July 19, 2024
SafeBase taps AI to automate software security reviews

Entrepreneurs Al Yang and Adar Arnon met at Harvard Business School and quickly realized that they had an interest in common: cybersecurity.

“We’ve witnessed an evolving business climate that brought along with it an unprecedented need for improved security processes,” Arnon told TechCrunch. “Security’s importance has increased exponentially … [it’s] non-negotiable for technology buyers.”

Yang and Arnon decided to turn this interest into something more, so they started SafeBase, which was accepted into Y Combinator’s accelerator program during the pandemic.

SafeBase on Tuesday announced that it raised $33 million in a Series B round led by Touring Capital. The company helps customers fill out security questionnaires, which are reviews organizations normally kick off before buying a new piece of software. It’s a governance and compliance thing.

Security questionnaires can be painstaking, taking teams weeks to months to complete for more complex pieces of software. But Arnon makes the case that SafeBase can save time through automation — and AI.

SafeBase employs AI models “specifically trained on security documentation use cases” to read, interpret security information and questions and then automatically respond to security questionnaires. “[Our platform] takes the pain out of the cumbersome security review process by empowering security, governance, risk and compliance and revenue teams,” he said.


Image Credits: SafeBase

Being the cynic about AI I am, I asked Arnon about the accuracy of these models; AI is a notorious liar, after all. He claimed that it’s superior thanks to a “mix of large and small language models” that deliver “greater answer coverage.” Take that how you will.

Beyond the custom models, SafeBase provides an engine that allows a company to assign “rules-based behavior” for customer access, as well as dashboards that show insights and analytics on the company’s security posture.

SafeBase isn’t the only vendor out there offering tools to automate security questionnaires and reviews. Rivals include Conveyor, which recently raised $12.5 million; Kintent; and Quilt, which claims that it can also automate due diligence reviews in addition to security reviews.

Arnon didn’t seem too worried. Perhaps that’s because of SafeBase’s 700-company-strong customer roster, which includes Palantir, LinkedIn, Asana and Instacart.

“SafeBase saw massive growth in the past couple of years,” Arnon said. “Customers love the product and adoption continues to accelerate. The company benefits from increased visibility across its vendor network as more and more high-volume customers launch trust centers that replace the need for tens of thousands of manual security reviews.”

SafeBase, which is based in San Francisco, has 55 employees.

The company’s Series B had the participation of strategic investor Zoom Ventures (Zoom’s corporate venture arm), NEA, Y Combinator, Comcast Ventures and Cerca Partners as well as angels including former Salesforce chief trust officer Jim Alkove. It brings SafeBase’s total raised to over $50 million; Arnon says a significant portion will be put toward expanding the team.

Source link