When it comes to security, you can’t protect assets that you don’t see. Unfortunately, in an era of hybrid cloud adoption and remote working, shadow IT assets are all over the place, in the form of apps, IoT devices, and cloud instances.
These assets are all left vulnerable to threat actors, which is why many providers are seeking to streamline the discovery and management of these assets.
Last month, risk management provider Sepio announced it had raised $22 million as part of a series B funding round for its Asset Risk Management Platform, which provides security teams with the visibility to continuously manage known and unknown shadow assets, and assign them an Asset Risk Factor.
The new funding round brings Sepio’s total funding raised to $37 million and provides an approach to secure shadow IT assets that often slip under the radar of traditional security approaches.
Learn how to build, scale, and govern low-code programs in a straightforward way that creates success for all this November 9. Register for your free pass today.
Diving into the unknown
More and more enterprises are concerned with the risks caused by unsecured IT assets, with research showing that 75% of IT and IT security professionals in the U.S. agreeing that the use of cloud apps and services without the approval of IT is a serious security risk.
When looking to address this challenge, the first step enterprises need to take is to gain visibility over them.
“The most trustworthy source of asset risk is actual properties at the physical layer. Sepio’s hardware DNA technology discovers all managed, unmanaged, and hidden devices that are invisible to all other security tools,” said Yossi Appleboum, CEO of Sepio.
By discovering known and shadow assets, Sepio provides users the ability to monitor the security posture of these assets from a single location, using an Asset Risk Factor to identify security risks and address them before they can be exploited by an attacker.
“Sepio’s unique approach and algorithms automatically generate an accurate Asset DNA profile for every asset with automatically generated Asset Risk Factors based on contextual business, location, and rules,” Appleboum said.
Once these assets are discovered, they can then be monitored for vulnerabilities and misconfigurations that increase the risk of a data breach.
A look at IT asset management providers
Sepio is one of many providers in the IT asset management market, which researchers valued at $2319.7 million in 2021 and estimate it will reach $3381.4 million by 2028.
Armis provides a platform that enables security teams to discover IT assets and maintain an accurate asset inventory database. Users can scan devices to identify information including the manufacturer, model, IP, MAC address, OS, and username.
Another significant competitor in the market is Axonius. Axonius provides a cybersecurity asset management platform that creates an inventory of all IT assets, so security teams can identify misconfigurations and automatically apply security policies and custom response actions to secure them.
Earlier this year, Axonius closed a series E funding round with $200 million in funding and reached a $2.6 billion valuation.
According to Appleboum, the main differentiator between Sepio and competitors is
Its lack of reliance on behavioral factors. “Sepio’s technology is not influenced by behavioral perceptions that can deceive the most robust cyber tools or assumptions of the impact of behavior that can drown the most potent cyber operations.”
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.