Cybersecurity startup CyCognito secures $23M to provide a global analysis of attack surface for organizations and eliminate their shadow risks

With daily headlines filled with cyber attacks, organizations, more than ever, need to stay ahead of the bad actors. Unfortunately, most organizations still take a reactive approach to cybersecurity. It is important for organizations to identify what their critical assets are and how attackers could exploit blind spots. For example, NIST has provided a cybersecurity framework to guide government agencies and organizations in their cybersecurity journey. In addition, organizations also need new tools to help them discover, enumerate, and prioritize their shadow risk based upon a global analysis of their external attack surface and the attack vectors that a real attacker would likely exploit. One of the leading startups at the forefront of protecting organizations against shadow risks is, CyCognito.

Founded in 2018 by veterans of national intelligence agencies, CyCognito understands how attackers exploit blind spots that legacy approaches help create, and who recognized the need for a radical new approach to risk assessment. Its mission is to help organizations eliminate their most critical security risks, which are often unknown to them: assets and attack vectors that are part of the organization’s IT ecosystem but may not be managed by IT and security teams because they are in various cloud, partner and subsidiary environments, or are abandoned. Sophisticated attackers actively seek these assets, which create “shadow risk.”

Today, the San Francisco, California-based CyCognito announced that it has raised $18 million in Series A funding to evolve its SaaS platform, which is already in use by dozens of customers, including global financial, healthcare and hospitality organizations. The round was led by Lightspeed Venture Partners with significant participation by Sorenson Ventures and a personal investment from John W. Thompson, Venture Partner at Lightspeed and Chairman of Microsoft. Investors from the $5 million US seed funding round also participated in the Series A, including Sorenson Ventures, UpWest and Dan Scheinman. Along with the funding, CyCognito also today introduced its next-generation platform.

CyCognito’s new platform fills a fundamental security gap representing a $50 billion US total addressable market today: identifying and eliminating shadow risk, an organization’s security blind spots. The gap has widened dramatically as organizations have transformed from operating with a well-defined perimeter to building hyperconnected, fluid IT ecosystems that span on-premises, cloud, partner and subsidiary environments. CyCognito addresses this gap with a category-defining, transformative platform that automates offensive cybersecurity operations to provide reconnaissance capabilities superior to those of attackers.

“As enterprises have adopted the cloud, their security perimeter has evolved, which has exposed them to new threats. Their existing solutions were not built for today’s reality. CyCognito is a modern, automated platform that redefines the way brands protect themselves and their customers from today’s and tomorrow’s cyberattacks,” Arif Janmohamed, Partner at Lightspeed Venture Partners, said.

“Protecting an organization from cyberattacks is one of the most challenging missions of this century,” said John W. Thompson, Venture Partner at Lightspeed and Chairman of Microsoft. “Rob and Dima have leveraged their cybersecurity experience and combined it with internet-scale infrastructure to create a platform that can consistently outperform professional cybercriminals.”