After fleeing Iran and an illustrious career in Israeli intelligence, Sanaz Yashar raises $30M for cyber startup
After fleeing Iran and an illustrious career in Israeli intelligence, Sanaz Yashar raises $30M for cyber startup
Zafran, founded in 2022 by Yashar (CEO), Ben Seri (CTO) and Snir Havdala (CPO), develops a risk and mitigation platform to pinpoint the ‘exploitable’ threats in the organization and to mitigate their risk by mobilizing existing security controls
Cybersecurity startup Zafran, which develops risk and mitigation solutions, announced on Thursday that it raised a $25 million Series A. The funding was led by Sequoia Capital and Cyberstarts, with participation from Cerca Partners and Penny Jar. Zafran also previously raised an undisclosed $5 million Seed round.
Founded in 2022 by Sanaz Yashar (CEO), Ben Seri (CTO) and Snir Havdala (CPO), the company developed a risk and mitigation platform to pinpoint the ‘exploitable’ threats in the organization and to mitigate their risk by mobilizing existing security controls.
Sanez, born in Tehran and immigrated to Israel in her youth, served for about 15 years in the IDF Intelligence Corps Unit 8200 and was discharged with the rank of major. She led cyber threat research and analysis groups at FireEye - Mandiant (acquired by Google) and took part in significant geopolitical investigations, including the investigation of the cyber attack on a central hospital in Israel, in which she collaborated with Snir and Ben.
Snir served for about a decade in Unit 8200, where he won the Israel Defense Award and the Chief of Staff's Technology award, and was discharged with the rank of major. Ben served in Unit 81 and also won the Israel Defense Award. Zafran currently employs about 40 people in Israel and the United States.
Sanez was considered a prodigy in Iran when she represented the country in the Chemistry Olympiad in her youth. At the age of 16, she published an article in the school newspaper criticizing the revolution. Her article led to threats against her family, forcing them to flee for fear of their lives.
Zafran’s platform connects to both vulnerability data and the organization’s security controls. It analyzes risk while taking into account controls’ efficacy as well as exploitability factors. The company’s Mitigation Knowledge-base designed to work seamlessly with EDR, firewalls, cloud tools, and more, enables organizations to conduct a comprehensive evaluation of their risk. Zafran Applicable Risk reflects whether vulnerabilities are exploitable or already mitigated by compensating controls, then proactively automates mitigations to eliminate the exploitation window.
"In an industry characterized by the perpetual race between attackers and defenders, the exploitation window has been consistently overlooked – and despite the inflation of security tools, organizations' risk assessments often fail to consider existing compensative security controls,” said Sanaz Yashar, Co-Founder and CEO of Zafran. “Zafran transforms risk mitigation by mobilizing security controls against evolving threats, bridging organizations’ security gaps and blind spots and mitigating risks at scale.”