Reston, VA, February 28th, 2023 – trackd, the cybersecurity start-up automating vulnerability remediation without the fear of disruption, announced today it is emerging from stealth-mode behind $3.35MM in seed funding, and will bring its unprecedented approach to the cybersecurity community in 2023. trackd’s unified vulnerability and patch management platform leverages the collective experience of security and IT teams to automate vulnerability remediation without fear of disruption, the leading reason given by operators for slow patching. trackd’s seed round was led by Flybridge, with participation from Lerer Hippeau, SaaS Ventures, and Expa.
“Innovation in vulnerability management has been scarce over the past decade, and trackd is blowing up that narrative with a solution that we believe can have a material impact on remediation timeframes,” noted Geoff Gilton SVP, Technology at Service Credit Union, an early adopter and design partner. “We’re excited to be part of the process to bring this technology to the infosec community.”
As all software is written by humans, errors are inevitable. When these errors enable threat actors to gain access to sensitive or protected systems or data, they’re considered vulnerabilities. The errors are fixed by installing an updated version of the software with the error corrected, or a patch. Applying patches in a timely manner is critical to the overall cyber risk of an organization, but patching is easier said than done, primarily due to resource constraints driven by a fear of disruption, or the applied patch breaking essential network functionality.
“The dirty little secret in the vulnerability remediation community is that fear of disruption due to patching is largely a psychological remnant of the early days when patching broke things frequently, and, at times, catastrophically,” added Mike Starr, CEO and Founder of trackd. “Times have changed, and only a very small percentage of patches cause disruption, but that perception and fear is difficult to overcome, so trackd’s one-of-a-kind patching experience data at the heart of our platform is built to overcome what is, fundamentally, a human nature challenge.”
trackd’s patch management platform records the experience of all patches applied by its users, anonymizes that data, and makes it available in real-time to all other users. Thus, if a patch is disruptive, that information is now available to other vulnerability remediation teams applying the same patch, enabling them to plan accordingly. Conversely, if a patch is applied multiple times with no evidence of disruption, practitioners can leverage auto-patching to speed remediation with little to no impact on their finite resources.
“Until now, vulnerability remediation teams have been flying blind, and forced to make patching strategy decisions based on gut feel or, effectively, a dice roll,” added Stel Valavanis, CEO of onShore Security, another of trackd’s several early adopters. “trackd is providing the real-world, real-time patch experience data that not only simply doesn’t exist today, but will be invaluable to remediation teams starved for resources and under constant pressure to reduce their organizations’ vulnerability risk. We can’t wait to deploy this new solution.”
trackd was founded and is led by Mike Starr, an ex-NSA engineer and experienced startup leader, and comprises a team of experienced systems developers, security practitioners, and machine learning engineers.
“Mike has assembled a deeply technical team representing highly relevant, varied backgrounds — including founding open-source contributors and U.S. defense specialists,” said Isabelle Phelps, Partner at Lerer Hippeau. “trackd’s seasoned team is well-positioned to bring the visibility and automation sorely needed in the vulnerability management space.”
trackd is currently recruiting beta customers, and interested enterprises can join that program at trackd.com.
“Of all our investment criteria, perhaps the most influential and rarest to find is a founder with unique domain expertise that has developed a truly original and innovative solution,” offered Chip Hazard, General Partner at Flybridge, the lead investor in the seed round. “We saw that immediately in trackd’s approach to re-thinking the staid vulnerability remediation technology landscape. There is no more effective way for an organization to reduce its cyber risk than to patch vulnerabilities quickly, and trackd is making that easier-said-than-done prescription a practical reality.”
trackd is delivering a modern patch management platform with a twist. In addition to a robust suite of conventional patch management functionality from vulnerability correlation to one-click fixes, trackd collects patching experience data from patches applied using the platform, then anonymizes that data and shares it with all other users. The trackd platform unifies vulnerability and patch management and provides insight into how patches have affected systems previously, helping operators identify which patches might be disruptive when applied in their environment, and which are safe to designate for auto-patching.