Application Security , Attack Surface Management , Next-Generation Technologies & Secure Development

Detectify Eyes AppSec Expansion After Insight Partners Buy

Deal to Drive Application Security, Attack Surface Management Fusion for Detectify
Detectify Eyes AppSec Expansion After Insight Partners Buy
Rickard Carlsson, co-founder and CEO, Detectify

Insight Partners purchased a majority stake in a Swedish vendor founded by a former McKinsey associate to unite application security and attack surface management capabilities.

See Also: The Power of Next-Generation SD-WAN with App-Defined Fabric

Detectify will use Insight's financial backing to become more specialized for application security users in key geographic markets and expand its real-time, payload-based security testing that doesn't rely on traditional, signature-based methods, said co-founder and CEO Rickard Carlsson. The Stockholm-based firm embraced AppSec-specific testing methods to boost vulnerability detection and cut false positives.

"The market climate has changed a bit, and the venture markets have also changed a lot, and I think this gives us a really good opportunity to have a bit more longer-term perspective in this market," Carlsson told Information Security Media Group.

Detectify, founded in 2013, employs 108 people and has raised $42 million in five rounds of outside funding, most recently getting $10 million in follow-on money from Insight Partners in September 2022. The company has been led since inception by Carlsson, who previously spent three-and-a-half years as a McKinsey associate in the management consulting behemoth's business technology office (see: Rapid7 Purchases Noetic for Better Attack Surface Management)

How Detectify Will Benefit From Insight's Ownership

Carlsson said he values Insight Partners for their deep cybersecurity knowledge and sees the firm as an ideal partner in a changing market setting. New York-based Insight has invested in 68 cybersecurity companies, including industry heavyweights Wiz, Armis, Checkmarx, Island, Recorded Future and SentinelOne, according to the company's website.

Insight's ownership will give Detectify more dry powder to target application security professionals with a product that combines attack surface management's focus on external risk with application security's focus on internal vulnerabilities, according to Carlsson. Detectify's payload-based testing methodologies are more dynamic, accurate and relevant for AppSec users than traditional signature-based tests.

"We started off as a pure AppSec player, we moved more into that attack surface thinking, and now the whole idea with this money is to merge those two sides into a really strong product targeting the needs of an AppSec person but with an attack surface mindset," Carlsson said.

Detectify's technology is differentiated from both broader vulnerability management solutions as well as narrower standalone attack surface management or application security tools because of its specializing testing capabilities, quality results and a focus on usability. Unlike broader vulnerability management offerings such as Tenable, Qualys or Rapid7, Detectify's platform is tailored to specific application security needs.

"We are a specialized tool because we don't try to cater to every user, because when you duplicate it to every user, you get lots of features that you don't have any use for," Carlsson said.

Detectify's Quest to Serve a Narrow Customer Persona Better

Detectify targets small-to-midsize enterprises in Northern Europe, the U.S. and the U.K., particularly those with significant digital business stakes, according to Carlsson. He said the company’s offerings are most suitable for sectors such as SaaS, consumer goods, media, financial services and public sector entities in Europe that have sufficient cybersecurity maturity to capitalize on Detectify's specialized approach.

"I think we have been a bit broad in the terms of customers that we've been approaching," Carlsson said. "I think we're actually going to be more narrow and more specialized. Instead of selling to the broader attack surface management market, we really want to get after the application security persona. We want to really target that market."

The transition to private equity ownership has oriented Detectify toward sustainable, profitable growth, according to Carlsson. He emphasized customer retention and market alignment as primary metrics for success, focusing on high engagement with application security professionals and refining Detectify's target audience to match the company's expertise.

"Are the customers staying with us?" Carlsson said. "So, it's about retention, and then it's about how well we are working toward our more narrow persona."


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.