Push Security Ltd. today disclosed that it has raised a $4 million seed funding round to help companies secure cloud applications deployed by their employees.

Decibel Partners led the round. It was joined by several other investors, including Duo Security Inc. co-founder Jon Oberheide and Haroon Meer, the founding chief executive of cybersecurity company Thinkst Applied Research Pty Ltd.

Many organizations require employees to receive approval from the information technology team before deploying a new cloud application. In practice, however, employees often sign up to cloud applications without consulting IT personnel, creating what’s sometimes known as “phantom IT.” A software-as-a-service product deployed without authorization can potentially contain cybersecurity flaws, which increases the risk of a data breach.

Push Security offers a software platform that helps companies secure cloud applications used by their employees. The platform consists of two main components: a browser extension and a chatbot.

A company can deploy Push Security’s browser extension on employees’ devices to map out what cloud applications are used throughout the organization. Push Security helps IT personnel determine if employees may be using cloud applications with insufficient cybersecurity features. In the process, the startup also detects a variety of other cybersecurity risks.

Push Security’s platform spots cases where employees use weak passwords or are reusing a password across multiple cloud applications. The platform also detects several related cybersecurity risks. Push Security can, for example, highlight when an employee isn’t using single-sign on, a security feature that enterprises often implement in applications to reduce the risk of a data breach. 

Many cloud applications provide the option to customize the interface by adding third-party extensions from third party software makers. Such extensions can potentially present a cybersecurity risk. Moreover, they’re often difficult to detect, which makes it challenging for IT personnel to find vulnerabilities.

Push Security’s platform detects cloud application extensions that may contain malware. It also spots cases where an extension isn’t malicious, but includes features that could potentially be used by hackers to gain access to sensitive business data. Push Security can determine if an extension has the ability to download business documents or modify a cloud application’s settings. 

As part of its platform, Push Security provides a chatbot that notifies employees of cybersecurity issues such as weak passwords. By helping employees address cybersecurity issues on a self-service basis, the chatbot can potentially save time for a company’s IT team.

“Employees want flexibility and they need the right tools to be productive, but those tools aren’t always company-approved,” said Push Security co-founder and CEO Adam Bateman. “We’ve built a lightweight, scalable way to let employees use SaaS responsibly, guiding them to actually fix security issues, while offloading work from security teams.” 

Push Security’s platform has reportedly been adopted by companies in multiple sectors, including financial technology, insurance, healthcare and retail. The startup will use the newly announced $4 million seed funding round to develop additional cybersecurity features. 

Image: Push Security