RiskSense has raised $12 million in a second round of financing to help customers prioritize cybersecurity risks. It’s also helping several U.S. states reduce cyberthreats related to the upcoming midterm elections.
Spring Mountain Capital and NightDragon Security led the round, with participation from UL Ventures, Paladin Capital Group, Sun Mountain Capital, EPIC Ventures, and Jump Capital. RiskSense will use the money to accelerate growth through sales, marketing, and research and development investments. It is also one of many security companies exhibiting at the Black Hat corporate security conference in Las Vegas this week.
The RiskSense management and technical team has collaborated with the U.S. Department of Defense and U.S. Intelligence Community on applying artificial intelligence to cybersecurity problems as part of the CACTUS (Computational Analysis of Cyber Terrorism against the U.S.) project.
“This new investment will allow us to take advantage of the enormous market opportunity for helping customers prioritize their risks. The funding will provide the resources we need to accelerate our business momentum and strengthen our technology advantage,” said RiskSense CEO Srinivas Mukkamala, in a statement. “We are pleased to welcome Spring Mountain Capital to our board. Both Raymond Wong and Dave DeWalt will be invaluable advisors to our management team.”
The RiskSense threat and vulnerability prioritization platform is used by Global Fortune 500 customers, government agencies, and one of the largest telecommunications providers in the world to deliver managed security services to businesses.
“Spring Mountain Capital invests in companies that are developing breakthrough technology innovations in high growth markets. RiskSense stands out in the cyber risk management sector because of its ability to identify and prioritize security blind spots, so companies can fix what matters most,” said Raymond Wong, managing director and head of growth equity at Spring Mountain Capital, in a statement. “We love the fact that RiskSense makes the security tools that companies already have more effective.”
RiskSense provides clear remediation guidance to ensure that what is fixed actually reduces an organization’s overall risk. The RiskSense Security Score (RS3) gives chief information security officers and boards more visibility into their temporal risk with a simple, credit-like score, as well as offering a framework for tracking and making improvements over time, the company said.
According to a recent Gartner report, IT security managers often ask about prioritizing risks. They may have 1,000 critical vulnerabilities but can only fix 100 in a month. RiskSense answers the question of which ones to focus on first.
“I’ve evaluated hundreds of security companies, and what I admire most about RiskSense is their focus on addressing the one problem every organization faces — reducing risk by prioritizing the vulnerabilities that need immediate attention,” said Dave DeWalt, founder of NightDragon and now a strategic advisor to the RiskSense board of directors, in a statement. “Reducing IT risk is now a board-level topic, and RiskSense provides CEOs and their boards a solution and framework for reducing risk and continuously evaluating their risk assessment in business terms.”
The company was founded in 2016 and has 95 employees. It has raised $24.2 million to date. Asked what sets it apart, the company said in an email, “RiskSense is an overlay technology that makes existing security products better. It gathers and correlates threat and vulnerability data from security tools inside a company and external threat intelligence sources. Then it uses an analytics engine to determine which threats pose the most imminent risk to the company and risk-scores them. This allows security teams to prioritize and focus on fixing the most important vulnerabilities first. For example, they are working with several states to harden election systems security ahead of the midterm elections.”