Serial Cybersecurity Entrepreneurs Liran Tancman and Shlomi Boutnaru Have Developed a Turnkey Protection Solution to Bridge the Gap Between Security and Devops
Rezilion, the autonomous cloud workload protection platform, announced its emergence from stealth and $8 million in seed funding led by Jerusalem Venture Partners (JVP). JVP was joined by Kindred Capital, LocalGlobeת Samsung NEXT. The round also included participation from angel investors Ron Zuckerman, Guy Schory, and others. The investment will be used to expand their R&D team in Israel, as well as build sales operations and support in the US. The company was founded by serial cybersecurity entrepreneurs Liran Tancman and Shlomi Boutnaru whose first company, CyActive, was acquired by PayPal in 2015.
Modern enterprise infrastructure is scaling and changing at an overwhelming pace. As companies adopt automated DevOps technologies the rate of deployments grows exponentially, yet security teams are working with fixed budgets and limited human resources, and they struggle to keep up with the resulting security exposure explosion. Current cloud protection solutions require manual policy configuration and alert response. Rezilion’s innovative approach requires no human configuration and automatically returns any compromised service to its known-good state, thus enabling DevOps teams to continuously deploy without risk and eliminating friction between developers and security practitioners.
“Rezilion empowers developers by baking protection into existing DevOps tools so they don’t have to be ‘policed’ by security teams,” said Liran Tancman, CEO and co-founder, Rezilion. “To achieve this, we are partnering with leading DevOps and cloud platforms in order to seamlessly weave security into the operational fabric. Our goal is to enable security teams to focus their time and energy on fire prevention instead of fire fighting, knowing that resilience is directly integrated into the infrastructure and automatically mitigating issues in real-time. Our partnership with Chef is a big step toward realizing this vision.”
“By tightly integrating with our Enterprise Automation Stack, Rezilion enables Chef customers to autonomously secure their production environments and ensure every application is running in a known-good state,” said Corey Scobie, CTO of Chef.
AppsFlyer, a leading mobile attribution and marketing analytics company, has chosen Rezilion to secure its production environment. “All the cloud workload protection solutions that we looked at before Rezilion, eventually were unable to keep up and support the rate and quantity of change in our environment,” said Guy Flechter, CISO of AppsFlyer. “We love Rezilion’s approach because it solves problems in production automatically. Rezilion helps us protect our environment as a continuous process without the need for heuristics or machine learning that require tuning and verification by a human being.”
Research earlier this year found 34M vulnerabilities across AWS, Azure, Google Cloud and other leading providers over an 18 month period, the threats resulting from applications that customers deploy on cloud infrastructure. Heuristics-driven security tools require human administration and can’t keep up with the rate of change introduced by developers – resulting in increased false alerts rates which create more work and incurred costs for already taxed security teams. Rezilion helps organizations reduce their attack surface down to the code their developers already trust. The platform enables all services, even those containing vulnerabilities, to continue running without interruption by ensuring that if a vulnerability is exploited, the affected service is automatically returned to a known-good state and the attack is mitigated. Furthermore, Rezilion identifies unused vulnerable code in production, allowing DevOps teams to easily remove it and improve operational hygiene.
Rezilion offers a unique self-healing approach that doesn’t rely on past behavior or human vetting to separate intended functionality from malice and misconfiguration. Instead, Rezilion analyzes artifacts deployed to production and deterministically turns an organization’s CI/CD pipeline into a whitelist of known and legitimate outcomes. In case a workload is misbehaving – Rezillion returns it to a known-good state.
“Legacy security tools and solutions favor prudence over speed. DevOps requires speed and scale, and to keep up security must build resilience into the infrastructure,” added Shlomi Boutnaru, CTO and Co-founder. “Providing value to both the Security and DevOps teams by encoding security into existing DevOps and IT automation workflows, Rezilion allows production environments to run without fear of being compromised, even when vulnerabilities exist, and dramatically reduces the cloud workload attack surface.”
“Having been tasked with protecting and hardening web-scale environments for some of the world’s largest internet players, Liran and Shlomi developed a keen understanding of what is important for such customers,” commented Yoav Tzruya, General Partner at JVP. “We believe Rezilion’s self-healing approach to security transforms DevSecOps, filling a much needed gap. It provides a deterministic approach, with clear and demonstrable ROI, both for DevOps team, as well as security organization, through an automated approach.”