From Stealth to Silk: Unveiling the Future of Security with $12.5 Million in Seed Funding

New York-based cybersecurity startup Silk Security has raised $12.5 million in seed funding to develop an integrated “find and fix” platform. The company aims to bridge the gap between security teams and development teams to enable faster and more efficient risk resolution. Silk Security consolidates alerts from multiple detection systems and performs automatic triaging based on threats to the customer’s environment and assets. It then generates a remediation priority scheme that is made available to the development team, with progress on the remediation plan automatically shared with the security team. The platform integrates with various threat detection solutions and collaboration tools and uses AI/ML technologies to analyze and enrich detection findings.

# Breaking Down Silos for Faster Risk Resolution

## Silk Security Aims to Consolidate Security and Development Teams

Silk Security, a New York-based cybersecurity startup, has secured $12.5 million in seed funding to develop an integrated platform that aims to break down the silos between security teams and development teams. The company, founded in 2022 by Yoav Nathaniel, Or Priel, and Bar Katz, aims to improve the speed and effectiveness of risk resolution within organizations by providing better integration and collaboration between these traditionally separate teams.

## Shorter Remediation Lag as a Key Goal

One of the main objectives of Silk Security‘s platform is to reduce the remediation lag that exists between security teams identifying risks and development teams addressing them. According to a report by HackerOne, aviation and aerospace companies had a median time to remediate of 148.3 days, while medical technology organizations took 73.9 days. During this period, organizations are at increased risk of potential attacks or breaches.

## Silk Security‘s Integrated ‘Find and Fix’ Platform

Silk Security‘s platform consolidates alerts from multiple detection systems and performs automatic triaging based on threats to the customer’s environment and assets. It also recognizes connected or overlapping threats and identifies the root cause of the problems. The platform generates a remediation priority scheme that is shared with the development team, along with specific remediation advice. The progress on the remediation plan is automatically made available to the security team, ensuring bi-directional information sharing and collaboration.

# The Technical Approach: AI/ML and Integration

## Silk Security‘s Agentless Approach for Data Collection

Silk Security uses an agentless approach to connect to the customer’s environment, including their CI/CD pipeline, cloud environment, detection tools, ITSM tools, user management, and workflow tools. This approach allows Silk Security to collect and analyze data without requiring additional software or agents to be installed on the customer’s infrastructure. By leveraging this approach, Silk Security can reduce the complexity and deployment overhead typically associated with integrating security solutions into existing environments.

## AI/ML Pipeline for Detection Findings

Using AI/ML technologies, Silk Security normalizes and consolidates the detection findings from various sources, focusing on identifying duplicates. The next step is context enrichment, which provides an asset-centric view of the findings. This view is generated from information provided by the security team, integration with threat intelligence feeds, and severity ratings from frameworks such as CVSS. This allows Silk Security to provide a likelihood-of-exploitability rating for each finding, helping organizations prioritize their remediation efforts effectively.

## Integration with Threat Detection Solutions and Collaboration Tools

Silk Security‘s platform integrates with best-of-breed threat detection solutions and collaboration tools to provide a seamless experience for customers. By integrating with these tools, Silk Security can streamline the process of consolidating alerts and sharing information between security and development teams. This integration ensures that security teams can monitor and gain visibility into the status of ongoing remediation efforts, enabling them to assess the overall security posture and identify areas of improvement.

# Editorial: Addressing the Human Factor in Cybersecurity

Silk Security‘s mission to bridge the gap between security and development teams is a step in the right direction for improving cybersecurity practices within organizations. It recognizes that effective risk resolution requires collaboration and communication between different teams, often with different mindsets and priorities.

The integration of security and development into a combined unit that efficiently finds and fixes threats can lead to significant improvements in the speed and effectiveness of risk resolution. By consolidating alerts, providing remediation priorities, and enabling bi-directional communication, Silk Security‘s platform offers a holistic approach that addresses the systemic issues that can hinder risk resolution.

However, it is crucial to acknowledge that technology alone cannot solve all cybersecurity challenges. The human factor remains a critical aspect of cybersecurity. Organizations must also invest in promoting a culture of cybersecurity awareness and responsible behavior among employees. This includes regular training, ongoing education, and a strong emphasis on the importance of cybersecurity in all aspects of the business.

# Advice for Organizations: Embrace Integration and Collaboration

As organizations continue to face evolving and sophisticated cyber threats, it is essential to prioritize integration and collaboration between security and development teams. Here are some key steps organizations can take to improve their risk resolution process:

## 1. Evaluate Your Existing Processes and Identify Gaps

Assess your current security and development processes to identify areas of inefficiency or silos that hinder effective risk resolution. Look for opportunities to streamline communication and collaboration between teams.

## 2. Invest in Integrated Solutions

Consider adopting integrated platforms and tools, such as Silk Security‘s ‘find and fix’ platform, that enable seamless integration between security and development teams. Look for solutions that provide automated triaging, remediation recommendations, and bi-directional communication to facilitate efficient risk resolution.

## 3. Foster a Culture of Collaboration and Awareness

Promote a culture of collaboration and awareness within your organization. Encourage open communication and knowledge sharing between security and development teams. Provide regular cybersecurity training and education to all employees to foster a sense of shared responsibility for protecting the organization’s assets.

## 4. Monitor and Measure Progress

Regularly monitor and measure the progress of your risk resolution efforts. Use metrics and key performance indicators (KPIs) to assess the effectiveness of your integrated processes and make improvements as needed.

By embracing integration and collaboration, organizations can enhance their cybersecurity posture, reduce the time to remediate risks, and better protect their assets and sensitive data.