Artificial Intelligence & Machine Learning , Governance & Risk Management , IT Risk Management

Safe Security Raises $50M to Bring ML to Risk Quantification

Generative AI Can Help Nontechnical Executives Better Understand Security Posture
Safe Security Raises $50M to Bring ML to Risk Quantification
Saket Modi, co-founder and CEO, Safe Security (Image: Safe Security)

A cyber risk quantification startup backed by ex-Cisco CEO John Chambers has raised $50 million to apply machine-learning technology and build more API adapters.

See Also: Close the Gapz in Your Security Strategy

The Silicon Valley-based company said the Series B funding will allow Safe Security to capitalize on generative artificial intelligence to help nontechnical leaders better understand their organizations security postures, said co-founder and CEO Saket Modi. Safe Security also plans to use the Sorensen Capital-led round to create a user experience that's comparable to consumer technology, Modi said.

"I think the whole problem of cybersecurity risk quantification and management is so fundamentally flawed," Modi said. "We would like to go ahead and really solve that and narrow that space and become the absolute No. 1 player."

Modi founded the company in 2012 during his final year of engineering school in India, hauled in $5 million of Series A funding from Chambers in 2017 and changed the company's name from Lucideus to Safe Security in February 2021 (see: Fortinet, VMware, Cisco Drive SD-WAN Gartner Magic Quadrant)

Putting Security Principles in Plain English

Embedding machine learning and generative AI into Safe Security's risk management platform will make the underlying information easier for nontechnical users to consume, Modi said. Once this happens, Safe Security's app will be able to answer questions in plain English about key areas of concern from a security perspective and how an organization's security posture compares to its peers.

Safe Security today relies on API signals from roughly 50 cyber vendors to determine an organization's real-time security posture as well as what actions they should take to bolster their protection, he said. By adding more integrations in the operational technology space, such as Claroty or Nozomi Networks, Safe Security will be better positioned to help manufacturing firms with risk quantification, Modi said.

"We would like to become the ERP of cybersecurity," Modi said. "What an ERP does very well is: It ingests a lot of data signals and makes sense out of it. And we're doing the same thing."

Many business-to-business products have a user experience that's suboptimal, and Modi would like to see Safe Security replicate the customer experience provided by business-to-consumer technology. Safe Security has up until now focused on functionality over form, but now that the company is bigger and better capitalized, Modi would like to see to see it allot more resources to user experience.

"We would like to become the ERP of cybersecurity."
– Saket Modi, co-founder and CEO, Safe Security

Safe Security is compatible with Google Chrome and laptops and has load times of 2 seconds, Modi said. To make Safe Security's technology more enterprise-ready, it should be compatible with all browsers and devices and have load times of no more than 1 second, he added.

"The experience has to be like when you go to Airbnb's website or PayPal or Google," Modi said. "I want that B2C experience for our B2B product."

Eschewing Long Questionnaires for Deep APIs

The company primarily serves customers in the financial services, retail, healthcare and service provider space with between $1 billion and $10 billion of annual sales. A typical client spends $125,000 with Safe Security each year, Modi said. Roughly 80% of Safe Security's revenue comes from the United States, while the United Kingdom, India and Australia each contribute just north of 5% in annual sales.

Safe Security primarily competes against other cyber risk quantification products such as RiskLens, Axio and Core Security, and Modi said his company's ability to provide both an outside-in and inside-out view of risk through API integrations rather than relying on extensive questionnaires sets it apart from the pack. Over the last two years, Safe Security has lost almost no competitive deals for which it was considered, he said.

From a metrics perspective, Safe Security enjoys 200% sales growth, a net retention rate of 131%, a gross retention rate of 96%, a net promoter score of 67 and just 8% employee attrition, Modi said. The company also tracks data tied to profitability such as gross margins, customer acquisition costs and the rule of 40 to ensure Safe Security isn't pursuing a financially unsustainable level of growth, he said.

"We're answering a fundamental need for CISOs who want to elevate from being compliance-led to actual business executives who can talk the language of the business and risk," Modi said. "That is the heart and soul of what Safe is meant for."

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.