As more organizations migrate their workloads to the cloud, the attack surface has grown to the point where security teams can’t keep up. In fact, 96% of security professionals report having insufficient security for at least some of their sensitive data in the cloud. 

However, cloud security provider Gem Security, which emerged from stealth today with $11 million in seed funding led by Team 8, is aiming to enhance security teams’ ability to detect cloud-based threats with Cloud Threat Detection, Investigation and Response (TDIR). 

Instead of offering a legacy approach to detection and response that focuses on on-premise environments, Gem Security’s platform gives security professionals the ability to automate detection, investigation, and response across AWS, Azure, Google Cloud and Kubernetes services. 

Automating the detection and response of cloud-based threats is an effective strategy because it enables understaffed and under-skilled security teams to proactively manage threats in hybrid and multicloud environments at scale. 

Grappling with cloud security visibility 

The funding comes as organizations continually fail to secure their cloud environments, with research finding that 40% of organizations have suffered a cloud-based breach. The reality is that the complexity and lack of transparency over hybrid and multicloud environments is leaving critical data exposed to threat actors. 

“We spoke with over 200 security leaders over the past several months, and they all talk about common pain points when it comes to security operations in the cloud era,” said Arie Zilberstein, cofounder and CEO of Gem Security. “First, they all lack centralized, real-time visibility — what’s happening right now and who did what?” 

Zilberstein continued: “Second, there’s a lack of confidence in cloud threat detection coverage — am I currently compromised? If I am, would I even know? Lastly, organizations indicate that it takes too long to respond in the cloud. Currently, response requires huge amounts of cloud domain expertise. This type of talent is in very short supply.”

Gem Security attempts to address these challenges by providing threat prevention and response as part of a single solution. 

For instance, through a cloud incident readiness dashboard, users can review their cloud risk posture, while benefiting from the support of cloud-native threat detection (based on TTPS and behavioral analytics) to identify live threats. 

Other capabilities such as automated root cause analysis help streamline incident investigations, while cloud-native quarantine capabilities help reduce the overall impact of potential breaches. 

The cloud security market: TDIR and CDR 

At a high level, Gem Security sits within the global cloud security market, which researchers estimate will grow from $33.13 billion in 2022 to $106.02 billion in 2029, representing a Compound Annual Growth Rate (CAGR) of 18.1%. 

Gem Security’s tool is part of a growing number aiming to provide cloud or data detection and response capabilities — answering the question of who has access to what data in the cloud and offering incident response to mitigate breaches. 

One significant competitor in the market is Obsidian Security, which offers a cloud detection and response solution with analytics designed to detect, investigate and respond to threats in the cloud. 

Obsidian Security’s solution can also detect vulnerabilities like unused privileges and misconfigurations. The organization also recently announced raising $90 million as part of a Series C funding round.  

Another competitor is Palo Alto Networks, whose Cortex XDR is an AI-driven cloud detection and response platform designed to identify and respond to threats across hybrid and multicloud environments. 

Cortex XDR delivers threat detection down to the container-level with behavioral analytics and machine learning (ML), and can conduct vulnerability assessments for cloud hosts. Palo Alto Networks recently announced rising fiscal fourth quarter revenue of $1.6 billion.

But, Zilberstein argues that Gem Security’s approach is unique from these other providers, combining preventative threat hunting with automated response options to contain threats as part of an “assume breach” mindset. 

“Almost all cloud security solutions today focus on “left of boom,” meaning they help you build your cloud securely and prevent breaches from happening in the first place — in effect, building taller walls around the cloud environment,” said Zilberstein. “This is excellent, but it isn’t enough. Gem brings the ‘assume breach’ approach into the cloud era, which is also known as ‘right of boom.'”