Cyberattacks continue to increase in both velocity and complexity - while corporations, nonprofits and government agencies are facing top-down pressure to respond with immediacy and clarity. 

Take, as a recent example, the attack on Toyota’s production facilities. When a supplier of plastic parts and electronics was hit with a malware infection Toyota was forced to slash a third of its global production in a single day. When events like this become public, the industry - in this case automotive - goes on high alert. Stakeholders, from government to board of directors, unions and executives, all start asking the same question: could this happen to us?

That’s not a simple question, and it’s currently very difficult to get to an accurate answer. The present solution involves a mix of qualitative assessment, reliance on endpoint-focused defensive tools, and patchy reporting from security controls. What’s missing is a way of independently hardening cyberdefenses by continuously testing cloud and on-prem environments, working with existing tools, in order to elicit consistent, quantitative information. 

Prelude is working to harden an organization’s defenses by continuously asking “questions” through the form of safe, proactive cyberattacks. These attacks respond immediately to the latest vulnerabilities and cyber events, turning complex technical descriptions into deployable questions. Those questions, eventually delivered to any endpoint, cloud environment, user, or piece of technology, are designed to automatically integrate with defensive tools - improving their efficacy with each new attack. 

Steve Ward, the former CISO of Home Depot and TIAA, and current managing director at Insight Partners, graciously describes Prelude’s technology in the following way:

“We finally found a technology that will effectively measure the maturity of our controls and give CISOs the confidence they need to answer the most common question from the board. “Are we protected?””

Prelude has spent the last 18 months working on making offensive security more accessible. Our first product, Operator, is production-ready infrastructure for continuously testing your cloud and on-prem environments. Operator is largely free & open-source, and provides everything you need to perform realistic offensive security assessments against your cyberdefenses.

Our mission is to increase the reach, frequency and usage of advanced security for all organizations. Operator was our first step, and we will continue to develop products that focus on making advanced security simpler and more accessible. Today, we take a major step forward in enabling that long-term mission through the announcement of our Series A financing. 

We are grateful to partner with Bill Coughran from Sequoia, who joins the team as a board member,  Steve Ward from Insight Partners and continue our partnerships with IA Ventures, Four Rivers, Revolution's Rise of the Rest Seed Fund, and others. We are also excited to expand our partnership with The MITRE Corporation to make offensive security safer and more accessible through training and applied research. 

With the latest funding and partnerships, we intend to accelerate product development, enhance customer success and expand our team, all of whom deeply believe in our mission of raising the nation's collective security floor. Our team is made up of former offensive cyber operations specialists, red and blue teamers, software engineers, designers and startup operation executives - and we're growing rapidly. We are hiring across product, go-to-market, engineering, security, business development and more. If you’re interested in joining our team or working with Prelude, please view our open roles here or contact us at jobs@prelude.org.