trackd, the cybersecurity start-up automating vulnerability remediation without the fear of disruption, announced that it is emerging from stealth-mode behind $3.35MM in seed funding, and will bring its approach to the cybersecurity community in 2023.
trackd’s unified vulnerability and patch management platform “leverages the collective experience of security and IT teams to automate vulnerability remediation without fear of disruption, the leading reason given by operators for slow patching.”
trackd’s seed round was “led by Flybridge, with participation from Lerer Hippeau, SaaS Ventures, and Expa.”
Geoff Gilton SVP, Technology at Service Credit Union, an early adopter and design partner, said:
“Innovation in vulnerability management has been scarce over the past decade, and trackd is blowing up that narrative with a solution that we believe can have a material impact on remediation timeframes. We’re excited to be part of the process to bring this technology to the infosec community.”
As all software is written by humans, errors are “inevitable.”
When these errors enable threat actors “to gain access to sensitive or protected systems or data, they’re considered vulnerabilities.”
The errors are “fixed by installing an updated version of the software with the error corrected, or a patch.”
Applying patches in a timely manner is critical “to the overall cyber risk of an organization, but patching is easier said than done, primarily due to resource constraints driven by a fear of disruption, or the applied patch breaking essential network functionality.”
Mike Starr, CEO and Founder of trackd, said:
“The dirty little secret in the vulnerability remediation community is that fear of disruption due to patching is largely a psychological remnant of the early days when patching broke things frequently, and, at times, catastrophically. Times have changed, and only a very small percentage of patches cause disruption, but that perception and fear is difficult to overcome, so trackd’s one-of-a-kind patching experience data at the heart of our platform is built to overcome what is, fundamentally, a human nature challenge.”
trackd’s patch management platform “records the experience of all patches applied by its users, anonymizes that data, and makes it available in real-time to all other users.”
Thus, if a patch is disruptive, that information is now “available to other vulnerability remediation teams applying the same patch, enabling them to plan accordingly.”
Conversely, if a patch is applied multiple times with no evidence of disruption, practitioners can “leverage auto-patching to speed remediation with little to no impact on their finite resources.”
Stel Valavanis, CEO of onShore Security, another of trackd’s several early adopters, said:
“Until now, vulnerability remediation teams have been flying blind, and forced to make patching strategy decisions based on gut feel or, effectively, a dice roll. trackd is providing the real-world, real-time patch experience data that not only simply doesn’t exist today, but will be invaluable to remediation teams starved for resources and under constant pressure to reduce their organizations’ vulnerability risk. We can’t wait to deploy this new solution.”
trackd was founded and is led by Mike Starr, “an ex-NSA engineer and experienced startup leader, and comprises a team of experienced systems developers, security practitioners, and machine learning engineers.”
Isabelle Phelps, Partner at Lerer Hippeau, said:
“Mike has assembled a deeply technical team representing highly relevant, varied backgrounds — including founding open-source contributors and U.S. defense specialists. trackd’s seasoned team is well-positioned to bring the visibility and automation sorely needed in the vulnerability management space.”
trackd is currently “recruiting beta customers, and interested enterprises can join that program at trackd.com.”
Chip Hazard, General Partner at Flybridge, the lead investor in the seed round, said:
“Of all our investment criteria, perhaps the most influential and rarest to find is a founder with unique domain expertise that has developed a truly original and innovative solution. We saw that immediately in trackd’s approach to re-thinking the staid vulnerability remediation technology landscape. There is no more effective way for an organization to reduce its cyber risk than to patch vulnerabilities quickly, and trackd is making that easier-said-than-done prescription a practical reality.”