Thursday, May 30 2024

VISO Trust, the industry’s first AI-based cybersecurity due diligence platform, announced today that it has raised $11 million in Series A funding led by Bain Capital Ventures, with additional participation from Work-Bench, Sierra Ventures, and Lytical Ventures. Mandiant CEO Kevin Mandia, Crowdstrike CEO George Kurtz, and former Splunk CEO Doug Merritt also participated in the round, and BCV Partner Enrique Salem will join VISO Trust’s Board of Directors.

VISO Trust is a third-party cyber risk management platform that leverages document heuristics, machine learning, and natural language processing to discover, classify, and assess relevant control language in artifacts that third parties already have, freeing risk and security teams from manual and mundane tasks like reading documents and analyzing spreadsheets. VISO Trust delivers the insights companies need to make good risk decisions and secure their third-party relationships with vendors and business and financial partners.

“In my career as a Chief Information Security Officer (CISO), I’ve learned that security and risk leaders want automated due diligence that can scale, not cumbersome survey mechanisms or dubious network scans,” said Paul Valente, CEO and co-founder of VISO Trust. “By bringing intelligence to the third-party security assessment process, risk teams can eliminate their manual and mundane tasks, like reading documents and analyzing spreadsheets, and get back to doing their intended job responsibility—solving security problems and informing business decisions to reduce risk.”

Today, more than 65% of security breaches occur because of third-party failures. Meanwhile, security analysts spend hours every day sending and processing third-party security questionnaires and simply can’t keep up with the rate at which their internal customers are bringing on new third parties. The urgency of this problem is exacerbated by the proliferation of SaaS products, and frustration with first-gen vendors that rely heavily on survey-based mechanisms or low-fidelity network scans.

VISO Trust was co-founded by former CISO Paul Valente (CEO) and veteran security and technology leader Russell Sherman (CTO). Both have lived on each side of this problem, previously managing thousands of third parties at highly regulated technology companies including LendingClub, Varo Money, and ASAPP, and spending years building security programs and software to support technology products in use by the Fortune 1000.

“When your security team is forced to analyze surveys and documents for hundreds or thousands or third parties, inevitably accuracy or speed will suffer,” said Sherman. “VISO Trust enables automated assessment in minutes, so security teams can deliver the accurate risk intelligence needed to make informed risk decisions when it matters the most—early in the procurement process.”

In under a year, VISO Trust has scaled rapidly among high-growth technology companies and Fortune 500 enterprises alike. Alexander Hughes, Director of Security, Trust, and Assurance at Cruise, credits VISO Trust with helping to secure Cruise’s extensive third-party population.

“VISO Trust has enabled us to move the needle on third-party risk at Cruise. We’ve been able to achieve unprecedented coverage of our third-party population and eliminated 90% of the effort required to assess third parties,” said Hughes. “The platform delivers everything we need to make qualified risk decisions about third parties; it is a brilliant solution that definitely beats any alternative option.”

The VISO Trust platform is ahead of the market in delivering an approach that is fully automated and easy for both vendors and customers alike, while delivering measurable efficiency gains to security teams.

“VISO Trust has enabled us to bring the security staff time per relationship down from more than 8 hours to only 30 minutes—for us that’s gold,” said James Nelson, VP of Information Security at Illumio.

Enrique Salem, Partner at Bain Capital Ventures, will join VISO Trust’s Board of Directors. Salem has a distinguished history in software and cybersecurity as the former CEO of Symantec, as well as serving as a current Board member at DocuSign, Mandiant, and Atlassian.

“Paul, Russ, and the VISO Trust team are addressing a deep and profound need in the world of information security, where I have spent nearly three decades of my career,” said Salem. “With the proliferation of data across SaaS, PaaS, and IaaS platforms, high accuracy third-party risk assessment that is easy to operationalize is more important than ever. VISO Trust has built a powerful and elegant solution to this problem.”

Paul Valente, co-founder and chief executive officer at VISO Trust

Previous

CardinalOps Raises $17.5M Series A Funding Round

Next

Cider Security Raises $38M in Series A funding

Check Also

Widget

Don’t Miss

Best Cloud Security Posture Management (CSPM) Software

Ellie Buscemi

What is Cloud Security Posture Management and how does it work? Cloud Security Posture Management (CSPM) is a product, service or platform that allows a business to protect their cloud infrastructure through the prevention, detection and response of cyber risks. A CSPM offering uses known and effective frameworks, regulatory standards and company policies to confirm […]

Best Privileged Access Management (PAM) Products

Lara Oporto

What is Privileged Access Management and how does it work? Privileged Access Management (PAM) products stand as a crucial fortress in fortifying your company’s digital landscape. Functioning as a meticulous guardian, PAM offerings orchestrate the establishment of access protocols, meticulously determining who holds privileged access to critical data and the specific circumstances under which such […]

Best Automated Moving Target Defense (AMTD) Offerings

Ellie Buscemi

What is Automated Moving Target Defense and how does it work? Automated Moving Target Defense (AMTD) is a recent innovation in cybersecurity that focuses on flexibility, deception and attack prevention. AMTD has four main components: it provides proactive cyber defense mechanisms, contains automation to change the attack surface, utilizes deception technology and can execute preplanned […]

Third-Party Risk Management Solutions

Lara Oporto

What is Third-Party Risk Management? Third-Party Risk Management (TPRM) software assists organizations in managing risks associated with their relationships with suppliers, vendors and service providers. The products offer a range of features to automate and streamline various aspects of third-party risk management. They typically include tools for risk assessment, due diligence, contract management and ongoing […]

Best Industrial Internet of Things (IIoT) Platforms

Lara Oporto

Industrial Internet of Things (IIoT) offerings are technological solutions empowering businesses to connect, manage and analyze data from a multitude of devices and systems within industrial settings, such as manufacturing, energy, transportation, logistics and healthcare. What are Industrial Internet of Things (IIoT) platforms and how do they work? Industrial Internet of Things (IIoT) platforms are […]

The words Endpoint Detection and Response (EDR) on a green background with lines on the right side of the image

Best Endpoint Detection & Response Platforms

Lara Oporto

Endpoint Detection & Response platforms continuously monitor endpoints for signs of malicious activities, such as unauthorized access or unusual behavior, enabling rapid detection and response to potential cyber threats to safeguard organizational assets. What is Endpoint Detection and Response and how does it work? Endpoint Detection and Response (EDR) is a cornerstone in modern cybersecurity […]