AI agents are marching across the world of IT, and on Thursday a startup called Crogl is debuting its contribution to the field: an autonomous assistant that helps cybersecurity researchers analyze daily network alerts to find and fix security incidents.
The assistant — described by Crogl’s CEO and co-founder Monzy Merza as an “Iron Man suit” for researchers — has been in deployment already with a number of large enterprises and organizations. Alongside launching the product out of private beta today, the startup also said that it has raised $30 million in funding.
The funding is coming in two tranches: a $25 million Series A led by Menlo Ventures, and a $5 million seed led by Tola Capital. Albuquerque, New Mexico-based Crogl will use the capital to continue building its product and customer base.
Enterprises today have access to hundreds of security tools, including those that help parse and remediate alerts from security software. Sometimes it feels as if there are nearly as many tools as there are security alerts. Crogl, however, is a little different, in part because of who cooked up the idea in the first place.
Merza has a long and interesting background in the security industry. After university, he worked in security for the U.S. government’s Sandia atomic research lab, and later joined Splunk, where he built and led its security business. He then moved to Databricks to do the same.
When Merza started thinking of doing his own thing, instead of launching a startup, he chose to go back to industry, and took a job at HSBC to work among end users to understand pain points from their perspective. With all of that under his belt, he tapped former Splunk colleague David Dorsey (now Crogl’s CTO) and they got to work.
That was two years ago, and the last year has been spent building a customer base via a private beta.
As Merza explained it to me, “Crogl” is a portmanteau of three different other words and ideas: Cronus, the leader of the titans and the god of time, accounts for the first three letters of the name; the ‘g’ comes from gnosis, which means knowledge or awareness; and the ‘l’ at the end stands for logic. In a sense, all that encapsulates what the startup is setting out to do.
The crux of the problem, as Merza sees it, is that security analysts in operations teams typically can resolve, at maximum, around two dozen security alerts a day. But they might see as many as 4,500 in that same period.
The tools in the market so far, he thinks, are not capable of evaluating alerts as well as a human can, partly because they approach the problem in the wrong way.
He and Dorsey observed that security leaders typically like it when their teams see a lot of alerts — on the principle of reinforcement learning, it means they experience and understand more with each alert they triage.
Of course, that is untenable, and that is what has driven a lot of security product up to now. “The security industry has been telling people to reduce the number of alerts,” Merza said. “So what if you could have this scenario where every alert was actually a multiplier, and security teams became actually anti-fragile by having this ability to analyze whatever they want?”
That is effectively what Crogl attempts to address. Leaning into big data and the idea of the outsized parameters that drive large language models, the startup has built what Merza describes as a “knowledge engine” to power its platform (think “Large Security Model” here).
The platform not only flags suspicious activity, it also learns more about what signals might constitute suspicious activity. Critically, it allows researchers also to query, using natural language if they want, all alerts to pull out and understand trends.
Over time, there is potential for Crogl to take on more than just alerts — remediation is one obvious area it could tackle, noted Tim Tully, the partner at Menlo who led the investment.
Tully’s familiarity with Crogl’s founding team (which also includes founding member Brad Lovering, who had been the chief architect at Splunk) goes back years: He had been the CTO at Splunk overseeing all their work.
“I knew what they are capable of building. I know that they know the space well. And so it’s that, sort of like the hook in the mouth is just the team in of itself. And I think it’s pretty rare from the venture side that you have like, such experience,” Tully said.
He added that he’d missed the chance to invest in the company at the seed stage, and then kept hearing about the product and thought, “enough is enough.” He flew down to Albuquerque and saw a demo for himself, and that sealed the deal.
“It felt like the product was like a mapping of Monzy’s security brain in terms of how the problem was solved.”
Earth Sciences Minister Kiren Rijiju is reportedly upset with the French IT company Atos. Reason is said to be Read more
Bobby Kotick, the former head of Activision Blizzard, is reportedly considering buying TikTok, as the app could be banned Read more
Apple's Find My app has cost the city of Denver, US $3.76 million in compensation and damages. In 2022, Read more
If you have been planing to purchase a budget smartphone, then you can consider buying the Moto G54. Launched Read more