Our Secondary Investment in Pentera: the 'One-Stop Shop' for Continuous Security Validation

By Cody Rader

As the frequency of cyber-attacks increase and businesses adopt more distributed workforces, the focus on cyber risk management has expanded beyond the purview of Chief Information Security Officers ("CISOs") to a much broader group of stakeholders who face indirect exposure to cyber risks (i.e. CEOs, boards, shareholders, regulatory bodies, cyber insurance providers, partners/vendors, etc.). These stakeholders expect enterprises to be able to assess their cyber risk at any given moment and quickly remediate their exposure to critical vulnerabilities. However, continuously validating security efficacy is becoming even more difficult against a growing attack surface.

Historically, there have been two main approaches to addressing this issue: manual penetration testing (“pen testing”) and the use of vulnerability management ("VM") scanners. Manual pen tests are time-intensive and cost-prohibitive to run more than once or twice a year, leaving enterprises with a lack of visibility between tests. On the other hand, VM scanners (such as Qualys and Tenable) run continuously but fail to provide the depth of prioritization required to focus remediation on the vulnerabilities that can be meaningfully exploited.

Our diligence suggests that continuous testing is one of the top priorities for organizations today and that the market is headed towards automated pen testing and security validation as the industry best practice.

“By 2026, organizations prioritizing their security investments via a continuous threat exposure management program will suffer two-thirds fewer breaches.” – Gartner, “Top Trends in Cybersecurity 2023”

In line with this thesis, we are excited to announce our recent secondary investment in Pentera, in which Delta-v provided partial liquidity to an early investor in the business.

Pentera is an Automated Security Validation (“ASV”) platform that provides enterprises with enhanced visibility across their entire attack surface and enables quicker detection, prioritization, and remediation of vulnerabilities. It empowers customers to proactively validate the effectiveness of their security tools and processes to prevent real-world attacks, strengthening their overall security posture as they iterate and improve.

Given that security budgets are facing increased scrutiny due to current market conditions, organizations are looking for a single, consolidated platform for continuous security validation. We believe that Pentera is uniquely positioned to be this ‘one-stop shop’ for two key reasons:

     (i) Pentera’s core product is a novel solution and difficult to replicate (automated,      continuous, inside-out pen testing of live environments with real attacks), and

     (ii) they have already incorporated modules with coverage of VM and External Attack Surface Management (“EASM”), with additional modules to come.

In contrast to other offerings, Pentera can operate in a live environment and does not require the installation of an agent on each device. This enables customers to quickly implement the solution and conduct comprehensive tests in a matter of hours, replacing the need for several headcount and hundreds of hours of work.

We are highly confident in Pentera’s experienced management team and are excited to witness their continued growth and success in the industry. Pentera is Delta-v’s 9th infrastructure software investment (i.e. cybersecurity or DevOps) and was led by Dan Williams, Connor Heard, and Cody Rader.