XM Cyber, a leader in breach and attack simulation (BAS) advanced cyber risk analytics and cloud security posture management, announced June 9 that it has closed a $17 million Series B funding round with Macquarie Capital, Nasdaq Ventures, Our Innovation Fund, and Swarth Group. The company has now raised a total of $49 million, from this current round as well as the previous Series A round, and a seed investment from Swarth Group.
XM Cyber will use the funding to grow its research and development department while expanding its sales and marketing presence worldwide. The company is also expanding its capabilities as a result of the recent growth in demand for its ability to simulate attacks against cloud-based resources. The company currently has customers across the US, Europe and Asia with a growing presence in Latin America. Customers include major financial institutions, government, manufacturing, telecommunications, and critical infrastructure.
"XM Cyber's evolution as a company has impressed us, and we believe that its solutions have become an increasing necessity for enterprises looking to improve their security posture," said Dan Phillips, Executive Director at Macquarie Capital. "We look forward to working with the XM Cyber team as it expands globally and continues to defeat the most sophisticated cyberthreats and attacks."
XM Cyber is advancing the security industry with patented products that enable enterprises to automatically and continuously test their security posture. By safely simulating attacks 24/7, XM Cyber exposes real-life security issues that arise from vulnerabilities, human error and misconfigurations. Additionally, recommendations to remediate issues are provided and prioritized based on importance and relation to the customer's most critical assets. By helping businesses to constantly improve their security posture, XM Cyber reduces costs and allows security teams to focus on the most critical issues, all while lowering exposure and risk.
"In an era where business has dramatically shifted to remote work due to the Covid-19 crisis, millions of endpoints are being introduced to corporate networks, significantly expanding the attack surface for cyber criminals and making XM Cyber more essential than ever," said XM Cyber CEO and co-founder Noam Erez. "The ability to secure significant funding during a global pandemic is a testament to our product and team. We are grateful to our investors for this vote of confidence and look forward to their continued support."
In December, XM Cyber introduced the first BAS solution that can simulate attacks on Amazon Web Services (AWS). The platform audits AWS configurations via AWS APIs and uses that information to calculate different attack vectors. By simulating attacks on an organization's AWS infrastructure, it is possible to find misconfigurations leading to risks such as IAM privileges escalations, access token theft or leveraging of the Cloud Instance Metadata API to pivot across the cloud.
The company has received several industry awards recognizing the innovation and effectiveness of its solutions, including being recognized as a Gartner "2020 Cool Vendor," a World Economic Forum "Technology Pioneer," and a SINET16 winner. XM Cyber's customers include leading financial institutions and critical infrastructure organizations across North America, Europe, Israel and Australia.
In response to the Covid-19 crisis, XM Cyber now offers an extended trial use of its products for large enterprises reacting to sudden changes in their network infrastructure. XM Cyber can be deployed remotely, executed remotely, and identify gaps in security almost immediately, making it essential in stopping hackers that take advantage of new network configurations.
"XM Cyber intends to change the way cyber security is viewed and managed as a result of a continuous cycle of measuring, prioritizing and improving overall cyber security posture," said Erez. "We help customers take a different view of their cyber security. We show them how a hacker can combine attacks, waiting for mistakes to happen that open up attack paths to their critical assets."