Ermetic raises $ 70 million for ‘identity-first’ cloud security

Hear from CIOs, CTOs and other C-level and senior executives about data and AI strategies at the Future of Work Summit on January 12, 2022. Learn more


Ermetic, which today announced a $ 70 million Series B funding round, said its platform for securing cloud infrastructure by focusing on identity security and reducing the attack surface across a multi-cloud implementation has been expanded to hundreds of customers until continue. The startup aims to grow rapidly in 2022 and ultimately build a “very large company” around its unique approach to cloud and container security, co-founder and CEO Shai Morag told VentureBeat.

“This is probably the biggest opportunity in security in the last decade,” Morag said in an interview. “Cloud infrastructure is becoming the new data center. Everyone needs cloud infrastructure. Everyone needs it to support their digital transformation.”

However, issues such as error configurations and permission errors have led to major security issues for many organizations in the cloud. A recent report from Fugue and Sonatype showed that 36% of organizations had suffered a severe data leak or a cloud breach during the previous 12 months.

Reduced attack surface

The Hermetics platform brings automation to enable companies to dramatically reduce their attack surface – that is, to reduce the places where a company is vulnerable – by focusing on securing identities and permissions, according to Morag. Cloud security issues, he said, “are all about access. It’s all about the identities that are overprivileged.”

The Ermetic platform works by connecting to an API and collecting all a customer’s metadata – all configurations, permission structures and activities. It then goes on to map out everything it has found to give customers increased visibility. “It gives you visibility of what resources you have, what identities you have in your environment, who has access to what, and who can access what in your environment,” Morag said.

The platform then shows customers where they have issues with permissions, such as identities that are “overprivileged” by having the incorrect access. Finally, Ermetic enables troubleshooting, either automatically or manually.

“We believe that in order to reduce the ‘blasting radius’ as much as possible, you really want to make sure you get the least privilege,” Morag said. “You want to make sure that there is no unnecessary risk. That’s what we help customers with. “

In the crowded cloud security area, Ermetic stands out by being the “only provider” that takes an “identity-first” approach to securing cloud environments, he said.

Product roadmap

Ermetic also brings a multi-cloud orientation with the ability to work across the three largest cloud providers – Amazon Web Services (AWS), Microsoft Azure and Google Cloud. Meanwhile, the platform is expanding its support for Kubernetes container orchestration, “which is like the fourth cloud – because you eventually have to dive deeper into the Kubernetes layer,” Morag said.

Along with the expansion of Kubernetes support, other plans for the platform in 2022 include strengthening its capabilities on the network side, providing a greater “link between identity and network in the cloud,” he said.

In addition, Ermetic plans to improve and expand its infrastructure code (IaC) capabilities. Currently, when the enterprise solution finds an error configuration, it generates Terraform or AWS CloudFormation code that allows the customer to fix the problem directly in the code. Looking ahead, Ermetic aims to help customers discover misconfigurations in the code itself, right from the start before the code is released.

Growing pains

Ermetic was founded in 2019 and expects its revenue to grow at least 5X in 2021 compared to last year, Morag said.

Among the startup’s hundreds of customers are companies including Alkami, AppsFlyer, Beth Israel Lahey Health, Dataminr, IntelyCare, IronSource, Latch, Riskified, Symphony Talent, Tyler Technologies and Wex.

With the help of the new financing, Ermetic aims to continue its strong growth pace in 2022 in markets that include the United States, Europe, the Middle East and Africa, as well as Asia and the Pacific. Tel Aviv, Israel-based Ermetic currently employs 110 and expects to reach 170 within six months, Morag said.

New financing

The company’s Series B round was led by Qumra Capital and included participation from Forgepoint Capital, Accel, Glilot Capital Partners, Norwest Venture Partners and Target Global. Ermetic has now raised a total of $ 100 million in funding to date. The company has not disclosed its valuation.

Along with Morag, the company’s founding team includes Chief Business Officer Arick Goomanovsky, Chief Technology Officer Michael Dolinsky and Chief Product Officer Sivan Krigsman.

Morag was a former co-founder of Secdo, acquired by Palo Alto Networks, while Goomanovsky was a former co-founder of Sygnia Consulting, acquired by Temasek Holdings. Dolinsky previously co-founded Aorato – where Krigsman was the first employee, and which continued to be acquired by Microsoft.

VentureBeat

VentureBeat’s mission is to be a digital marketplace for tech makers to learn about transformative technology and trade. Our site provides essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to join our community to access:

  • updated information on topics of interest to you
  • our newsletters
  • gated thoughtful content and reduced access to our valued events, such as Transformation 2021: Learn more
  • networking features and more

sign up

Leave a Comment