Valence’s solution is unique in the market because of its focus on the non-human element driving interconnectivity between business applications, and they expect to begin building out a channel in early 2022.
Israeli-based startup Valence, which provides visibility based on zero trust principles to what they call the Business Application Mesh, has announced a $7 million seed funding round. This Mesh is comprised of SaaS applications and marketplaces, direct APIs and automated workflow platforms, while identifying and mitigating associated risks and enforcing policy controls.
Other, larger companies like VMware and Palo Alto Networks have announced solutions that do similar things this fall, but Yoni Shohet, Valence’s CEO, and one of its two co-founders with CTO Shlomi Matichin, said that other solutions in the marketplace, including the newer ones, are fundamentally different from themselves.
“Companies have typically applied Zero Trust principles for proprietary APIs, and their API security is very focused on the proprietary solutions of those companies, not others or ones that you purchase from a third-party vendor,” Shohet said. “They are also focused on how the human user gains access rather than protect application to application – non human – elements. The CASB classic use case makes sure a human gains the right access to a corporate application. If you have two applications in the cloud communicating directly, you can’t use traditional controls for humans like multi-factor authentication. In most of our deployments, we were surprised to learn there are hundreds of vendors with M2M programmatic access that the security team just don’t know about.
“Our thesis is that you need to connect them all together, and so you need those application-to-application communications,” Shohet said. “Our emphasis is system to system – machine to machine – and with a focus on protecting applications that come from third party vendors as opposed to those you build yourself. We check everything under the hood to understand what access is being granted, to provide actionable insights, and allow us to monitor continuously for potential unauthorized usage.”
Valence focused on large enterprises in their proof-of-concept stage, but Shohet suspects they will find a wider audience as they open the Go-to-Market up.
“We would be happy to find out that its much broader than large enterprises,” he said. “Today everyone wants to be a tech company and undergo digital transformation, and that involves moving to the cloud and creating as many automated processes as possible. We see a wide range of customers, up to the Fortune 50 that have already undergone digital transformation. The minimal requirement necessary is to focus on digital transformation, but these days most companies are doing that.”
Because larger companies and their platforms are already in this market, and Valence’s potential customers already have large investments in them, Shohet said that the company is emphasizing the ability of their solution to operate seamlessly with these platforms.
“We have the room to become a platform play ourselves, because this is an unsolved issue which is a significant pain point,” he indicated. “But because we are a new company, we need to play nice with the ecosystem. We want them to leverage us, plug us within it and make sure it plugs in to their existing ecosystems. We don’t need to invent the wheel there. We are designed to play nice with larger platforms.”
While Valence sold direct in its proof-of-concept stage, Shohet said the plan is to shift the focus to channels in early 2022.
“Channels have a lot of benefits, and will be critical because of their trust and activity with customers,” he indicated. “Being able to leverage the integration that customers have and collaborate with them is significant as a force multiplier in the market.”
Shohet said this should appeal to a variety of partner types, including VARs with specialized security skills, systems integrators, and consulting security and audit companies.
“It provides an easy way to do mapping for different types of engagements, including those focused on services,” he noted. “We are encouraging partners to engage with us as soon as possible.”
The seed funding round was financed by YL Ventures, Stonemill Ventures, and STLCIG, as well as tech industry veterans. These included: Phil Venables, former CISO at Goldman Sachs; Justin Somaini, CSO at Unity Technologies; Karl Mattson, former CISO at PennyMac; Maarten Van Horenbeeck, CISO at Zendesk; Michael Sutton, former CISO at Zscaler; Shay Banon, co-founder and CEO at Elastic, and Benny Schnaider, co-founder and Chairman at Salto.