Sola emerges from stealth with $30M to construct the ‘Stripe for safety’

Enterprises these days can choose from hundreds of apps and services available to secure their networks, data and assets — nearly as many more to help them manage all the alerts and extra work that those security apps generate. But what if you could build your own apps, customised to your own workloads, to simplify the whole game? 

That is the premise of a new Israeli startup called Sola, which has built a low/no-code platform to let users design their own cybersecurity apps tailored to their specific needs, including tools to manage apps they might already be using. Sola is emerging from stealth today armed with seed funding of $30 million to hit the ground running with the stated aim to “democratize” how security can be approached and handled. 

“We’re not trying to be like another next-generation CPSM, or ASPM,” said co-founder Guy Flechter, referring to posture management tools — “or any other acronym that you can think of. We want to change the way you think about security. Like Stripe did with payments or Canva did with design.”

S Capital (the firm founded by the team that started Sequoia Israel) and and former long-time Sequoia VC Mike Moritz are co-leading the round, withS32, Glilot Capital Partners, and unnamed angel investors participating. (Sola has been around for about a year, and some of the details of this round leaked out while it was still in the works and the company had yet to unveil any details about its product.)

Sola is the brainchild of two longtime players in the world of cybersecurity whose experience effectively bookends the challenge. Flechter is a builder who previously co-founded and led Cider Security, a specialist in application security that was acquired by Palo Alto Networks for $300 million in 2022. His co-founder Ron Peled was the classic end user: he had previously been the chief infosec officer for AI commerce company LivePerson and worked as an advisor to a number of other companies. 

As Flechter describes it, these days there are basically two options for solving security challenges these days.

Option one is to buy a very robust, commercial solution, typically for a price tag that be in the six figures. “It’s a very complex solution, and at the end of the day you will probably not use everything you’ve paid for,” he said. 

Option two is building solutions yourself using open source components. “You need a very high level of technical expertise to bring that together,” he said. 

Sola’s approach is effectively a swing at creating a new option three.

Tapping into the latest innovations using AI and big data management, the platform is designed for organizations that might not have large security teams and to be used by those without extensive technical skills.

Sola’s interface that lets users set goals or ask questions in natural language, and then pull in data from different sources, identify what it is aiming to track, to create a new “app” that works with that company’s specific assets.

Sola can be used to query data within existing security apps that are being used, Flechter said, but it also has security tooling built into it to replace certain functionality. Sola has “ready made” apps as well for those who do not want put together apps of their own. 

The aim is to create more streamlined security services for organizations, that in theory will do exactly what they want, and for a fraction of the price. 

Apps currently in the app gallery give you an idea of what kinds of functionality Sola envisions it can handle. An AWS Network Security app, for example, lets the user “Get a high-level summary of key AWS network security metrics, including potential vulnerabilities.”

The kinds of questions it can help answer, it says, include “Which security groups have overly permissive rules?” “Which network protocols are enabled across my environment?” “Are there any unprotected open ports that could expose critical services?” And “What’s the status of my VPC flow logs?”

There are dozens more apps pre-written to cover other cloud environments, developer environments like GitHub, and major security tools such as Okta and Wiz. 

Moritz, notably, is making his first investment here in a security startup in his capacity as a solo investor. He said that what stood out for him was how the Sola team was leaning into the bigger trend of building simplified front ends with more complicated work being done behind the scenes in the back end, while tapping into technological innovations to make that possible. That is a pattern that has been seen previously in areas like payments with Stripe, design with Canva and many other now-giant tech companies. But his words are a reminder too that all this is still a work in progress.

“It’s clear that Sola is going to take advantage of all the advances that are that are occurring at breath-taking speed in the evolution of AI. That is very evident in its product,” he said in an interview. “If you look at the interface today of Sola compared to where it was even 18 months ago, it’s advanced massively thanks to the improvements and breakthroughs that have been announced and unveiled in those last 18 months.”