Led by Cybersecurity Industry Veterans, Startup Redefines SaaS Application Security Space with Industry’s First App Sandbox
Canonic Security, a cybersecurity startup protecting SaaS business applications, today emerged from stealth with $6 million in seed funding from leading global investors including First Round Capital, Elron Ventures, SV Angel and Operator Partners. The company also unveiled the Canonic App Governance platform, powered by the industry’s first app sandbox. The commercially available platform redefines SaaS application security by allowing enterprises – for the first time ever – to simulate third-party apps and SaaS-native code behavior in its SaaS sandbox environment before granting access to organizations’ business applications. The investment accelerates the product’s go-to-market and development initiatives, which are already in full-force with over twenty deployments worldwide.
Canonic Security is led by cybersecurity industry veterans CEO Boris Gorin and CTO Niv Steingarten. Prior to Canonic Security, Gorin led the world’s first large scale SaaS threat detection operation from idea to adoption by thousands of enterprises while at Proofpoint. Niv Steingarten joined Canonic Security from OverOps, where he was co-founder and vice president of engineering, leading the design and development of one of the industry’s first Application Performance Analysis solutions. Canonic currently employs more than thirty professionals with many cyber researchers and engineers coming from leading security companies like PerimeterX, Sygnia and Proofpoint.
A recent Gartner survey of over 2,000 CIOs reveals the need for enterprises to embrace business composability in 2022. “Business composability is the mindset, technologies, and set of operating capabilities that enable organizations to innovate and adapt quickly to changing business needs. Business composability is an antidote to volatility,” said Monika Sinha, research vice president at Gartner. “Sixty-three percent of CIOs at organizations with high composability reported superior business performance compared with peers or competitors in the past year.”*
However, highly composable environments by design integrate business application components from third parties and citizen developers without ever requiring standardized vendor controls, further expanding the attack surface.
Security and IT teams are thus burdened with app vetting and approval processes, so that employees can introduce needed apps to existing IT approved business applications. GartnerⓇ experts Claude Mandy and Jie Zhang note in their October 2021 report Ten Cyber and IT Risk Fundamentals You Must Get Right,
“The increased concerns from stakeholders has led to increased scrutiny on cybersecurity from: Customers: The growing reliance on technology vendors and service providers to realize an organization’s strategic and operational objectives — and the steady expansion of industry and geographic regulatory requirements, as well as significant third- and fourth-party cybersecurity breaches — are forcing customers to focus their attention on their vendors. This increased scrutiny by customers is evidenced by the expansion of the IT Vendor Risk management market.״
Canonic automatically maps business applications’ interconnectivity, uncovering harmful, vulnerable, or overprivileged apps and integrations to reduce the risks involved with third-party API access.
“The SaaS ecosystem continues to grow, as organizations increasingly benefit from ease of access and interconnection. However, legacy CASB and SSPM technologies fail to adequately protect mission critical business applications,” said Boris Gorin, co-founder and CEO, Canonic Security. “We’re excited to launch Canonic Security out of stealth and unveil the industry’s first SaaS security platform to address SaaS-native threats.”
“The SaaS platforms used by today’s businesses can connect with upwards of thousands of micro-apps, all in increasingly complex ways. This has opened up a whole new frontier of security challenges,” said Josh Kopelman, founder and partner at First Round. “Canonic’s SaaS-native approach addresses these challenges head on by helping security teams continuously monitor, detect, and resolve the threats that every new integration and add-on can introduce.”
“We see great potential in automating SaaS application security, and helping organizations reduce their attack surface,” said Zohar Rozenberg (IDF Col. Ret.), former head of cyber division in the SIGINT 8200 unit and venture partner at Elron Ventures. “The team’s experience and unique approach strongly positions Canonic to disrupt the SaaS security market.”
The Canonic App Governance platform has already sandboxed tens of thousands of apps, protecting hundreds of thousands of users across several industries including leading healthcare, defense and software organizations.
For more such updates and perspectives around Digital Innovation, IoT, Data Infrastructure, AI & Cybersecurity, go to AI-Techpark.com.