beyond cybersecurity processes, with several Tines customers using it in IT, DevOps and HR.

“We heard that Eoin, a senior member of the security team at DocuSign (another Accel portfolio company), had recently left to start Tines, so we got in touch,” Accel’s Seth Pierrepont tells TechCrunch. “They were in the final stages of closing their Series A. However, we were so convinced by the founders, their product approach and the market timing, that we asked them to extend the round.”

Pierrepont also points out that a unique aspect of the Dublin ecosystem is that many of the world’s largest tech companies have their European headquarters in the country (often attracted by relatively low corporation tax), “so it’s an incredibly rich talent pool despite being a relatively small city.”

Asked whether Accel views Tines as a cybersecurity automation company or a more general automation play that puts automation in the hands of non-technical employees for a multitude of possible use cases, Pierrepont says, given Hinchy and Kinsella’s backgrounds, the cybersecurity automation sector should be the primary focus for the company in the short term. However, longer term it is likely that Tines will be adopted across other functions as well.

“From our investment in Demisto (which was acquired by Palo Alto Networks earlier this year), we know the security automation or SOAR category (as Gartner defines it) very well,” he says. “Demisto pioneered the category and was definitively the market leader when it was acquired. However, we think the category is just getting started and that there is still a ton of whitespace for Tines to go after.”

Meanwhile, in less than a year, Tines says it has on-boarded 10 enterprise customers across a variety of industries, including Box, Auth0 and McKesson, with companies automating on average 100,000 actions per day.

Powered by WPeMatico

Fem tech startup Inne takes the wraps off a hormone tracker and $8.8M in funding

Berlin-based fem tech startup Inne is coming out of stealth to announce an €8 million (~$8.8M) Series A and give the first glimpse of a hormone-tracking subscription product for fertility-tracking and natural contraception that’s slated for launch in Q1 next year.

The Series A is led by led by Blossom Capital, with early Inne backer Monkfish Equity also participating, along with a number of angel investors — including Taavet Hinrikus, co-founder of TransferWise; Tom Stafford, managing partner at DST; and Trivago co-founder Rolf Schromgens.

Women’s health apps have been having a tech-fuelled moment in recent years, with the rise of a fem tech category. There are now all sorts of apps for tracking periods and the menstrual cycle, such as Clue and Flo.

Some also try to predict which days a women is fertile and which they’re not — offering digital tools to help women track bodily signals if they’re following a natural family planning method of contraception, or indeed trying to conceive a baby.

Others — such as Natural Cycles — have gone further down that path, branding their approach “digital contraception” and claiming greater sophistication vs traditional natural family planning by applying learning algorithms to cycle data augmented with additional information (typically a daily body temperature measurement). Although there has also been some controversy around aggressive and even misleading marketing tactics targeting young women.

A multi-month investigation by the medical device regulator in Natural Cycles’ home market, instigated after a number of women fell pregnant while using its method, found rates of failure were in line with its small-print promises but concluded with the company agreeing to clarify the risk of the product failing.

At issue is that the notion of “digital contraception” may present as simple and effortless — arriving in handy app form, often boosted by a flotilla of seductive social media lifestyle ads. Yet the reality for the user is the opposite of effortless. Because in fact they are personally taking on all of the risk.

For these products to work the user needs a high level of dedication to stick at it, be consistent and pay close attention to key details in order to achieve the promised rate of protection.

Natural contraception is also what Inne is touting, dangling another enticing promise of hormone-free contraception — its website calls the product “a tool of radical self-knowledge” and claims it “protect[s]… from invasive contraceptive methods”. It’s twist is it’s not using temperature to track fertility; its focus is on hormone-tracking as a fertility measure.

Inne says it’s developed a saliva-based test to measure hormone levels, along with an in vitro diagnostic device (pictured above) that allows data to be extracted from the disposable tests at home and wirelessly logged in the companion app.

Founder Eirini Rapti describes the product as a “mini lab” — saying it’s small and portable enough to fit in a pocket. Her team has been doing the R&D on it since 2017, preferring, she says, to focus on getting the biochemistry right rather than shouting about launching the startup. (It took in seed funding prior to this round but isn’t disclosing how much.)

At this stage Inne has applied for and gained European certification as a medical device. Though it’s not yet been formally announced.

The first product, a natural contraception for adult women — billed as best suited for women aged 28-40, i.e. at a steady relationship time-of-life — will be launching in select European markets (starting in Scandinavia) next year, though initially as a closed beta style launch as they work on iterating the product based on user feedback.

“It basically has three parts,” Rapti says of the proposition. “It has a small reader… It has what we call a little mouth opening in the front. It always gives you a smile. That’s the hardware part of it, so it recognizes the intensity of your hormones. And then there’s a disposable saliva test. You basically collect your saliva by putting it in your mouth for 30 seconds. And then you insert it in the reader and then you go about your day.

“The reader is connected to your phone, either via BlueTooth or wifi, depending on where you are taking the test daily… It takes the reading and it sends it over to your phone. In your phone you can do a couple of things. First of all you look at your hormonal data and you look at how those change throughout the menstrual cycle. So you can see how they grow, how they fall. What that means about your ovulation or your overall female health — like we measure progesterone; that tells you a lot about your lining etc. And then you can also track your fluids… We teach you how to track them, how to understand what they mean.”

As well as a contraception use-case, the fertility tracking element naturally means it could also be used by women wanting to get pregnant. Eirini Rapti

“This product is not a tracker. We’re not looking to gather your data and then tell you next month what you should be feeling — at all,” she adds. “It’s more designed to track your hormones and tell you look this is the most basic change that happens in your body and because of those changes you will feel certain things. So do you feel them or not — and if you don’t, what does it mean? Or if you do what does it mean?

“It builds your own hormonal baseline — so you start measuring your hormones and we go okay so this is your baseline and now let’s look at things that go out of your baseline. And what do they mean?”

Of course the key question is how accurate is a saliva-based test for hormones as a method for predicting fertility? On this Rapti says Inne isn’t ready to share data about the product’s efficacy — but claims it will be publishing details of the various studies it conducted as part of the CE marking process in the next few weeks.

“A couple more weeks and all the hardcore numbers will be out there,” she says.

In terms of how it works in general the hormone measurement is “a combination of a biochemical reaction and the read out of it”, as she puts it — with the test itself being pure chemistry but algorithms then being applied to interpret the hormonal reading, looping in other signals such as the user’s cycle length, age and the time of day of the test.

She claims the biochemical hormone test the product relies on as its baseline for predicting fertility is based on similar principles to standard pregnancy tests — such as those that involve peeing on a stick to get a binary ‘pregnant’ or ‘not pregnant’ result. “We are focused on specifically fertility hormones,” she says.

“Our device is a medical device. It’s CE-certified in Europe and to do that you have to do all kinds of verification and performance evaluation studies. They will be published pretty soon. I cannot tell you too much in detail but to develop something like that we had to do verification studies, performance evaluation studies, so all of that is done.”

While it developed and “validated” the approach in-house, Rapti notes that it also worked with a number of external diagnostic companies to “optimize” the test.

“The science behind it is pretty straightforward,” she adds. “Your hormones behave in a specific way — they go from a low to a high to a low again, and what you’re looking for is building that trend… What we are building is an individual curve per user. The starting and the ending point in terms of values can be different but it is the same across the cycle for one user.”

“When you enter a field like biochemistry as an outsider a lot of the academics will tell you about the incredible things you could do in the future. And there are plenty,” she adds. “But I think what has made a difference to us is we always had this manufacturability in mind. So if you ask me there’s plenty of ways you can detect hormones that are spectacular but need about ten years of development let alone being able to manufacture it at scale. So it was important to me to find a technology that would allow us to do it effectively, repeatedly but also manufacture it at a low cost — so not reinventing the whole wheel.”

Rapti says Inne is controlling for variability in the testing process by controlling when users take the measurement (although that’s clearly not directly within its control, even if it can send an in-app reminder); controlling how much saliva is extracted per test; and controlling how much of the sample is tested — saying “that’s all done mechanically; you don’t do that”.

“The beauty about hormones is they do not get influenced by lack of sleep, they do not get influenced by getting out of your bed — and this is the reason why I wanted to opt to actually measure them,” she adds, saying she came up with the idea for the product as a user of natural contraception searching for a better experience. (Rapti is not herself trained in medical or life sciences.)

“When I started the company I was using the temperature method [of natural contraception] and I thought it cannot be that I have to take this measurement from my bed otherwise my measurement’s invalid,” she adds.

However there are other types of usage restrictions Inne users will need to observe in order to avoid negatively affecting the hormonal measurements.

Firstly they must take the test in the same time window each time — either in the morning or the evening but sticking to one of those choices for good.

They also need to stick to daily testing for at least a full menstrual cycle. Plus there are certain days in the month when testing will always be essential, per Rapti, even as she suggests a “learning element” might allow for the odd missed test day later on, i.e. once enough data has been inputted.

Users also have to avoid drinking and eating for 30 minutes before taking the test. She further specifies this half hour pre-test restriction includes not having oral sex — “because that also affects the measurements”.

“There’s a few indications around it,” she concedes, adding: “The product is super easy to use but it is not for women who want to not think ever about contraception or their bodies. I believe that for these women the IUD would be the perfect solution because they never have to think about it. This product is for women who consciously do not want to take hormones and don’t want invasive devices — either because they’ve been in pain or they’re interested in being natural and not taking hormones.”

At this stage Inne hasn’t performed any comparative studies vs established contraception methods such as the pill. So unless or until it does users won’t be able to assess the relative risk of falling pregnant while using it against more tried and tested contraception methods.

Rapti says the plan is to run more clinical studies in the coming year, helped by the new funding. But these will be more focused on what additional insights can be extracted from the test to feed the product proposition — rather than on further efficacy (or any comparative) tests.

They’ve also started the process of applying for FDA certification to be able to enter the US market in future.

Beyond natural contraception and fertility tracking, Inne is thinking about wider applications for its approach to hormone tracking — such as providing women with information about the menopause, based on longer term tracking of their hormone levels. Or to help manage conditions such as endometriosis, which is one of the areas where it wants to do further research.

The intent is to be the opposite of binary, she suggests, by providing adult women with a versatile tool to help them get closer to and understand changes in their bodies for a range of individual needs and purposes.

“I want to shift the way people perceive our female bodies to be binary,” she adds. “Our bodies are not binary, they change around the month. So maybe this month you want to avoid getting pregnant and maybe next month you actually want to get pregnant. It’s the same body that you need to understand to help you do that.”

Commenting on the Series A in a supporting statement, Louise Samet, partner at Blossom Capital, said: “Inne has a winning combination of scientific validity plus usability that can enable women to better understand their bodies at all stages in their lives. What really impressed us is the team’s meticulous focus on design and easy-of-use together with the scientific validity and clear ambition to impact women all over the world.”

Powered by WPeMatico

Cybersecurity automation startup Tines scores $4.1M Series A led by Blossom Capital

Tines, a Dublin-based startup that lets companies automate aspects of their cybersecurity, has raised $4.1 million in Series A funding. Leading the round is Blossom Capital, the venture capital firm co-founded by ex-Index Ventures and LocalGlobe VC Ophelia Brown.

Founded in February 2018 by ex-eBay, PayPal and DocuSign security engineer Eoin Hinchy, who was subsequently joined by former eBay and DocuSign colleague Thomas Kinsella, Tines automates many of the repetitive manual tasks faced by security analysts so they can focus on other high-priority work. The pair have bootstrapped the company until now.

“It was while I was at DocuSign that I felt there was a need for a platform like Tines,” explains Hinchy. “We had a team of really talented engineers in charge of incident response and forensics but they weren’t developers. I found they were doing the same tasks over and over again so I began looking for a platform to automate these repetitive tasks and didn’t find anything. Certainly nothing that did what we needed it to, so I came up with the idea to plug this gap in the market.”

To that end, Tines lets companies automate parts of their manual security processes with the help of six software “agents,” with each acting as a multipurpose building block. Therefore, regardless of the process being automated, it only requires combinations of these six agent types configured in different ways to replicate a particular workflow.

“I wanted there to be as few agent types as possible, to simplify the system, and I haven’t discovered a workflow in which tasks sit outside of these agents yet,” says Hinchy. “Once a customer signs up they can start automating their own workflows immediately, and most of our customers see value from day one. If they need a hand, my team works with them to establish how they currently manually carry out tasks, such as identifying and dealing with a phishing attack. Each step of dealing with the attack — from cross-checking the email address with trusted contacts or a blacklist, to scanning attachments for viruses or examining URLs — will be performed by one of the six agent types. This means we can assign these tasks to an agent to create the workflow, or as we call it, the “story.”

So, for example, once a phishing email triggers the first agent, the following steps in the “story” are automatically carried out. In this way, Tines might be described as akin to IFTTT, “but an exceptionally powerful, enterprise version of the IFTTT concept, designed to manage much more complex workflows.”

Competitors are cited as Phantom, which last year was acquired by Splunk, and Demisto, which was bought by Palo Alto Networks. However, Hinchy argues that a key differentiator is that Tines doesn’t rely on pre-built integrations to interact with external systems. Instead, he says the software is able to plug in to any system that has an API.

Meanwhile, Tines says it will use the new funding to hire engineers in Dublin who can help improve the platform through R&D, as well as grow its customer base with companies in the U.S. and in Europe. Notably, the startup plans to expand beyond cybersecurity automation, too.

“Our background is in security, so with Tines, we’ve initially focused on helping security teams automate their repetitive, manual processes,” says Hinchy. “What makes us different is that nowhere does it say we can’t expand beyond this, to help other teams and sectors automate tasks. The advantage of our direct-integration model is that Tines doesn’t care if you’re talking to a security tool, HR system or CRM, it treats them the same. In the next 18 months, we plan to expand Tines outside security, hire more talent and increase the product team from 8 to 20.”

Powered by WPeMatico