Security startups are becoming more and more prevalent these days. It never hurts to have extra security for your information and cloud data as we all join the IoT. However, Synack has a very different approach; so much so that it’s gained a lot of support in investments from companies such as Microsoft, Hewlett-Packard Enterprise, and Singtel Innov8, giving the security startup a whopping $21M in Series C funding.
Founded in 2013 by security experts and former NSA employees Jay Kaplan and Mark Kuhr, Synack changes traditional models of a security startup through an offensive approach rather than a defensive one. Their aim is to provide customers with a scalable and continuous hacker-powered intelligence platform that finds security vulnerabilities that traditional pen testers and scanners overlook. Kuhr and Kaplan decided to create this startup after the feeble defensive tactics of companies that were under scrutiny at the time, such as Sony, JP Morgan Chase, OPM, Ashley Madison, Adobe, and Target.
“Jay Kaplan and I left the NSA to come up with a different way for offensive security for the enterprise,” said Mark Kuhr, CTO of Synack, “We noticed at [the] NSA that hackers were coming through all the defenses, taking data and putting malware on the systems.”
The company uses a three-pronged strategy to help protect their customers. First, they contact a community of several hundred white-hat hackers from around the world to test the system. Next, that community conducts penetration testing, looking for currently overlooked vulnerabilities within that system. The final part of their strategy is to develop a successful plan that will protect the system.
The idea is that to protect yourself from attacks; you have to think like a hacker. Kuhr says that the NSA used a similar tactic before he and Kaplan left, and realizes that most private companies do not have access to the talent or resources that the NSA does. This reason is why Synack is trying to package that kind of protection as a service. Synack works on a flat-fee subscription model, merging the human element and the machine element of the service seamlessly. While it does seem scary to have hackers routing around in a company’s private data, they professionally vet their employees to make sure they are 100% ethical and have a clean background check. The company runs automated systems and brings in the experts when necessary.
Currently, Synack has 100 customers, and are looking to expand into new markets in Europe and Asia with the new funding.
