Crogl Raises $30M and Launches AI-Powered Knowledge Engine for Enterprise Security

Crogl raises $25M and launches knowledge engine to scale enterprise security - SiliconANGLE

Crogl raises $25M and launches knowledge engine to scale enterprise security Cybersecurity risk management startup Crogl Inc. today announced that it had raised $25 million in new funding and launched its knowledge engine that allows enterprises to scale their security operations while maintaining compliance and reducing operational risk. Founded in 2023, Crogl offers cybersecurity risk management services that are dedicated to revolutionizing security operations through autonomous artificial intelligence solutions. The company offers an AI-powered Security Operations Center analyst that operates across on-premises and cloud environments to deliver real-time threat detection and response without the need for manual coding or pre-defined playbooks. Crogl's platform autonomously triages and investigates security alerts, enhancing threat coverage and reducing operational risks. The platform learns from an organization's unique processes and data to ensure consistent, auditable actions that support compliance and maintain institutional knowledge. The company's solutions integrate with existing security tools and data sources, adapting to both cloud and on-premises environments to ensure that organizations can maintain their current infrastructure while benefiting from advanced, autonomous threat detection and response capabilities. Crogl's new knowledge engine, announced today, is designed to help enterprises manage growing volumes of security alerts while maintaining compliance and reducing operational risk. The engine continuously learns an organization's security processes and data, enabling consistent, auditable investigations across fragmented tools and environments without the need for coding, playbooks, or schema normalization. The knowledge engine creates a unified semantic layer that connects diverse data sets and security tools, allowing teams to execute use cases across their entire infrastructure. Notably, the knowledge engine differs from traditional software-as-a-service solutions by being fully private and customer-managed, supporting air-gapped, on-premises and cloud environments to give organizations complete control over their risk posture. The engine also helps security teams handle every alert at scale while preserving institutional knowledge by automating thorough investigations and generating detailed documentation. The results allow junior analysts to manage complex workflows, freeing up senior analysts to focus on strategic initiatives and advanced threat detection. The Series A funding round came from Menlo Ventures LP and will be used to further develop Crogl's knowledge engine and advance its capabilities for scaling security operations. "Having lived these challenges firsthand, they know that today's most challenging security threats -talent shortages and overwhelming alert volumes - demand a fundamentally different approach," said Tim Tully, partner at Menlo Ventures. "Crogl's knowledge engine is a true force multiplier - an AI system that doesn't just automate, but learns, adapts and operates with the collective intelligence of an entire SOC. We believe this is the future of security operations."

Crogl, armed with $30M, takes the wraps off a new AI 'Iron Man suit' for security analysts | TechCrunch

AI agents are marching across the world of IT, and on Thursday a startup called Crogl is debuting its contribution to the field: an autonomous assistant for cybersecurity researchers to help them analyse thousands of daily network alerts to find and fix actual security incidents. The assistant -- described by Crogl's CEO and co-founder Monzy Merza as an "Iron Man suit" for researchers -- has quietly been in deployment already with a number of large enterprises and other big organizations. With today's move out of private beta, the startup is also announcing $30 million in funding. The $30 million is coming in two tranches: a $25 million Series A led by Menlo Ventures; and a previous $5 million Seed led by Tola Capital. Albuquerque, New Mexico-based Crogl will be using the funding to continue building out its product, and its customer base. Security tools, including those aimed at helping parse and remediate the many alerts of potential issues thrown up by existing security software, today number in the hundreds. Sometimes it feels as if there are nearly as many tools as there are security alerts. Crogl, however, is a little different, in part because of who cooked up the idea in the first place. Merza has a long and interesting background in the security industry. Out of university, he worked in security for the U.S. government's Sandia atomic research lab. Later he went to Splunk, where he built and led its security business. He then moved to Databricks to do the same. When Merza started thinking of doing his own thing, instead of launching a startup, he chose to back to industry, taking a job at HSBC, to work among end users to get a sense of pain points from their perspective. With all of that under his belt, he then tapped former longtime Splunk colleague David Dorsey (now Crogl's CTO) and they got to work. That was exactly two years ago, with the last year spent building up a customer base in a private beta. As Merza explained it to me, the name Crogl is a portmanteau of three different other words and ideas. Cronus, the leader of the titans and the god of time, accounts for the first three letters of the name. The 'g' comes from gnosis, which means knowledge or awareness. The 'l' at the end stands for logic, he added. And in a sense, all that encapsulates what Crogl the startup is setting out to do. The crux of the problem, as Merza sees it, is that security analysts in operations teams typically can look at and resolve, at maximum, around two dozen different security alerts in a day, but typically they might see as many as 4,500 in that same period. The tools that have been built up to now, in his view, are not up to the task of being able to evaluate alerts as well as a human can in part because they are coming at the problem in the wrong way. His and Dorsey's observation was that security leaders typically like it when their teams see a lot of alerts, because on the principle of reinforcement learning, it means that they are experience and understanding more with each alert they triage. Of course, that is also untenable, and that is what has driven a lot of security product up to now. "The security industry has been telling people to reduce the number of alerts," Merza said. "So what if you could have this scenario where every alert was actually a multiplier, and security teams became actually anti-fragile by by having this ability to analyze whatever they want?" That is effectively what Crogl attempts to address with its approach. Leaning into big data and the idea of the outsized parameters that drive Large Language Models, the startup has built what Merza describes as a "knowledge engine" to power its platform (think "Large Security Model" here). Not only is the platform flagging suspicious activity, it's learning more about what signals might constitute suspicious activity. And critically, it allows the researchers also to query, using natural language if they want, all alerts to pull out and understand trends and to do more of their work. Over time, there is potential for Crogl to take on more than just alerts -- remediation is a very obvious area, for example, for it to tackle, noted Tim Tully, the Menlo partner who led its investment into the startup. Tully's familiarity with the team at Crogl -- with also includes founding member Brad Lovering, who had been the chief architect at Splunk, among other impressive roles elsewhere -- goes back years: he had been the CTO at Splunk overseeing all their work there. "I knew what they capable of building. I know that they know the space well. And so it's that, sort of like the hook in the mouth is just the team in of itself. And I think it's pretty rare from a venture side that you have like, such experience," he said. He added that he'd missed the chance to invest at seed stage, and then kept hearing about the product and thought, "enough is enough." He flew down to Albuquerque, and saw a demo for himself and that sealed the deal. "It felt like the product was like a mapping of Monzy's security brain in terms of how the problem was solved."