Want to know how cyber attackers will target your organisation’s IT systems and networks? The best person to ask could well be someone who has spent their professional life launching such attacks. Enter Anand Prakash, the co-founder and CEO of PingSafe, a Singapore-based business which is today announcing a $3.3 million seed funding round.
Prakash has spent much of the past 10 years working as a “white hat” hacker – a hacker paid to try to infiltrate organisations’ cyber defences in order to test them for vulnerabilities. “I started in college when I heard about a friend who was paid to find bugs in Facebook’s systems, which sounded like fun,” he recalls. “Within a couple of years, I was one of Facebook’s top-ranked bug hunters, and I was also working for companies such as Uber and Twitter.”
Even the largest and most technology-savvy businesses have weaknesses they don’t know about, says Prakash who set up PingSafe with co-founder Nishant Mittal. He points to a bug at Facebook that would have enabled him to access multiple user accounts, and a flaw at Uber that could have meant him never paying for a ride again. “I could see a very clear gap in the market,” Prakash adds. “These firms were taking cyber security very seriously but people were still finding issues.”
In particular, Prakash points to the growth of cloud computing, now the default option for organisations as they build out IT infrastructure, as driving vulnerabilities. Cloud deployments give everyone in the organisation freedom to change its IT systems and extend its footprint – through software-as-a-service subscriptions, for example. That makes it much harder to put robust cyber security protections in place.
PingSafe has therefore been set up as a cloud-native application protection platform – a CNAPP in the industry jargon – with Prakash billing the company as “the first to try to solve this problem with an offensive approach”. Through its platform, PingSafe targets customers’ systems using the tactics and strategies employed by hackers, searching for weaknesses that a bad actor could exploit. Once these vulnerabilities are exposed PingSafe advises the client on how to fix them. The testing then continues in real time, with PingSafe constantly updating its attack methods in line with intelligence from the hacker community.
“Every organisation is at risk because of cloud misconfigurations, but other security solutions won’t necessarily pick them up,” Prakash adds. “Our platform can sit alongside the other cyber security products that the organisation is using.”
Prakash’s reputation in the white hat community gave the business a headstart, with PingSafe launching in March 2022 with 10 early adopter clients. Revenues have grown 10 times since then, with the company now working with more than 60 enterprise customers. “These are cloud native companies for whom security is absolutely critical,” Prakash adds.
Strong testimonials from clients have helped with growth. “PingSafe’s CNAPP platform is significantly less noisy and its alerts are more actionable as compared to alternatives,” says Daniel Wong, chief information security officer at technology business Skyflow. Hari Palappetty, vice president of engineering at technology business Near Intelligence points to “its capability to provide proof of exploitability” as a key feature.
Investors have also take a keen interest in the business, pointing to the potential for rapid growth in the cloud security sector. Research from Market and Market estimates that the CNAPP industry was worth around $8 billion last year, but forecasts 20% annual growth in the years to come.
PingSafe’s seed round sees it pick up external investment for the first time. The round was led by Sequoia Capital India & Southeast Asia’s Surge scale-up program, with participation from a number of prominent angel investors.
One of those angels, Rahul Chari, the co-founder of PhonePe, says: “As organisations grow and scale applications in the cloud, holistic cloud security management is critical to ensure resilience against threats and breaches – PingSafe’s team is highly motivated and has the right market experience to make PingSafe a leader in this space.”
The funding is earmarked for further investment in PingSafe’s product development, but the company is also investing in an increased presence in the US, with Prakash due to relocate there shortly.