Serverless Security Company PureSec Raises $7 Million in Series A Funding

"We're on a mission to protect each and every serverless application out there," said Shaked Zin, CEO and co-founder of PureSec.

PureSec, a global provider of serverless security solutions that launched in 2016 and currently counts 12 employees, has announced its $7 million series A round. This new funding round brings PureSec’s capital raised to a total of $10 million. At the same time, PureSec has released a free-tier plan enabling organizations starting their adoption of serverless architectures to freely implement security early on.

Founded in 2016, PureSec was one of the first companies to identify the need for a unique security solution tailored for serverless applications. Following its $3

million seed round back in 2017, PureSec developed an end-to-end Serverless Security Platform enabling organizations to build secure serverless applications and protecting them in real-time.

“We’re on a mission to protect each and every serverless application out there,” said Shaked Zin, CEO and co-founder of PureSec. “Transitioning to serverless can reduce the future attack surface of your organization to a bare minimum. With the cloud provider‘s experts making sure your infrastructure is secure, and with the right Serverless Security Platform to protect the application layer, your serverless application could be the most secure application you’ve ever built.”

PureSec is an AWS Lambda security advanced technology partner and has also recently partnered with Microsoft as part of their exclusive Microsoft ScaleUp program.

Free-Tier Plan

This financing round is led by Square Peg Capital, with portfolio companies including Uber, Stripe and Fiverr, andparticipation from previous investors including TLV Partners (investor in Next Insurance and container security company Aqua) and Entrée Capital (Meerkat, Monday and Prospa). Following the current round, Square Peg Capital‘s Dan Krasnostein will join as a member of the PureSec board.

“PureSec is pioneering the serverless security industry and is poised to become the gold standard for securing serverless applications,” said Dan Krasnostein. “With many organizations adopting cloud-native serverless platforms, application security and visibility rank among the most critical hurdles for mass adoption. The PureSec team has accomplished impressive goals in 2018 – it positioned itself as the clear leader in serverless security, raising awareness and educating the industry about the security risks and challenges that organizations must consider when adopting serverless, it launched the world’s first Serverless Security Platform, acquired new customers, and forged strong partnerships with the leading serverless providers. Square Peg Capital looks forward to helping PureSec scale up its business and attain the next phase of growth.”

In addition, PureSec today announced the release of their free-tier plan enabling organizations to easily start the adoption of serverless architectures to freely implement security early on.

Early joiners of the free-tier-plan will also receive an exclusive advisory session from the serverless security professionals of the PureSec team, tailored to their specific serverless environment. The free-tier plan helps bridge the gap between developers and security professionals by providing a mutual language and a clear standard for securing serverless applications.

Serverless Computing Explained

Serverless computing is a cloud-computing execution model in which the cloud provider acts as the server, running code directly and dynamically managing the allocation of machine resources. Organizations would no longer have to worry about the infrastructure required to run their applications. The adoption of serverless platforms like AWS Lambda, Microsoft Azure Functions and Google Cloud Functions would be growing exponentially.

Organizations adopting serverless are still responsible for ensuring that application code doesn’t introduce application-layer vulnerabilities. However, traditional security protections would be unsuitable for serverless. Since organizations that use serverless architectures do not have access to the underlying infrastructure, they cannot deploy traditional security layers such as endpoint protection, host-based intrusion prevention, Web Application Firewalls, or RASP (runtime application self-protection) solutions.

A company like PureSec would solve these issues through its holistic approach to serverless security. The PureSec platform integrates into existing CI/CD process, providing static analysis of serverless code and cloud configurations, detecting misconfigurations and vulnerabilities while providing best-practices based mitigation. Applications deployed would benefit from the PureSec patent-pending runtime protection, empowering serverless functions to protect themselves, while providing visibility to the application behavior.