Oneleet raises $33M to shake up the world of security compliance

Bryan Onel’s begetter was a locksmith. As for Onel, helium described himself arsenic the integer equivalent.

Ethical hacking was Onel’s hobby increasing up. He studied AI astatine assemblage and past turned that hacking hobby into a profession. “I spent a decennary performing penetration tests for implicit 150 companies crossed each sectors,” Onel tells TechCrunch, adding that helium kept easy breaking into companies that had passed their information checks. 

Onel realized that information often fell wrong 2 brackets: Painful but effective, oregon painless but ineffective, helium said. Most companies were doing the bare minimum successful cybersecurity and compliance, arsenic it often takes excessively overmuch enactment — and tools and endowment — to supply effectual information defenses. 

Onel’s clients kept asking if helium could supply a solution to their problems, truthful helium gave it a shot. 

In 2022, helium teamed up with his wife, Ora, and assemblage person Erik Vogelzang, and launched Oneleet, an all-in-one information compliance platform. The startup aims to assistance different companies get their information certifications portion helping them go much unafraid faster. 

Onel tells TechCrunch that astir existing compliance platforms are evidence-collection tools, wherever users import information from their assorted products, wage a fee, and past voila! — retired spits a information certificate saying they are secure. 

“The effect is compliance theatre,” Onel tells TechCrunch. “You’re certified connected paper, but inactive susceptible to.” 

Oneleet is different, said Onel. The level includes a suite of information tools: penetrating testing, codification scanning, unreality information security, onslaught aboveground management, information training, and more, helium said, which aims to supply a amended model into a company’s information defenses.

“Because it’s integrated from the crushed up, we tin deploy broad information with the click of a button,” Onel continued. “That saves clients hundreds of hours and eliminates the unsighted spots that travel from managing fragmented tools.” 

Oneleet past partners with autarkic auditors to supply ceremonial certification reviews. 

On Thursday, Oneleet announced it raised a $33 cardinal Series A backing circular led by Dawn Capital to assistance turn the business. Onel called his fundraising process “straightforward,” and said helium met Dawn Capital successful San Francisco, wherever helium described “immediate chemistry.”

“They already had heavy cognition of the information and compliance abstraction and instantly understood what we were gathering astatine Oneleet, truthful determination was instant alignment,” said Onel.

Other investors successful the circular see Y Combinator, Dropbox co-founder Arash Ferdowsi, and erstwhile Snowflake and ServiceNow main enforcement Frank Slootman. Oneleet participated successful the Spring 2022 people of Y Combinator, and said two-thirds of the VC firm’s portfolio companies are present its clients. 

Competitors successful this abstraction see Vanta, Secureframe, and Sprinto. For its part, Oneleet has reached $3 cardinal successful yearly recurring gross and has raised $34 cardinal successful full to date.

The caller currency injection volition beryllium utilized to grow Oneleet’s engineering team, summation its AI capabilities, and to find ways to scope much customers. The extremity is to extremity information theatre successful compliance, helium said, astatine a clip erstwhile defending against cyberattacks is much important than ever.

Onel said that AI is changing the standard of cyberattacks. He said, for example, precocious atrocious actors are automating cyber crimes, portion lowering the barroom for novice hackers to onslaught with malicious attacks. 

He said companies are besides being reckless, similar carelessly utilizing “vibe coding” tools, oregon giving AI entree to business-critical accusation without the close guardrails. In the satellite of compliance, Onel said, companies tin usage AI to make fake documentation to marque it look arsenic if the concern is much unafraid than it is. 

Onel says his institution heavy uses AI, moving successful the inheritance for menace modeling and different information assessments, and besides helps draught policies. But, helium said, the institution has a quality squad verifying accusation truthful the lawsuit does not spot immoderate hallucinations. “We’re liable astir it,” helium said. 

“Good information should beryllium invisible,” Onel continued. “Companies should walk little clip worrying astir information and much clip gathering large products. We person a changeable astatine helping companies support themselves much efficaciously than ever before.”