Sequoia Capital

The Zafran Threat Exposure Management Platform is the first and only consolidated platform that integrates with your security tools to reveal, remediate, and mitigate the risk of exposures across your entire infrastructure. Zafran uses an agentless approach to reveal what is truly exploitable, while reducing manual prioritization and remediation through automated response workflows.

Oasis Security specializes in non-human identity management technology designed to enhance visibility and risk assessment while automating vulnerability remediation. The company offers a platform that simplifies secret management compliance and automatically identifies non-human identities, helping clients strengthen their security posture and enforce robust governance. By streamlining these processes, Oasis enables organizations to effectively tackle security challenges and bolster their cybersecurity defenses without introducing operational complexity.

The Zafran Threat Exposure Management Platform is the first and only consolidated platform that integrates with your security tools to reveal, remediate, and mitigate the risk of exposures across your entire infrastructure. Zafran uses an agentless approach to reveal what is truly exploitable, while reducing manual prioritization and remediation through automated response workflows.

AI fighting AI. CISOs face an impossible risk landscape today. 80% of cybersecurity breaches start because of employee error. The problem is exacerbating with generative AI, as a single hacker can specifically target thousands of employees in the same amount of time that they used to specifically target tens of employees with social engineering. CISOs lack tools to deal with employee risk and are held accountable when a breach inevitably happens. By leveraging AI at each step, Dune Security empowers organizations to quantify individual risk through analyzing user behavior, context, learning patterns, and third party data. This allows the automation of tailored cybersecurity measures to each individual, transforming vulnerabilities into strengths. Dune is the central engine of all employee risk data, which is a solution that is not just timely for organizations but necessary in navigating the present cybersecurity landscape. This gives the CISO the capability to understand who are the high risk employees, to what extent, and why - as well as automatically remediate and restrict access to keep their organization safe. Today, Dune Security uniquely replaces legacy and ineffective security awareness training by pinpointing the crucial 8% of employees responsible for 80% of the risk, ensuring all employees receive personalized, machine learning-driven training tailored to their risk profile. CISOs also have easy access to quantifiable data via robust reporting and API-out capability, enabling them to both report to compliance auditors, regulators, and insurance underwriters, as well as restrict access to high-risk employees through other security systems.

Middesk, Inc. is an identity platform founded in 2018 and headquartered in San Francisco, California. The company offers automated business verification services and provides essential contextual information about various businesses. Its platform allows organizations to capture, verify, and monitor business credentials effectively, facilitating compliance with contractual and regulatory requirements. Additionally, Middesk notifies service providers of changes within their customer base, enabling them to maintain an accurate understanding of their clients and better address their needs. By centralizing the credentialing process, Middesk helps companies streamline onboarding and enhance operational efficiency while managing risk and compliance.

Vanta is a trust management platform that focuses on simplifying security and compliance processes for organizations. The company develops software that automates evidence collection for various compliance frameworks, allowing businesses to effectively manage risk through continuous control monitoring. By supporting sales teams with real-time insights, Vanta enhances trust and streamlines security reviews. Its solutions enable organizations to scale their security practices and achieve compliance with industry standards, thereby establishing credible security programs and obtaining necessary certifications to safeguard consumer data.

Robust Intelligence, Inc. is a San Francisco-based company founded in 2019 that focuses on enhancing the security and reliability of artificial intelligence systems. The company provides an automated platform designed to safeguard enterprises from AI security vulnerabilities by detecting and mitigating model threats. Its comprehensive solution includes proprietary red teaming, threat intelligence, and guardrails to ensure secure AI deployment in production. Robust Intelligence's platform features two key components: automated tests for pre-production models and quality assurance tests for in-production models. This dual approach enables clients to identify and eliminate contaminated data, thereby improving model performance in complex production environments.

Fireblocks Inc. is a blockchain-based security service platform that provides a secure solution for managing digital asset operations. Founded in 2018 and headquartered in New York, with an additional location in Tel Aviv, Fireblocks specializes in protecting the transmission of digital assets between exchanges, wallets, and counterparties. The platform is designed for financial institutions, including banks, fintech companies, exchanges, liquidity providers, over-the-counter brokers, and hedge funds, allowing them to securely manage their digital assets. Fireblocks employs advanced technologies such as patent-pending chip isolation security and multi-party computation (MPC) to ensure the safe transfer and availability of assets across various environments.

RabbitX is a decentralized finance platform that simplifies investment in global stocks, foreign exchange, commodities, and digital assets without charging commissions. The platform leverages advanced Zero-Knowledge decentralized scaling technology to enhance user experience and security. It offers unique features such as interest rate swaps, enabling users to trade, speculate, and hedge interest rates in cryptocurrency transactions. Supported by prominent investors, RabbitX aims to modernize finance by integrating traditional financial instruments into the digital landscape.

Fireblocks Inc. is a blockchain-based security service platform that provides a secure solution for managing digital asset operations. Founded in 2018 and headquartered in New York, with an additional location in Tel Aviv, Fireblocks specializes in protecting the transmission of digital assets between exchanges, wallets, and counterparties. The platform is designed for financial institutions, including banks, fintech companies, exchanges, liquidity providers, over-the-counter brokers, and hedge funds, allowing them to securely manage their digital assets. Fireblocks employs advanced technologies such as patent-pending chip isolation security and multi-party computation (MPC) to ensure the safe transfer and availability of assets across various environments.

Vanta is a trust management platform that focuses on simplifying security and compliance processes for organizations. The company develops software that automates evidence collection for various compliance frameworks, allowing businesses to effectively manage risk through continuous control monitoring. By supporting sales teams with real-time insights, Vanta enhances trust and streamlines security reviews. Its solutions enable organizations to scale their security practices and achieve compliance with industry standards, thereby establishing credible security programs and obtaining necessary certifications to safeguard consumer data.

Middesk, Inc. is an identity platform founded in 2018 and headquartered in San Francisco, California. The company offers automated business verification services and provides essential contextual information about various businesses. Its platform allows organizations to capture, verify, and monitor business credentials effectively, facilitating compliance with contractual and regulatory requirements. Additionally, Middesk notifies service providers of changes within their customer base, enabling them to maintain an accurate understanding of their clients and better address their needs. By centralizing the credentialing process, Middesk helps companies streamline onboarding and enhance operational efficiency while managing risk and compliance.

SafeBreach Inc. is a cybersecurity company that specializes in breach and attack simulation (BAS). Founded in 2014 and headquartered in Sunnyvale, California, with an additional location in Tel Aviv, Israel, SafeBreach offers a platform that enables organizations to proactively assess their security posture. The platform utilizes a comprehensive Hacker's Playbook, which includes real-world breach methods, to simulate potential attacks across various network segments, cloud environments, and endpoints. By mimicking the tactics of virtual hackers, SafeBreach helps businesses identify vulnerabilities and improve their security controls before actual breaches occur. The platform integrates seamlessly with security information and event management systems, ticketing systems, and automation vendors, allowing for enhanced incident response and remediation. Funded by notable investors, SafeBreach continues to innovate in the field of cybersecurity, providing vital insights to strengthen enterprise defenses against evolving threats.

Robust Intelligence, Inc. is a San Francisco-based company founded in 2019 that focuses on enhancing the security and reliability of artificial intelligence systems. The company provides an automated platform designed to safeguard enterprises from AI security vulnerabilities by detecting and mitigating model threats. Its comprehensive solution includes proprietary red teaming, threat intelligence, and guardrails to ensure secure AI deployment in production. Robust Intelligence's platform features two key components: automated tests for pre-production models and quality assurance tests for in-production models. This dual approach enables clients to identify and eliminate contaminated data, thereby improving model performance in complex production environments.

Middesk, Inc. is an identity platform founded in 2018 and headquartered in San Francisco, California. The company offers automated business verification services and provides essential contextual information about various businesses. Its platform allows organizations to capture, verify, and monitor business credentials effectively, facilitating compliance with contractual and regulatory requirements. Additionally, Middesk notifies service providers of changes within their customer base, enabling them to maintain an accurate understanding of their clients and better address their needs. By centralizing the credentialing process, Middesk helps companies streamline onboarding and enhance operational efficiency while managing risk and compliance.

Armis offers an asset intelligence platform, designed to address the new threat landscape that connected devices create. It provides a cyber exposure management and security platform that protects the attack surface and manages the organization’s cyber risk exposure in real-time.

Robust Intelligence, Inc. is a San Francisco-based company founded in 2019 that focuses on enhancing the security and reliability of artificial intelligence systems. The company provides an automated platform designed to safeguard enterprises from AI security vulnerabilities by detecting and mitigating model threats. Its comprehensive solution includes proprietary red teaming, threat intelligence, and guardrails to ensure secure AI deployment in production. Robust Intelligence's platform features two key components: automated tests for pre-production models and quality assurance tests for in-production models. This dual approach enables clients to identify and eliminate contaminated data, thereby improving model performance in complex production environments.

BasisAI is a Singapore-based company that develops an artificial intelligence platform aimed at enhancing enterprise growth and managing risk. Its technology allows for the secure deployment of AI models, tracking data provenance, and monitoring algorithmic integrity. The platform is designed to facilitate AI adoption in various sectors, particularly targeting financial technology and Internet firms. By ensuring AI explainability and providing the necessary structures and frameworks, BasisAI enables enterprises to integrate advanced AI capabilities effectively and responsibly.

Comprehend Systems, Inc. is a provider of cloud-based continuous quality solutions for clinical operations, founded in 2010 and headquartered in Redwood City, California. The company offers a suite of clinical intelligence applications designed to enhance the speed, safety, and quality of clinical trials. These solutions support clinical operations executives, data managers, and medical monitors by delivering actionable insights for portfolio monitoring, CRO oversight, risk management, and collaboration across various teams and sites. Comprehend's tools aim to streamline the clinical trial process, improving overall performance and risk assessment throughout the research lifecycle. As of August 2019, Comprehend operates as a subsidiary of Saama Technologies, Inc.

SecurityScorecard, Inc. is a cybersecurity firm that specializes in providing a comprehensive rating and continuous monitoring platform to assess the cybersecurity strength of businesses and their third-party vendors. Established in 2013 by experts in security and risk, the company offers a range of solutions, including ThreatMarket, a cloud-based vulnerability search engine that identifies and correlates security-risk indicators across multiple categories such as application security and network vulnerabilities. Its services support vendor risk management, board reporting, and cyber insurance underwriting for over 1,000 organizations, including Fortune 1000 companies globally. SecurityScorecard's innovative approach includes interactive tools like Score Planner for remediation planning, Scorecard Event Log for transparent score tracking, and Atlas for managing cybersecurity questionnaires and controls at scale. By providing real-time risk ratings that align with vendor cybersecurity assessments, SecurityScorecard enhances organizational resilience and improves communication of cybersecurity risks to stakeholders. The company is headquartered in New York, New York.

SecurityScorecard, Inc. is a cybersecurity firm that specializes in providing a comprehensive rating and continuous monitoring platform to assess the cybersecurity strength of businesses and their third-party vendors. Established in 2013 by experts in security and risk, the company offers a range of solutions, including ThreatMarket, a cloud-based vulnerability search engine that identifies and correlates security-risk indicators across multiple categories such as application security and network vulnerabilities. Its services support vendor risk management, board reporting, and cyber insurance underwriting for over 1,000 organizations, including Fortune 1000 companies globally. SecurityScorecard's innovative approach includes interactive tools like Score Planner for remediation planning, Scorecard Event Log for transparent score tracking, and Atlas for managing cybersecurity questionnaires and controls at scale. By providing real-time risk ratings that align with vendor cybersecurity assessments, SecurityScorecard enhances organizational resilience and improves communication of cybersecurity risks to stakeholders. The company is headquartered in New York, New York.

Comprehend Systems, Inc. is a provider of cloud-based continuous quality solutions for clinical operations, founded in 2010 and headquartered in Redwood City, California. The company offers a suite of clinical intelligence applications designed to enhance the speed, safety, and quality of clinical trials. These solutions support clinical operations executives, data managers, and medical monitors by delivering actionable insights for portfolio monitoring, CRO oversight, risk management, and collaboration across various teams and sites. Comprehend's tools aim to streamline the clinical trial process, improving overall performance and risk assessment throughout the research lifecycle. As of August 2019, Comprehend operates as a subsidiary of Saama Technologies, Inc.

Comprehend Systems, Inc. is a provider of cloud-based continuous quality solutions for clinical operations, founded in 2010 and headquartered in Redwood City, California. The company offers a suite of clinical intelligence applications designed to enhance the speed, safety, and quality of clinical trials. These solutions support clinical operations executives, data managers, and medical monitors by delivering actionable insights for portfolio monitoring, CRO oversight, risk management, and collaboration across various teams and sites. Comprehend's tools aim to streamline the clinical trial process, improving overall performance and risk assessment throughout the research lifecycle. As of August 2019, Comprehend operates as a subsidiary of Saama Technologies, Inc.

PortAuthority Technologies, Inc. develops security software that controls the communication of sensitive information via outbound e-mail, Internal, and Web. It offers information leak prevention and data recovery security solutions that stop leaks of private and confidential information by monitoring outbound enterprise communication and delivering policy enforcement. The company also provides various services, such as risk assessment, risk visibility and risk remediation, and installation services. It serves financial services, healthcare, government, and technology industries.

LogicalApps, Inc. provides embedded governance software for enterprise applications. It offers ACTIVE Governance for real-time detection, prevention, and reporting of financial and operational risk. The company was founded in 2000 and is headquartered in Irvine, California with regional offices in the United States. As of October 26, 2007, Logical Apps, Inc. is a subsidiary of Oracle Corp.

Elemental Cyber Security, Inc. specializes in providing cyber security solutions aimed at protecting digital assets for enterprises. Founded in 2002 and headquartered in Las Vegas, Nevada, the company offers the Elemental Security Platform, which automates cyber security policies, compliance, and risk management. This platform enables organizations to align their business objectives with specific policies tailored for different users and systems within their networks. In addition to its software solutions, Elemental Cyber Security provides maintenance and support services that include product updates, online assistance, training, and evaluations of existing tools to enhance operational efficiency. The company's offerings are designed to streamline security operations, facilitate regulatory compliance, and deliver timely security intelligence, ultimately reducing costs associated with audits and compliance programs.

Elemental Cyber Security, Inc. specializes in providing cyber security solutions aimed at protecting digital assets for enterprises. Founded in 2002 and headquartered in Las Vegas, Nevada, the company offers the Elemental Security Platform, which automates cyber security policies, compliance, and risk management. This platform enables organizations to align their business objectives with specific policies tailored for different users and systems within their networks. In addition to its software solutions, Elemental Cyber Security provides maintenance and support services that include product updates, online assistance, training, and evaluations of existing tools to enhance operational efficiency. The company's offerings are designed to streamline security operations, facilitate regulatory compliance, and deliver timely security intelligence, ultimately reducing costs associated with audits and compliance programs.