Miggo Security, a Tel Aviv, Israel-based cybersecurity startup introducing an Application Detection and Response (ADR) platform, just announced the raise of $7.5m in seed funding. In conjunction with the funding, Daniel Shechter, CEO and co-founder of the company replied to our questions about the company, the funding, and future plans.
FinSMEs: Hi Daniel, can you tell us a bit more about yourself? What’s your background?
I’m Daniel Shechter and I co-founded Miggo Security. Before I started my journey as an entrepreneur, I worked at McKinsey to drive the success of other companies and organizations. Before that, my co-founder Itai and I served in the intelligence unit of the Israel Defense Forces together, where we worked on exceptional projects to bring new technology and innovation to the organization. Now, with Miggo, we’re bringing our combined expertise to resolve enterprise security’s biggest vulnerability: runtime AppSec.
FinSMEs: Let’s speak about Miggo. What is the market problem you want to solve? What is the real opportunity?
Today, applications make up 80% of cybersecurity targets for enterprises. In 2023 alone, we saw a rise in high-profile application attacks that went undetected by traditional tools, such as MOVEit, Microsoft SharePoint, Ivanti Gateway and GoAnywhere’s breaches. These attacks highlight critical AppSec blind spots of application behavior in runtime and how attackers are hedging their bets on this well-known, ongoing security gap.
Modern applications are constructed in a decentralized fashion, comprising various services that communicate based on mutual trust, often referred to as a “chain of trust.” Attackers have evolved beyond exploiting vulnerabilities; they now exploit the application’s inherent behavior by manipulating chains of trust. For instance, they can bypass authentication mechanisms by impersonating legitimate entities to gain unauthorized access. These tactics were evident in the major breaches of 2023, demonstrating the critical security gap plaguing today’s applications.
We realized that a new approach is in order to adequately defend against threats to the structure of modern applications. To be able to detect these kinds of malicious behaviors, it is paramount to see and understand the interactions between various application services. Such information–including the context required to sufficiently resolve any issues–only presents from within the application.
Building on the legacy of solutions like EDR and DDR, we realized that an ADR would be the perfect solution for this problem. ADR is a proactive approach to AppSec that continuously monitors transactions and behavior between distributed application services to detect and respond to cyberattacks. ADR fortifies applications against vulnerabilities with detection capabilities and in-application context to swiftly identify threats, as well as response protocols to contain and neutralize breaches.
FinSMEs: What are the features differentiating the product from competitors?
Miggo is the first tool to look inside the application while it’s running, understand it and spot when things are wrong. Miggo provides continuous in-application context to map the flows between application services, draws baseline behaviors and detects malicious activity. Its ability to deeply understand manipulations in real-time enables it to contain breaches most effectively while reducing impact on other users.
FinSMEs: You just raised a new funding round. Please, tell us more about it.
We raised a $7.5M seed round led by YL Ventures, with the participation of Cyber Club London, cybersecurity leaders from Elastic and Everon and former CISOs of Google, Zscaler and Nike. It’s an honor to have so many cybersecurity heavyweights on our side, and they’ve been incredible advisors throughout Miggo’s building process.
FinSMEs: Can you share some numbers and achievements for the business?
We just raised Miggo’s seed round a few months ago, but we’ve already secured quite a few customers. The first thing that excites them is the incredible live map we’ve built of all application components and their interactions. We’ve had security leaders look at it and find themselves shocked that certain services, that they were sure they’d discontinued, were still in use.
FinSMEs: What are your medium-term plans?
Miggo is on a mission to fundamentally change how enterprises address AppSec and handle sophisticated cyberattacks. AppSec has shifted so far left that it’s practically out of the hands of today’s enterprise security teams. Most of today’s AppSec products are dedicated to helping engineers write more secure code and, practically, most security implementations now entirely rely on developers. While these changes have significantly streamlined the AppSec process (and developers are doing an excellent job!), they’ve also diluted security’s control and response capabilities in any real-time capacity.
With Miggo, AppSec teams have tangible, practical means to oversee and control the entire application security process. Having invented Application Detection and Response, the plan is to get these teams on board with ADR and become a standard in the AppSec field.
FinSMEs
17/04/2024