Cybersecurity startup GreyNoise raises $15M in Series A funding to reduce false-positive security alerts and fight mass vulnerability exploitation

It’s unbelievable how fast time flies. It was just like yesterday when Cybersecurity startup GreyNoise Intelligence raised its seed funding to help security teams focus on real security threats. As we reported back then, GreyNoise closed a $600K seed financing to filter out the background noise consisting largely of false positives and allow security teams to streamline and prioritize threat analysis. Since then, the company has grown exponentially.

Today, the Washington, DC-based GreyNoise Intelligence announced it has raised a $15 million in Series A funding led by Radian Capital, bringing its total funding to date to $21 million. With this funding, GreyNoise will accelerate the development and distribution of its unique threat intelligence data solution, which helps security teams waste less time on irrelevant or harmless activity, and spend more time focused on targeted and emerging threats.

Every day, organizations around the world are faced with millions of security alerts. Separating noise from the signals and knowing the difference between benign and malicious internet scans can save the company time and money. GreyNoise helps enterprises identify Internet background noise caused by benign sources that inflate the volume of security alerts.

GreyNoise Intelligence was founded in 2017 by CEO Andrew Morris with the goal of analyzing Internet background noise to remove pointless security alerts, find compromised devices and identify emerging threats. After initially releasing a free API to access the collected data, which quickly gained thousands of followers, GreyNoise deployed an enterprise service in late 2018. GreyNoise analyzes Internet background noise, removes pointless security alerts, finds compromised devices, or identifies emerging threats.

Commenting on the funding, GreyNoise founder and CEO Andrew Morris explains: “Ask any SOC analyst and they will tell you that existing network security products aren’t cutting it. Security tools generate thousands of alerts from harmless events that need to be investigated, and alert fatigue causes missed threats and productivity issues. Our research and customer feedback have demonstrated that this is a largely solvable problem.”

Morris added: “To address these issues, GreyNoise separates irrelevant internet noise from emerging threats. This enables security teams to quickly eliminate noisy security alerts from the SOC, identify and block mass exploit attacks, hunt for compromised systems, and prioritize patching. We offer security teams a better way to stay ahead of large opportunistic attacks such as Log4J.”

Using a global network of passive sensors, GreyNoise collects, analyzes, and labels data on IPs that scan and attack the internet, saturating security tools with noise. GreyNoise data provides security teams with an early warning system for mass exploitation attacks on the internet, real-time IP block lists they can use to defend themselves, and context to quickly eliminate noisy alerts.

“We’re thrilled to invest and partner with GreyNoise, a company that has taken an innovative approach to tackling the enormous issue of mass exploitation attacks and internet noise,” said Dave Sack, Principal, Radian Capital. “GreyNoise has created a category-defining new product that helps security teams to sort out irrelevant alerts and focus their time and energy on targeted and emerging threats. With applicability to almost any security organization, the market for this solution is enormous and growing quickly.”

GreyNoise is used by Global 2000 enterprises, governments, top security vendors and tens of thousands of threat researchers, including industry leaders such as Airbus, CenturyLink, The Intercontinental Exchange, and multiple US and NATO Defense and Intelligence agencies.

It is particularly valuable for enterprises that have a Security Operations Center and runs a Security Information and Event Management (SIEM) or Security Operations Analytics and Reporting (SOAR) platform. GreyNoise is also committed to supporting the broader security community via its free Community plan, which currently serves security analysts at over 10,000 organizations.

In 2022, GreyNoise ranked #2 on The Cyber Top 20 list for “Cyber Alert Reduction” and was recognized by the Cybersecurity Excellence Awards as one of the industry’s “Best Cyber Security Startups.”