VentureBeat presents: AI Unleashed - An exclusive executive event for enterprise data leaders. Network and learn with industry peers. Learn More

As cloud adoption has increased, it’s become clear that many security teams can’t keep up. According to IBM, almost 45% of breaches occur in the cloud. Organizations don’t just need to improve their detection of cloud-based breaches. They also need to learn how to remediate intrusions as fast as possible to protect their data.

Cado Security, a cloud forensics and incident response platform, today announced it has raised $20 million as part of a funding round led by Eurazeo. The company aims to help security teams resolve security incidents faster through automation

Cado Security’s solution can automatically capture and process forensic-level data across cloud, container and serverless environments. This enables human users to identify the root cause of breaches and reduce their mean time to respond (MTTR). 

Closing the cloud incident response gap 

The funding comes as cloud breaches remain a pervasive threat, but also amid an ongoing cyber skills gap of over 700,000 positions.


AI Unleashed

An exclusive invite-only evening of insights and networking, designed for senior enterprise executives overseeing data stacks and strategies.


Learn More

That means there is a shortage of cloud security professionals equipped to prevent and mitigate breaches taking place across complex hybrid cloud and multicloud environments. Most security teams are therefore struggling to make sense of data breaches quickly enough. 

“While there has been significant investment in cloud prevention and detection, when it comes to incident response, there is a huge gap. Once something bad is identified, organizations often don’t have the ability to understand the true scope, impact and root cause of an incident,” said James Campbell, CEO and cofounder of Cado Security.

This leads security professionals to “close an incident without performing a proper deep-dive investigation,” or to “rely on a hodgepodge of open-source/traditional investigation tools that were built for an on-premises world to get to the bottom of what happened,” Campbell said.

Campbell argues the latter approach is ineffective because it relies on manual processes that can’t keep up with resources like containers, which can disappear before security teams can capture the underlying data and conduct an investigation.  

Cado Security’s answer to these challenges is to analyze data across the cloud, automatically collecting data from cloud provider logs, disk memory and other sources to identify an incident’s root cause and scope. 

A human analyst can then investigate a breach and view machine-generated details including root cause and compromised roles and accounts, so they can find the best way to respond to the breach.  

The cloud security market 

At a high level, Cado Security’s platform falls within the cloud security market, which MarketsandMarkets estimates will grow from $40.8 billion in 2022 to $77.5 billion in 2026.

The organization’s solution sits adjacent to cloud threat prevention technologies like CSPM, CWPP, CNAPP, and XDR, as it can collect and use data from these tools as part of an investigation within the Cado platform. Key vendors in the CNAPP and CSPM spaces include Palo Alto Networks and Wiz

However, while those organizations aim to mitigate cloud security incidents, Cado Security is more directly competing against providers like Mitiga, which also aim to automate cloud incident response — in this instance, with a managed cloud incident readiness and response solution.

Mitiga’s solution collects forensic data automatically across the cloud, and provides automated investigations to help organizations minimize their incident response times. Mitiga’s current funding is $32 million following a $25 million investment in August 2022.

Campbell suggests that the key differentiator between existing cloud security tools and Cado Security’s approach is the latter’s use of forensic-level data analysis.

“Cado is the first and only solution that addresses the challenge of forensics and incident response in the cloud. Cado’s architecture was designed to enable rapid data collection and processing. It would be extremely difficult for other cloud security solutions to deliver the same level of scalability, automation and speed in this area,” Campbell said.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.