Backslash Security Emerges from Stealth
March 22, 2023

Backslash Security, a new cloud-native application security solution for enterprise AppSec teams, emerged from stealth, announcing an $8 million round led by StageOne Ventures, First Rays Venture Partners, D. E. Shaw & Co. and a roster of security veterans as angel investors, including technology entrepreneur and investor Shlomo Kramer, Ron Zoran (former CRO at CyberArk) and Brian Fielder (General Manager and CTO Enterprise Security at Microsoft), among others.

Backslash provides unified code and cloud-native security by correlating cloud context to code risk, bolstered by automated threat modeling, code risk prioritization and simplified remediation across applications and teams. With Backslash, enterprise AppSec teams can now see, prioritize and easily act upon high-risk code combinations, called “toxic code flows,” in their cloud-native applications.

“AppSec teams are stuck with a decades-old paradigm of noisy vulnerability scanners, while cloud security teams have been enjoying modern, visual ways to zero in on and secure cloud infrastructure risks and vulnerabilities,” said Shahar Man, co-founder and CEO of Backslash. “Backslash is here to uplevel the cloud-native security game for AppSec professionals by capturing the full context of cloud-native application security risk – because soon enough, most applications will run on cloud, and application security will be what matters most. The Backslash team is honored to have the support of renowned cybersecurity entrepreneurs and investors to help us achieve our vision.”

"Backslash's approach to Application Security stands out as a game changer," said Yuval Cohen, founder and managing partner at StageOne Ventures. "Their unique solution offers contextual code risk visibility and visually maps the cloud-native application posture, providing unparalleled insight into security risks. We firmly believe that this innovative technology will have a significant impact on the industry."

“AppSec teams are struggling as companies rapidly shift to cloud-based deployment environments because the traditional solutions just aren’t keeping up,” said Brian Fielder, General Manager, CTO Enterprise Security at Microsoft. “The Backslash team has built a truly cloud-native approach to application security, bringing a new, visual, lightweight paradigm to the AppSec industry."

Backslash was specifically designed to address the persistent, time-consuming and manual ways of discovering and mapping application code risks, and the cloud-native context gaps left unaddressed by previous generation, noisy SAST tools. The company was founded by industry veterans Shahar Man, formerly Vice President at Aqua Security and SAP, and Yossi Pik, formerly Co-founder and CTO of FARMIGO (acquired by GrubMarket) and Vice President at SAP. Backed by extensive cloud-native application expertise and experience across cloud/ serverless and microservices, the Backslash Cloud-Native Application Security solution provides AppSec teams with security insights and business context to the code risk, while tracking the security posture of different applications and teams involved.

“There can be friction between developers and security teams because traditional application security methods are disruptive to cloud-native development. Developers need an accurate way to efficiently identify and fix code issues in their workflows, without being overwhelmed by alerts or false positives, while security needs a scalable way to manage risk,” said Melinda Marks, senior analyst at Enterprise Strategy Group. “Backslash has developed a solution to address this gap utilizing the properties of the stack and modern development environments to give security teams the context they need to support development as it scales.”

Through unified visual mapping of threat models and application posture, AppSec teams can quickly prioritize code risks based on the relevant cloud context, reducing false positives, alerts and fatigue; and they can significantly cut MTTR (mean time to recovery) by enabling developers with the evidence they need to take ownership of the process. Specifically, the Cloud-Native Application Security solution brings the following capabilities to enterprise AppSec teams:

- Contextual visibility: Empowers AppSecs teams with the automatic discovery and mapping of cloud-native application code and its dependencies via contextual visual dashboards, without the need to read or understand the underlying code

- Automatic threat model visualization: Automatically maps and serves up a preferred threat model

- Automatic high-risk code prioritization, informed by application cloud posture in production

- Quick-fix remediation: Simplifies vulnerability and risk remediation with intelligently automated risk identification

- Scale by policy alignment: Frees up AppSec teams to set and enforce the optimal cloud-native security policies while significantly cutting the time and resources needed to chase code issues

Share this

Industry News

June 01, 2023

Couchbase announced a broad range of enhancements to its Database-as-a-Service Couchbase Capella™.

June 01, 2023

Remote.It release of Docker Network Jumpbox to enable zero trust container access for Remote.It users.

June 01, 2023

Platformatic launched a suite of new enterprise-grade products that can be self-hosted on-prem, in a private cloud, or on Platformatic’s managed cloud service:

May 31, 2023

Parasoft announced the release of C/C++test 2023.1 with complete support of MISRA C 2023 and MISRA C 2012 with Amendment 4.

May 31, 2023

Rezilion announced the release of its new Smart Fix feature in the Rezilion platform, which offers critical guidance so users can understand the most strategic, not just the most recent, upgrade to fix vulnerable components.

May 31, 2023

Zesty has partnered with skyPurple Cloud, the public cloud operations specialists for enterprises.

With Zesty, skyPurple Cloud's customers have already reduced their average monthly EC2 Linux On-Demand costs by 44% on AWS.

May 30, 2023

Red Hat announced Red Hat Trusted Software Supply Chain, a solution that enhances resilience to software supply chain vulnerabilities.

May 30, 2023

Mirantis announced Lens Control Center, to enable large businesses to centrally manage Lens Pro deployments by standardizing configurations, consolidating billing, and enabling control over outbound network connections for greater security.

May 25, 2023

Red Hat announced new capabilities for Red Hat OpenShift AI.

May 25, 2023

Pipedrive announced the launch of Developer Hub, a centralized online app development platform for technology partners and developers.

May 25, 2023

Delinea announced the latest version of Cloud Suite, part of its Server PAM solution, which provides privileged access to and authorization for servers.

May 24, 2023

Red Hat announced Red Hat Service Interconnect, simplifying application connectivity and security across platforms, clusters and clouds.

May 24, 2023

Teleport announced Teleport 13, the latest version of its Teleport Access Platform to enhance security and reduce operational overhead for DevOps teams responsible for securing cloud infrastructure.

May 24, 2023

Kasten by Veeam announced the release of its new Kasten K10 V6.0 Kubernetes data protection platform.

May 23, 2023

Red Hat announced Red Hat Developer Hub, an enterprise-grade, unified and open portal designed to streamline the development process through a supported and opinionated framework.