28 May 2020

Built for whatever comes next

Jay Kaplan

We’ve all been through a lot. The health crisis isn’t just testing our national resolve, it will leave a lasting impact on how we live, travel, communicate and work. I’m certain we’ll rebound. But businesses will need to evolve and adapt. Many of the ways we rapidly changed in order to keep the economy going will become permanent fixtures in our daily lives at home and the (virtual) office.

I feel incredibly fortunate to help lead a cybersecurity company that was built to endure these kinds of unforeseen challenges. I couldn’t be prouder of how Synack’s employees adapted quickly, demonstrated ingenuity and creativity since stay-at-home orders first took effect in March. The incredibly talented ethical hackers who are members of the Synack Red Team have worked tirelessly to defend organizations and industries working on the frontlines of the crisis. They’ve played a vital role in protecting the COVID-19 relief effort. 

The crisis has once again proven that cybersecurity remains paramount. But it has also shown that cybersecurity needs to evolve to fully embrace remote testing and take advantage of a globally distributed network of the world’s best ethical hackers. 

The old model that relied on on-site security consultants is no longer the only viable approach. Crowdsourced security testing is the only way to ensure fast and reliable testing at scale and to quickly bridge the cybersecurity talent gap. Synack built the platform to achieve those goals. We’re working hard to bring that approach to as many organizations as possible.

We’re better positioned than ever to fulfill that mission. We recently announced a $52 million Series D funding round that will help us advance our crowdsourced security testing platform so all types of organizations can utilize the skills of more than 1,500 active ethical hackers working from 82 countries.

The investment brings total funding in Synack to $112.5 million, making us the most well-funded crowdsourced security company on the market. When we launched in 2013, we set out to leverage the best cybersecurity talent in the world to upend the penetration testing market with a smarter, faster and a more efficient crowdsourced approach. We did it. Crowdsourced security testing is now an industry best practice and I’m so proud that our approach has become synonymous with uncompromising quality and integrity.

Now the company is poised to enter an exciting new phase. Our newest investors, B Capital Group and C5 Capital, will become invaluable partners and work with us to expand our offerings and reach. They’ll be resources to help with business operations, development and talent management as we look to build new products, improve existing ones, invest in our Synack Red Team ethical hacker community and foster new relationships in Europe, the Middle East and Asia. 

Rashmi Gopinath, who led the investment for B Capital Group, is well acquainted with Synack. When she was managing director at Microsoft’s venture fund M12, she led their Series C investment in Synack. I’m humbled by her commitment to our future and I’m excited to continue working with one of the sharpest investors in the business. 

I’m equally excited to be working with William Kilmer and his team at C5 Capital, a firm that’s passionate about investing in cybersecurity businesses that can confront a growing and persistent global problem. They have deep connections overseas, within government agencies and the intelligence community and see the power in Synack’s approach to helping solve the global cybersecurity workforce shortage.

These investors understand the complexities of the current business market and realize that we’re uniquely positioned to drive much-needed change in the industry. 

Here’s why our approach matters so much right now:

  • Ever since Dr. Mark Kuhr, Synack’s CTO, and I cofounded this company in 2013, we’ve sought to recruit the world’s best hackers. That commitment continues today and their skills have been invaluable during the COVID-19 recovery period as they’ve worked with frontline organizations to harden response-related applications. Without those skills and the crowdsourced platform, many organizations may not have been able to deploy secure and tested applications. The traditional method of penetration testing was not built for a remote working environment. Our crowdsourced platform was designed for it.
  • It’s more important than ever before for organizations to have a reliable and trustworthy partner to perform penetration testing. We put a premium on discretion and privacy. That’s why we’ve partnered with organizations such as the Department of Defense, some of the largest Global 2000 companies and other branches and agencies of the U.S. Government. Our customers include those from financial services, banking, healthcare, education, retail, entertainment, technology and manufacturing industries, and we are the only platform in the business to put their privacy first.
  • Election security needs the crowd, too. After Russia interfered in the 2016 election, we saw an immediate and urgent need for states and counties to defend their election systems and launched our pro bono Secure the Election project. Through this effort, election officials will be able to deploy the ethical hackers on the Synack platform to help harden their voter registration systems against attack and help safeguard the democrtatic process especially critical when the future of physical polling places are called into question. 
  • Criminal hackers were quick to take advantage of the COVID-19 pandemic. Attacks increased and became more sophisticated. Thankfully the hackers on our platform played a big part in helping organizations defend themselves. The Synack Red Team discovered 250 percent more vulnerabilities in March compared to the same time last year and their hacking work has increased by 70 percent, due to new vulnerabilities surfacing from work-from-home changes and also a growth in our business. 
  • Trust will continue to be essential for all businesses. Organizations that performed testing on the Synack platform were 200 percent more resistant to cyberattacks, leaving them less susceptible to data breaches that will quickly destroy consumer confidence. That’s why we developed the Attacker Resistance Score, and further enhanced it earlier this year, to show organizations how vulnerable they really are to attacks and to quantify the value of crowdsourced pen testing. I truly believe ARS will become an industry standard for how companies eventually evaluate their security. 
  • We can find even more vulnerabilities, thanks to our smart technology and innovative culture. In 2019, our SRT community delivered more than 40,000 security findings for our customers. Synack’s automated SmartScan technology, launched last year to great success, discovered an additional 2.4 million suspected vulnerabilities. We are committed to continued innovation and to launch even more efforts like Missions that benefit our customers as well as the security researchers we are so fortunate to have working with us to make technology safer for everyone. We will continue to ensure ethical hackers can thrive on the Synack platform and are rewarded for the important work they do every day.
  • We are committed to continued innovation and to launch even more efforts like Missions that benefit our customers as well as the security researchers we’re so fortunate to have working with us to make technology safer for everyone. We will continue to ensure ethical hackers can thrive on the Synack platform and are rewarded for the important work they do every day.

Synack has come a long way since Mark and I founded the company, but we still have a lot more work ahead of us to continue innovating and evolving to help customers globally defend themselves against cyberattacks. Thankfully we have the support of smart and dedicated investors, an amazing group of employees and the world’s best ethical hackers working alongside us. 

— Jay Kaplan, CEO