Actually, they don’t. Because no security analyst has the time for that.
In 2015, as my co-founders and I pitted our wits against problems plaguing the security space, one fact kept rising above the caffeine-fueled haze – security analysts are overworked. There’s a visibility problem because alert volumes continue to rise, security product stacks continue to grow, and the threat landscape continues to expand. There’s also a response problem because security analysts are tough to hire and retain, leading to understaffed teams manually combing through data as the candles burn out. It’s a tough gig.
We jotted down a shoot-to-the-moon (SOAR-to-the-moon?) goal that day – that we would create a workbench for the security analyst where they could see all their data, put the data to action, and work together to resolve incidents at speed. Maybe it was the espresso.
Demisto was born that day. And today seems a lot like graduation.
Demisto just announced the closing of a $43 million Series C funding round led by Greylock Partners, bringing our total funding to $69 million. This latest investment highlights Demisto’s leadership in enabling security teams to automate incident response across disparate security environments. We’re excited to work closely with Sarah and the Greylock team as we jump headfirst into our next period of growth.
Demisto’s success so far owes itself to many people – including enthused employees and open-minded investors – but for us, the credit starts and stops at our end users. For the past two years, our community users and customers have been right by our side, validating what we got right and being forthright with what needed improvement. So please accept this hearty handshake (yes, even you in the back row) for your optimism, trust, and collaboration. Demisto’s adoption is reaching for the stars, and you’re the reason why.
What’s next? We aim to leverage investment funds to drive global go-to-market expansion and add product functionalities to move beyond traditional SOC use cases. We’ve already started expanding Demisto’s scope with the latest 4.0 release, introducing the Investigation Canvas for threat hunting execution and end-to-end AWS process automation for cloud security response.
Our core platform pillars remain the same, however, and have amazingly remained the same since those brainstorming sessions in 2015. Demisto's centerpieces are still security orchestration to coordinate actions across environments, incident management to oversee case progression, and interactive investigation to work on incidents together in real-time.
A workbench for the security analyst. Because, having seen security analysts in action, they could do with a relaxing drink or two at the bar.