VISO Trust, the industry’s first AI-based cybersecurity due diligence platform, announced today that it has raised $11 million in Series A funding led by Bain Capital Ventures, with additional participation from Work-Bench, Sierra Ventures, and Lytical Ventures. Mandiant CEO Kevin Mandia, Crowdstrike CEO George Kurtz, and former Splunk CEO Doug Merritt also participated in the round, and BCV Partner Enrique Salem will join VISO Trust’s Board of Directors.
VISO Trust is a third-party cyber risk management platform that leverages document heuristics, machine learning, and natural language processing to discover, classify, and assess relevant control language in artifacts that third parties already have, freeing risk and security teams from manual and mundane tasks like reading documents and analyzing spreadsheets. VISO Trust delivers the insights companies need to make good risk decisions and secure their third-party relationships with vendors and business and financial partners.
“In my career as a Chief Information Security Officer (CISO), I’ve learned that security and risk leaders want automated due diligence that can scale, not cumbersome survey mechanisms or dubious network scans,” said Paul Valente, CEO and co-founder of VISO Trust. “By bringing intelligence to the third-party security assessment process, risk teams can eliminate their manual and mundane tasks, like reading documents and analyzing spreadsheets, and get back to doing their intended job responsibility—solving security problems and informing business decisions to reduce risk.”
Today, more than 65% of security breaches occur because of third-party failures. Meanwhile, security analysts spend hours every day sending and processing third-party security questionnaires and simply can’t keep up with the rate at which their internal customers are bringing on new third parties. The urgency of this problem is exacerbated by the proliferation of SaaS products, and frustration with first-gen vendors that rely heavily on survey-based mechanisms or low-fidelity network scans.
VISO Trust was co-founded by former CISO Paul Valente (CEO) and veteran security and technology leader Russell Sherman (CTO). Both have lived on each side of this problem, previously managing thousands of third parties at highly regulated technology companies including LendingClub, Varo Money, and ASAPP, and spending years building security programs and software to support technology products in use by the Fortune 1000.
“When your security team is forced to analyze surveys and documents for hundreds or thousands or third parties, inevitably accuracy or speed will suffer,” said Sherman. “VISO Trust enables automated assessment in minutes, so security teams can deliver the accurate risk intelligence needed to make informed risk decisions when it matters the most—early in the procurement process.”
In under a year, VISO Trust has scaled rapidly among high-growth technology companies and Fortune 500 enterprises alike. Alexander Hughes, Director of Security, Trust, and Assurance at Cruise, credits VISO Trust with helping to secure Cruise’s extensive third-party population.
“VISO Trust has enabled us to move the needle on third-party risk at Cruise. We’ve been able to achieve unprecedented coverage of our third-party population and eliminated 90% of the effort required to assess third parties,” said Hughes. “The platform delivers everything we need to make qualified risk decisions about third parties; it is a brilliant solution that definitely beats any alternative option.”
The VISO Trust platform is ahead of the market in delivering an approach that is fully automated and easy for both vendors and customers alike, while delivering measurable efficiency gains to security teams.
“VISO Trust has enabled us to bring the security staff time per relationship down from more than 8 hours to only 30 minutes—for us that’s gold,” said James Nelson, VP of Information Security at Illumio.
Enrique Salem, Partner at Bain Capital Ventures, will join VISO Trust’s Board of Directors. Salem has a distinguished history in software and cybersecurity as the former CEO of Symantec, as well as serving as a current Board member at DocuSign, Mandiant, and Atlassian.
“Paul, Russ, and the VISO Trust team are addressing a deep and profound need in the world of information security, where I have spent nearly three decades of my career,” said Salem. “With the proliferation of data across SaaS, PaaS, and IaaS platforms, high accuracy third-party risk assessment that is easy to operationalize is more important than ever. VISO Trust has built a powerful and elegant solution to this problem.”