Why we invested in Paladin Cloud, protection for cloud-native services
The increasing complexity of enterprise cloud deployments, combined with a shortage of devops and security programmers, has created an enterprise computing environment that potentially leads to network problems and security vulnerabilities.
Most companies don’t have the staff and resources needed to ensure the integrity of complex cloud configurations. That’s where Paladin Cloud comes into the picture. The cyber policy management and runtime control platform provides automated governance, compliance, and remediation.
We invested in Paladin Cloud because it’s a case where the founders, who are intimately familiar with a complex issue that requires a lot of manual labor to address, have built an elegant solution to automate it at scale – and can offer it to an audience they know and understand. Samsung Next joined a $3.3 million seed financing round led by Okapi Venture Capital and Bowery Capital, with participation from SaaS Ventures, Touchdown Ventures, T-Mobile Ventures, and UST.
Paladin’s open source security-as-code management approach and platform are built for auto-discovery of all monitored cloud resources. Automated policy assessment provides visualization and metrics, prioritizing remediation and self-healing when required. Paladin uses an extensible policy management plane to holistically improve cloud security for developers and security teams. It can be deployed on all major cloud platforms, such as AWS, Microsoft Azure, and Google Cloud.
Co-Founders Daniel Deeney, CEO, and Steve Hull, CTO, launched the company to help businesses identify and eliminate misconfigurations and reduce security risks in their cloud environments. Daniel is a serial entrepreneur and former CEO of AetherPal Inc., a remote support solution that was acquired in 2019 by VMware. Steve is the original creator of the PacBot open source community, developed by T Mobile. PacBot served as the foundation for the enterprise-level Paladin platform.
Together, the two founders of Paladin have developed a platform that uses the power of open source to engage the developer community. The Paladin platform includes a modern security framework with an open architecture that connects to a wide variety of cloud-based enterprise systems. It can be used to monitor and manage Kubernetes, container scanning, API gateways, and threat intelligence.
We think Paladin’s “open core” go-to-market strategy is the right business model. The open source platform gives developers easy access to cloud management infrastructure and tools. Paladin’s paid features include policy and compliance auditing, finegrain K8S policy management, risk scoring, and advanced RBAC.
Paladin Cloud automatically identifies cloud misconfigurations and enables developers to identify blind spots in their cloud environments – resulting in more secure enterprise applications and data. A single pane of glass policy management dashboard provides visibility into cloud assets through real-time, continuous monitoring. This facilitates the ability to quickly identify and remediate security risks. For security teams, Paladin Cloud’s powerful visualization and compliance reporting capabilities provide actionable intelligence and context to help identify network events that require attention.
Paladin also provides hundreds of best practice security policies, as well as authoring capabilities for building custom policies and rules. The platform’s key features and functionality include self-healing auto-fixes and role-based access control (RBAC), which can be used for automated workflow and remediation.
Protecting cloud-based assets is a high priority for most enterprises. Paladin Cloud is changing the security paradigm for developers and security teams with its holistic approach. The market needs a policy management solution that works across multi-cloud and enterprise systems. Paladin’s cloud-native platform and plug-and-play solutions already have more than 100 corporate users, and we think the company will scale rapidly as demand grows for automated policy creation, management, and enforcement tools.
Royi Benyossef is an Investment Director at Samsung Next. Samsung Next's investment strategy is limited to its own views and does not reflect the vision or strategy of any other Samsung business unit, including, but not limited to, Samsung Electronics.