AI agents are moving around the world, and on Thursday a startup called Crogl debuted its contribution to the field. Cybersecurity researchers are autonomous assistants and help them analyze thousands of daily network alerts to find and correct real security incidents. The assistant, described by Crogl CEO and co-founder Monzy Merza as the researcher's “Iron Man Suit,” is already quietly unfolding in many large corporations and other large organizations. With the move from today's private beta, the startup has also announced $30 million in funding.
The $30 million is a $25 million Series A led by Menlo Ventures. Previous $5 million seeds led by Tola Capital. Based in Albuquerque, New Mexico, Krog will use its funds to continue its product and customer base.
Security tools are hundreds of numbers today, including those intended to analyze and repair many alerts of potential issues cast by existing security software. Sometimes it feels like there are as many tools as security alerts. But Krogl is a little different, in part, but in part, who created the idea in the first place.
Melza has a long and interesting background in the security industry. After graduating from university, he was engaged in security at the Sandia Atomic Laboratory of the US Government. Later he went to Splunk, where he built and led that security business. He then moved to Databricks to do the same.
When Melza began thinking about doing his thing instead of starting a startup, he decided to work at HSBC, work among end users, and get a sense of pain from their perspective. Putting all of that under his belt, he slammed former longtime Sprank colleague David Dorsey (now Crogle's CTO) and they got to work.
It was exactly two years ago, and last year I spent building a customer base in a private beta.
As Melza explained to me, the name Crogl is a Porte Manto of three different other words and ideas. Cronus, the leader of the Titans and the god of the age, describes the first three letters of the name. “G” comes from Gnosis. This means knowledge and consciousness. “L” in the end stands for logic, he added. In a way, it encapsulates everything a startup does.
As Merza sees, the core of the problem is that security analysts in the operations team can usually see and resolve about two dozen security alerts in a day, but they could usually see as many as 4,500 people in the same period.
In his view, the tools that have been built up to now are the task of being able to assess alerts and the problems of humans in the wrong way, so some do not reach human capabilities.
His and Dorsey's observation was that security leaders usually prefer it when their team sees a lot of alerts. Because, as a reinforcement learning principle, it means that they experience more and more and understand more experiences.
Of course, that is unacceptable, and that has driven many security products up until now. “The security industry has been telling people to reduce the number of alerts,” Melza said. “So what happens if you can create this scenario where all the alerts are actually multipliers and your security team has the ability to analyse what they actually want?”
That's effectively what Krogl is trying to deal with with that approach. Relying on the idea of big data and the oversized parameters that drive large language models, startups have built what Melza describes as the “knowledge engine” for running the platform (think of it as a “large security model” here). Not only does the platform flag suspicious activity, it also learns more about what signals constitute suspicious activity. And importantly, researchers can also use natural language when needed, and use all alerts to unlock and understand trends and do more work.
Over time, it is possible that Croglu will take on more than just an alert. For example, repairs are a very obvious area for it to tackle.
Tully's familiarity with Crogl's team has founded Brad Lovering, who was among other impressive roles elsewhere, including Splunk's Chief Architect.
“I knew what they could make. I know they know the space well, and that's like the hook in the mouth just a team of its own. And I think it's pretty rare from the venture side you like, that kind of experience,” he said. He added that he missed the opportunity to invest in during the seed stage, continuing to hear about the product and think, “All is enough.” He flew to Albuquerque and saw his own demonstration, which sealed the deal. “I felt this product was like a mapping of Monzy's security brain in terms of how the problem was resolved.”