How Mitiga Helps Companies Avoid An Incident Crisis

By Amit Chowdhry ● Mar 16, 2023
  • Mitiga is a rapidly growing cloud and SaaS incident response company. This is the story behind Mitiga.

Mitiga is a cloud and SaaS incident response company that recently completed a Series A round of funding, which brought its total funding to $45 million. The Series A round of funding was led by ClearSky Security with participation from Samsung Next and existing investors Blackstone, Atlantic Bridge, and DNX. To learn more about the company, Pulse 2.0 interviewed Mitiga co-founder and CEO Tal Mozes.

Tal Mozes

Tal Mozes’ Background

Tal Mozes is an Israeli who used to live in the UK and then joined the army at the age of 18 (infantries). Then Mozes started his own company at the age of 25, developing apps for mobile phones.

After selling his first company, Mozes worked as a security consultant and built another company called Hacktics, which specializes in application security penetration tests and red-team services. At Hacktics, Mozes worked with two co-founders. Ofer Maor was our CTO and he is also one of the co-founders of Mitiga. That team sold Hacktics to EY where Mozes took on a leadership role in their cyber business.

During his time at EY, Mozes became a partner in charge of cybersecurity, serving the AMERICAS markets. And after about five and half years, the global leadership asked Mozes to relocate to EMEA to expand our capabilities in that market.

After that, Mozes and Moar created another company focused on automating application security for developers. It was based on a new technology that Ofer developed: Interactive Application Security Testing (IAST). That company was sold to Synopsys.

How did the idea for Mitiga come together?

As a partner in EY, Mozes had the opportunity to participate in several of the world’s most famous breaches as well as some notable (but less public ones). “And every time, these incidents required a lot of working hands and took several months to acquire data for investigation—and even then, crucial information was often missing,” said Mozes. “Typically, it took companies several months to get answers or partial answers as to what had happened, what the exact impact of the breach was, and what they would need to do to recover. I also saw that when it comes to the cloud, there is a huge skills gap and not much knowledge on how to conduct cloud incident response.”

So Mozes decided to make an impact on the incident response world by shortening the response time dramatically. By building a proactive approach and automating incident response, it reduced the resolution time from weeks to just a few hours. First Mozes spoke with Ariel Parnes (co-founder and COO) about the idea and he loved the idea of turning art into engineering. Then they called Ofer Maor, who already started thinking of several possible solutions.

What are Mitiga’s core products?

Mitiga enables today’s cloud- and SaaS-driven companies with advanced technology and expert cloud incident response—so that an incident never becomes a crisis. Our primary product is IR2, the Cloud Incident Response Platform. IR2 provides a single source for instant, breach-related insights, and investigation orchestration. It’s an expert-enabled solution for cloud and SaaS IR (Incident Response) that blends leading-edge technology with support from Mitiga’s specialized team of responders.

The platform continuously gathers elusive cloud and SaaS telemetry into a single source of truth for investigations. Plus, it provides ongoing automated threat hunting across cloud and SaaS environments.

As the company began to launch, the team started by learning from the ground up: What are the customer needs? How do the different cloud environments look? Then they studied the use of SaaS. In the beginning, the team did it all manually with researchers and behind every researcher, they had two developers automating the entire process.

When the company first started, they were closer to a professional services company in the value they have delivered while building automation from day one. Today, over 90% of what the company does is fully automated.

What have been some of the company’s biggest milestones?

Mozes explained that they started selling an MVP after a year, generating immediate value for customers.

“We have been called to different incidents and saw how the response time goes down from weeks to 5 days, and 3 days, and the last incidents we handled, took less than 4 hours,” added Mozes. “A customer of ours in the financial space was entirely on-prem and bought a subscription for the cloud IR solution before they started transitioning to the cloud as part of their resiliency strategy. Today they are fully in the cloud and using the solution in an ongoing manner, handling investigations in no time. They’ve become a great design partner.”

Funding information

The company has raised a seed round and an A round altogether of around $45 million from investors like Clearsky, DNX, Atlantic Bridge, and Blackstone.

Customer feedback

Mozes said that speedy answers have been making the CISO’s job so much easier and they comment on that. “We’ve also had customers tell us that they had several breaches, but by working with Mitiga, a crisis was avoided every time. It’s that kind of feedback that led us to start the company,” Mozes stated.

What distinguishes Mitiga from its competition?

“Mitiga is the only IR solution specializing in both SaaS and Cloud. We are an IR solution that builds resilience by onboarding proactively and creating a strong forensics data posture,” Mozes responded. “Additionally, Mitiga’s subscription includes all forensics costs for an unlimited number of incidents. This fixed cost helps customers avoid the cost spikes of traditional IR.”

What are some of Mitiga’s future company goals?

“We’re going to keep working to disrupt the way IR has traditionally been done—making it easier, faster, and lowering breach impacts to the absolute minimum,” Mozes shared. ”That happens by continuing to decrease the time to recover and increase the network effect of our offering—so all of our customers receive the impact of every investigation we undertake.“