Anecdotes lands $25M to broaden its governance, threat administration and compliance enterprise

Governance, threat administration and compliance — GRC for brief — stays one of the energetic startup areas by way of VC investments. According to Tracxn, the personal market knowledge tracker, the roughly 1,500 distributors promoting GRC software program had obtained $28.7 billion in funding as of 2021.

It’s no marvel there’s such excessive curiosity. GRC helps organizations higher handle threat whereas staying in compliance with laws — and there’s an increasing number of regulations to fret about.

One of many newest ventures to learn from the increase is Anecdotes, which goals to streamline GRC duties by way of automated workflows, plugins and app integrations. Anecdotes immediately introduced that it raised $25 million in a Collection B funding spherical led by Glilot Capital Companions with participation from Vertex, DTCP, Crimson Dot Capital Companions, Classic Funding Companions and Shasta Ventures.

Bringing Anecdotes’ whole raised to $55 million, the tranche, which the corporate described as “oversubscribed,” shall be put towards increasing into new markets and doubling Anecdotes’ 60-person workforce within the subsequent 12 to 24 months, co-founder and CEO Yair Kuznitsov mentioned.

Kuznitsov and Roi Amior met whereas working at cybersecurity startup IntSights earlier than it was acquired by Rapyd7. Whereas there, they bumped into GRC-related challenges, together with repetitive and time-consuming audits.

Impressed to create a greater answer, Kuznitsov and Amior co-launched Anecdotes.

“[We wanted to] reinvent the enterprise GRC as offered today — data-oriented, automated, efficient, customized and meaningful for GRC and other stakeholders,” Kuznitsov mentioned. “Anecdotes is redefining compliance and risk management by transforming it from a labor-intensive task with skyrocketing associated costs into data-oriented processes.”

Picture Credit: Anecdotes

Anecdotes’ platform routinely collects GRC-related “artifacts” (i.e. knowledge and logs) from sources together with an organization’s public clouds, on-premise knowledge facilities, personal clouds and software-as-a-service instruments. The information will get positioned in a central hub the place customers can kick off compliance actions (e.g. coverage administration, person entry opinions and so forth).

One comparatively new addition to the hub is AI Toolkit, which delivers a listing of dangers, controls and insurance policies for deploying generative AI apps into manufacturing environments. AI Toolkit is open supply and, Kuznitsov claims, created in collaboration with “industry-leading” consultants.

“The toolkit aims to equip organizations, specifically GRC teams, with the framework to enable the use of GenAI tools while ensuring they’re still compliant and avoiding exposure to risks,” Kuznitsov defined.

Anecdotes’ opponents embrace VComply, a threat and compliance administration startup that’s raised over $10 million in enterprise capital up to now, and Cypago, which goals to automate compliance and governance for firms. There’s additionally bigger gamers like Certa, which landed a $35 million funding from Fin Capital, Vertex Ventures and others earlier in 2023.

Kuznitsov asserts that Anecdotes is well-positioned, although, with round 100 clients together with Snowflake, Coinbase SoFi, Grafana and Payscale.

“[We have healthy software-as-a-service gross margin,” he added. “[We’re] selling millions of dollars with 3x year-over-year growth … Anecdotes proved to find product-market fit and its ability to serve enterprise customers. The next growth phase requires additional capital to further accelerate global expansion and product innovation.”