The Transform Technology Summits start October 13th with Low-Code/No Code: Enabling Enterprise Agility. Register now!
Oak9, a startup launching an “infrastructure-as-code” security platform, today announced that it raised $5.9 million in a seed round led by Menlo Ventures. The company says that it’ll put the funding toward expanding its platform and workforce as it looks to accelerate its go-to-market efforts.
In a 2017 Deloitte survey, only 42% of respondents considered their institutions to be “extremely” or “very” effective at managing cybersecurity risk. The pandemic has certainly done nothing to alleviate these concerns. Despite increased IT security investments companies made in 2020 to deal with distributed IT and work-from-home challenges, nearly 80% of senior IT workers and IT security leaders believe their organizations lack sufficient defenses against cyberattacks, according to IDG.
Oak9 aims to support the delivery of cloud-native apps while providing security, integrating with the software development lifecycle and analyzing infrastructure-as-code. The platform’s continuous monitoring helps to maintain security across cloud ecosystems, while prebuilt security-as-code blueprints check for evolving requirements and potential data drift.
“The company’s three founders — Raj Datta, Om Vyas, and Aakash Shah — have known each other for 20 years and all live within blocks of each other in the Chicago area,” a spokesperson told VentureBeat via email. “Aakash and Om began working on a platform that would improve collaboration between development and security to enable the business to deliver with velocity and agility. Their aim was to enable development teams to take advantage of the 100 time gains in velocity that infrastructure as code made possible, while also making sure cloud-native applications were comprehensively secure by design. Raj was advising them at the time and as they looked to commercialize the platform, he was the ideal fit to build a well rounded founding team, and Oak9 was born.”
Infrastructure as code
Infrastructure as code is the process of managing datacenters through machine-readable definition files, rather than hardware configurations. It grew as a response to the challenges posed by utility computing — the thought of modeling infrastructure with code and having the ability to design, implement, and deploy app infrastructure appealed to both software developers and IT infrastructure administrators. The ability to treat infrastructure like code and use the same tools as any other software project would allow developers to rapidly deploy applications, the thinking went.
With Oak9, which focuses on organizations that use infrastructure-as-code to deploy their cloud-native apps, the company’s “hundreds” of users can choose from an array of integration options to secure their apps and visually depict their infrastructure as code and make security design changes with a drag-and-drop interface. Security teams receive alerts as security-relevant changes are made to their apps.
“Oak9 natively understands infrastructure as code to intelligently learn what the application architecture is and how it changes from release to release. Every time a developer makes changes to the infrastructure as code, Oak9 dynamically applies the right security requirements to the application, based on an understanding of the business use case, the application’s compliance and regulatory needs, and the customer’s best practices,” the spokesperson continued. “Oak9 automatically updates the infrastructure as code to remediate security design gaps to ensure that every application release is secure and compliant by design.”
According to Markets and Markets, the security orchestration, automation, and response (SOAR) segment is expected to reach $1.68 billion this year, driven by a rise in security breaches and incidents and the rapid development and deployment of cloud-based solutions. Risk Based Security found that data breaches exposed 4.1 billion records in the first half of 2019. That may be why 68% of business leaders in a recent Accenture survey said they feel their cybersecurity risks are increasing.
“The best way to secure cloud-native applications is to design security into the application. By intelligently learning the application architecture and its need for security, Oak9 builds security into the application to ensure that what gets delivered is secure and compliant by design,” Datta told VentureBeat in an interview. “And if there are any security gaps, the development team is immediately notified so they can be remediated. And it’s not just about individual configurations. Oak9 keeps an eye on the entire application architecture starting in the design phase and continuously assesses risk to manage potential drift.”
Hyde Park Angels and Uncorrelated Ventures also participated in 38-employee Oak9’s funding round.
VentureBeatVentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
- up-to-date information on the subjects of interest to you
- our newsletters
- gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
- networking features, and more