Revelstoke nabs $13M to launch low-code SOAR solution

Today, Revelstoke announced the launch of a new Security Orchestration Automation and Response (SOAR) solution designed to automate analysis tasks within Security Operations Centers (SOCs). The organization also raised $13 million in funding 

This marks Revelstoke’s entry into the SOAR market, which is expected to grow at a 14.6% compound annual growth rate to reach $2.02 billion by 2025. 

Revelstoke offers CSOs and technical decision-makers a solution that can automate manual administration tasks in the SOC and enable analysts to spend more time on rewarding work like mitigating complex and unique threats.  

Confronting the limitations of traditional SOAR tools 

Manual administration tasks, particularly managing false positive alerts, has been a problem for SOC teams for quite some time. Modern SOC environments can be so complex that a poll of 2,303 IT security and SOC decision-makers found that 70% of respondents reported their work/life balance has been impacted by their work to actively identify and mitigate IT threats. 

While a wide range of companies use SOAR tools as part of their security strategy, Bob Kruse, CEO and cofounder of Revelstoke, believes they’ve done a poor job at reducing complexity for security analysts. 

“CISOs and security analysts at Security Operations Centres (SOCs) are inundated with threat data and intelligence,” Kruse said in an interview. “Some SOAR solutions provide 100% automation but lack the ability to customize when needed, while other SOAR solutions are too complex and require extensive development and programming.”

“We believe the next generation SOAR needs to provide the best of both worlds: no-code capabilities to fully automate analysis and scale redundant processes while also enabling low-code capabilities for customisation,” he said. 

A no-code entry into the SOAR market 

Out of all the providers in the SOAR market, perhaps Revelstoke’s most relevant competitor is Tines, a no-code security automation platform, which last year raised $26 million in Series B funding, bringing the total funding of the company to $41.1 million and achieving a valuation of $300 million. 

While solution providers like Tines are also focusing on no-code approaches to security automation, Kruse believes that Revelstoke’s Unified Data Layer is the company’s “secret sauce.” “The UDL enables us to eliminate nearly all coding requirements and creates the flexibility to integrate anything and automate everything.” he said. 

“The capabilities of the Unified Data Layer is what allows CISOs to plug-and-play new technologies and new products. It ends the need [of] the Sophie’s Choice of CISOs: Take my network off-line for significant downtime to install new technologies, or stay the course with an outdated product set and suffer vendor lock?” 

Kruse and Revelstoke hope to build on existing SOAR tools to build a solution that can automate the tasks needed to run the SOC and decrease the administrative burdens that have created a stressful working environment for security analysts. 

The Series A funding round for Revelstoke included participation from ClearSky, CrossLink Capital, and Rally Ventures.