Led by executives from Siemplify, a channel-friendly SOAR acquired by Google this year, Opus already has channel plans in place.
Today, Israeli-based Cloud Security Orchestration and Remediation startup Opus Security has come out of stealth, with $10 million in seed funding led by YL Ventures with participation from Tiger Global and a series of security executives and serial entrepreneurs. The company’s founders are Meny Har, the CEO and Or Gabay, the CTO, who were part of the founding team and leadership of SOAR pioneer Siemplify, which Google acquired early in 2022.
Cloud Security Orchestration and Remediation is a new approach to remediation in the cloud, which automates remediation processes as needed, and alleviates latency and reduces risk by providing teams with tried-and-tested playbooks based on extensive knowledge and best practices, and dramatically reducing the time from detection to remediation.
“The issue is not how do you detect. but how do you remediate,” Har said. “The old way was with SOAR companies like Siemplify. Now it is much more cloud-oriented. Today operational issues are misconfigurations on the cloud leading to breaches. MIsconfigurations are the key, not nation state attacks. SOC was a very centralized thing, but the world today is much different. Cloud experts might be engineers who are not even in the security team. The process needs to be changed beyond what a specific tool set will do.”
Today, Har explained the process as one in which security specialists use manual tools and methods to undertake hundreds of remediation processes, each with its own level of severity, owners, urgency and complexity
“Each of these are resolved by an engineer or DevOps because they own the issue,” he said. “With the growing number of detection sources, there needs to be a layer that becomes the operational plane that will drive down the risk. A layer that automates across the tools will reduce the risk.”
Opus’ solution has been to build a singular, overarching platform that connects existing cloud and security tools and relevant stakeholders, and orchestrates the entire response and remediation process across all organizational environments based easily deployed guidelines and playbooks.
“We have brought all the right people in from all the right places into a central platform,” Har said. “We own the process. We deliver the content, so the customer doesn’t have to do this, The customer thus gets value quickly from any SOC automation tool and does not have to build those processes out.”
Opus is aimed primarily at larger organizations, but not exclusively so.
“The need for greater simplicity in deployment is constant across the entire industry,” Har said. “Larger ones need to customize, and this is easy to customize. Yet I wouldn’t rule out its applicability to smaller organizations because an SOC typically goes through a service provider.”
While Opus is a startup, they already have channel plans.
“Siemplify was almost 100% channel,” Har stated. “We are a creating process part of it so we are a good complement to others. They can sell Prisma and sell us as a complement. We also see this as good for SIs, and very natural for tech vendors who have shown interest in partnering with us. These two groups will be key for us.”
The third group of partners for whom Har said this would be applicable is service providers.
“This area has been typically hard for service providers, as many don’t know their business and what something means,” Har said. “We provide the context to let them do that so they can offer more and better services without creating headaches for customers.”
Other investors in Opus Security include George Kurtz, co-founder, CEO and President of CrowdStrike; Udi Mokady, co-founder, Chairman and CEO of CyberArk; Dan Plastina, former Head of AWS Security Services; Oliver Friedrichs, co-founder and former CEO of Phantom Cyber, acquired by Splunk; and Alon Cohen, co-founder and former CTO of Siemplify.