Gem Security, a New York Tel Aviv company is developing a cloud-based threat detection investigation, and reaction (TDIR) platform that is emerging from stealth today and has announced the launch of an $11 million seed financing round that is led by Team8. The company will be able to support all the top cloud platforms such as AWS, Azure, Google Cloud, and Kubernetes, Gem Security promises to give security teams an integrated tool that will find all their cloud resources and provide immediate threat detection, as well as specific alerts to ensure they are safe through automation of the majority of cloud security processes.
The company was founded by its CEO Arie Zilberstein and CTO Ron Konigsberg and VP of Product Ofir Brukner. As with many Israeli security startup founders, the team was previously employed at the Israeli government’s Unit 8200, as well as in the cybersecurity company Sygnia. In Sygnia Zilberstein said that the team was aware that cloud attacks were becoming more prevalent and that cloud attacks were very difficult for security personnel to spot and stop.
“By the time that we had been brought in to help to the issues, it was usually too far too late,” the engineer said. “We recognized that the issues were due to the issue that the detection and response software for the cloud was not available. On the other endpoint, companies had specific technology for endpoint detection and responses that provided security teams with a robust platform for investigating and controlling. Clouds are no less complex than the endpoint however, the technology that was comparable wasn’t available. The cloud security tools were focused on security posture and attack prevention. This is crucial, however, SecOps teams were operating on their own when they were in danger.”
He pointed out that the majority of the available tools they saw on the market focused on prevention. It’s important, however, it’s not sufficient as the team thought and decided to concentrate on immediate protection and prevention. “We acknowledge that security breaches are inevitable, and security is inadequate, which is why we are bringing an “assume breach” method into the cloud. We consider this to be the next frontier in cloud security technology, and believe that other vendors will be following,” Zilberstein added. Zilberstein.
While cloud platforms offer security tools of their own but Gem Security is a different kind of security tool. Gem Security team believes that it’s able to provide an overall approach that is able to ingest information from a variety of different sources (think identities providers, codes repositories, and additional security instruments) and — perhaps more importantly, be more effective with multi-cloud systems.
The team also said that their service has the ability to create more accurate alarms for SecOps teams and minimize the noise of notifications that can be a distraction for modern security teams. “Our detection engine begins with our own cloud-specific library of methods, techniques, and processes (TTPs) which are informed by our experience in incident response as well as sources from both internal as well as external security study,” Zilberstein explained. “We apply cloud entity-specific behavioral analytics over these TTPs to automate tailoring detection to the specifics of a specific environment. Combining both TTPs with behavioral analytics is far more effective than each approach can be by itself.”
Although the company isn’t in a position to reveal any customers at this time the team says they are working with several companies currently that include Fortune 500 firms.
“Gem’s unique platform provides an innovative solution for dealing with the inevitable threats to cloud systems and is based on a simple automated and effective method that allows companies to recognize security events in the cloud in real-time, analyze the causes of these events based on the analysis of behavior and threat intelligence, respond rapidly, and facilitate the isolation of the threat. All of this is to reduce the impact of cloud-based security threats,” explained Nadav Zafrir the managing partner of Team8 Group and the former chief for Unit 8200. Unit 8200.
