Oneleet Raises $33m To Shake Up The World Of Security Compliance

Bryan Onel’s begetter was a locksmith. As for Onel, he described himself arsenic nan integer equivalent.

Ethical hacking was Onel’s hobby increasing up. He studied AI astatine assemblage and past turned that hacking hobby into a profession. “I spent a decade performing penetration tests for complete 150 companies crossed each sectors,” Onel tells TechCrunch, adding that he kept easy breaking into companies that had passed their information checks. 

Onel realized that information often fell wrong 2 brackets: Painful but effective, aliases painless but ineffective, he said. Most companies were doing nan bare minimum successful cybersecurity and compliance, arsenic it often takes excessively overmuch activity — and devices and talent — to supply effective information defenses. 

Onel’s clients kept asking if he could supply a solution to their problems, truthful he gave it a shot. 

In 2022, he teamed up pinch his wife, Ora, and assemblage friend Erik Vogelzang, and launched Oneleet, an all-in-one information compliance platform. The startup intends to thief different companies get their information certifications while helping them go much unafraid faster. 

Onel tells TechCrunch that astir existing compliance platforms are evidence-collection tools, wherever users import information from their various products, salary a fee, and past voila! — retired spits a information certificate saying they are secure. 

“The consequence is compliance theatre,” Onel tells TechCrunch. “You’re certified connected paper, but still susceptible to.” 

Oneleet is different, said Onel. The level includes a suite of information tools: penetrating testing, codification scanning, unreality information security, onslaught aboveground management, information training, and more, he said, which intends to supply a amended model into a company’s information defenses.

“Because it’s integrated from nan crushed up, we tin deploy broad information pinch nan click of a button,” Onel continued. “That saves clients hundreds of hours and eliminates nan unsighted spots that travel from managing fragmented tools.” 

Oneleet past partners pinch independent auditors to supply general certification reviews. 

On Thursday, Oneleet announced it raised a $33 cardinal Series A backing information led by Dawn Capital to thief turn nan business. Onel called his fundraising process “straightforward,” and said he met Dawn Capital successful San Francisco, wherever he described “immediate chemistry.”

“They already had heavy knowledge of nan information and compliance abstraction and instantly understood what we were building astatine Oneleet, truthful location was instant alignment,” said Onel.

Other investors successful nan information see Y Combinator, Dropbox co-founder Arash Ferdowsi, and erstwhile Snowflake and ServiceNow main executive Frank Slootman. Oneleet participated successful nan Spring 2022 people of Y Combinator, and said two-thirds of nan VC firm’s portfolio companies are now its clients. 

Competitors successful this abstraction see Vanta, Secureframe, and Sprinto. For its part, Oneleet has reached $3 cardinal successful yearly recurring gross and has raised $34 cardinal successful full to date.

The caller rate injection will beryllium utilized to grow Oneleet’s engineering team, summation its AI capabilities, and to find ways to scope much customers. The extremity is to extremity information theatre successful compliance, he said, astatine a clip erstwhile defending against cyberattacks is much important than ever.

Onel said that AI is changing nan standard of cyberattacks. He said, for example, precocious bad actors are automating cyber crimes, while lowering nan barroom for novice hackers to onslaught pinch malicious attacks. 

He said companies are besides being reckless, for illustration carelessly utilizing “vibe coding” tools, aliases giving AI entree to business-critical accusation without nan correct guardrails. In nan world of compliance, Onel said, companies tin usage AI to make clone archiving to make it look arsenic if nan business is much unafraid than it is. 

Onel says his institution heavy uses AI, moving successful nan inheritance for threat modeling and different information assessments, and besides helps draught policies. But, he said, nan institution has a quality squad verifying accusation truthful nan customer does not spot immoderate hallucinations. “We’re responsible astir it,” he said. 

“Good information should beryllium invisible,” Onel continued. “Companies should walk little clip worrying astir information and much clip building awesome products. We person a changeable astatine helping companies take sides themselves much efficaciously than ever before.”