Crogl AI: $30M to Build 'Iron Man Suit' for Security Analysts

The Rise of AI in Cybersecurity: Introducing Crogl

Artificial intelligence is rapidly transforming the IT landscape, and on Thursday, Crogl, a new startup, unveiled its contribution to this evolution. They are launching an autonomous assistant designed to aid cybersecurity researchers in analyzing daily network alerts, ultimately streamlining the process of identifying and resolving security incidents.

An "Iron Man Suit" for Security Professionals

Crogl’s assistant, as described by CEO and co-founder Monzy Merza, functions as an “Iron Man suit” for researchers. The platform has already been deployed with several large enterprises and organizations. Concurrent with the public launch, following a period in private beta, the company announced it has secured $30 million in funding.

Funding Details and Future Plans

This funding round consists of two parts: a $25 million Series A investment spearheaded by Menlo Ventures, and a $5 million seed round led by Tola Capital. The Albuquerque, New Mexico-based company intends to utilize these funds to further develop its product and expand its customer base.

Addressing Alert Fatigue in Cybersecurity

Modern enterprises often utilize numerous security tools to parse and remediate alerts generated by security software. However, the sheer volume of alerts can be overwhelming, sometimes equaling the number of security tools themselves. Crogl distinguishes itself through its unique approach and the expertise of its founders.

The Founder's Background and Vision

Monzy Merza brings a wealth of experience to Crogl. Following his university studies, he worked in security at Sandia National Laboratories, a U.S. government atomic research facility. He subsequently held leadership positions in security research at both Splunk and Databricks.

From Industry Insight to Startup Creation

Before founding Crogl, Merza deliberately sought to gain a deeper understanding of end-user challenges. He accepted a position at HSBC to work alongside security professionals and identify their key pain points. This experience, combined with his previous roles, informed the development of Crogl.

Building Crogl: A Two-Year Journey

Two years ago, Merza partnered with former Splunk colleague David Dorsey (now Crogl’s CTO) to bring his vision to life. The past year has been dedicated to building a customer base through a private beta program.

The Meaning Behind the Name "Crogl"

As Merza explained, “Crogl” is a carefully chosen portmanteau. It draws from Cronus, the titan and god of time, representing the first three letters; ‘g’ signifies gnosis, meaning knowledge or awareness; and ‘l’ stands for logic. This name reflects the startup’s core mission.

The Challenge of Alert Volume

The central problem Crogl addresses is the disparity between the number of alerts security analysts can effectively handle and the total volume they receive. Analysts typically resolve around two dozen alerts daily, while facing as many as 4,500 during the same period.

Rethinking Alert Evaluation

Merza believes existing tools fall short in accurately evaluating alerts, often due to a flawed approach. He and Dorsey observed that security leaders generally welcome a high volume of alerts, as it indicates greater exposure and learning opportunities.

Turning Alerts into Opportunities

However, this high volume can be unsustainable. The industry has largely focused on reducing alert numbers, but Merza proposes a different solution: “What if every alert was actually a multiplier, and security teams became ‘anti-fragile’ by having the ability to analyze whatever they want?”

Crogl's "Knowledge Engine" and Large Security Model

Crogl aims to achieve this by leveraging big data and the principles behind large language models. The startup has developed a “knowledge engine” to power its platform – essentially a “Large Security Model.”

Beyond Detection: Natural Language Querying and Trend Analysis

The platform not only identifies suspicious activity but also learns from it, improving its ability to detect future threats. Crucially, it allows researchers to query all alerts using natural language, enabling them to identify and understand emerging trends.

Future Potential: Remediation and Beyond

Over time, Crogl has the potential to expand beyond alert analysis to include automated remediation, according to Tim Tully, the Menlo Ventures partner who led the investment.

A Team with a Proven Track Record

Tully’s confidence in the Crogl team – which also includes founding member Brad Lovering, former chief architect at Splunk – stems from years of experience working with them. He previously served as CTO at Splunk, overseeing their work.

Investment Driven by Team Expertise and Product Potential

“I knew what they are capable of building. I know that they know the space well. The team in and of itself is the key. It’s rare to find such experience from the venture side,” Tully stated. He initially missed the opportunity to invest in the seed round but was compelled to reconsider after learning more about the product.

A Product Reflecting Security Expertise

After a demonstration in Albuquerque, Tully was convinced. “It felt like the product was a mapping of Monzy’s security brain in terms of how the problem was solved.”