Artificial Intelligence & Machine Learning
,
Endpoint Security
,
Next-Generation Technologies & Secure Development
Series B Funding to Drive Seraphic’s Innovation in Browser Security, AI Governance
An enterprise browser security startup led by the longtime CEO of Walla raised $29 million to address the rise in cyber threats facilitated through web browsers.
See Also: Stop Sensitive Data Loss with AI Powered DLP
Seraphic Security will use the Series A proceeds to invest in AI for security, management and compliance purposes and integrate that into the San Jose, Calif.-based company’s security solutions, according to co-founder and CEO Ilan Yeshua. He said Seraphic differentiates itself from competitors by using a JavaScript-based approach that provides deep visibility and control while minimizing user friction.
“The market demand in ’24 grew significantly,” Yeshua told Information Security Media Group. “The market was educated at the end of ’22 and ’23, and then in ’24, we started to see large enterprises that already have budget specific for enterprise browser security.”
Why Enterprise Browsers Are Gaining Traction
Seraphic Security, founded in 2020, employs 41 people and has been led since its inception by Yeshua, who previously spent nearly 13 years as CEO of Israeli internet portal Walla! The company’s Series A funding round was led by GreatPoint Ventures. Seraphic hadn’t previously raised significant amounts of outside funding (see: Enterprise Browser Supporting Healthcare, Cyber Resilience).
Rising breaches, growing enterprise frustration with existing security solutions, and the shift to cloud-based work environments where the browser is the primary gateway has driven interest in web-based solutions, Yeshua said. Phishing attacks, zero-day exploits and encrypted web traffic are major security risks that traditional cybersecurity solutions fail to address effectively, according to Yeshua.
“It’s a combination of marketing dollars, frustration from the fact that existing solutions are not sufficient, and then also the driving force, which is that that businesses are moving to modern environments,” Yeshua said. “Meaning that most of the traffic, most of the activities, are done by browsers, and most modern applications are not supported that well by existing models.”
While marketing efforts have played a role, Yeshua said real-world events such as major cyber breaches have forced enterprises to reconsider their approach to securing the browser. Specifically, organizations have realized that traditional security solutions such as firewalls, SASE and VPNs lack deep visibility into browser activity, which is where many phishing, ransomware and zero-day exploits occur. he said.
“The modern business is actually dominated by browsers, and SASE solutions don’t have the necessary visibility in the browser,” Yeshua said. “It’s becoming kind of an operating system by itself. It is so sophisticated that the standard browser vendors invest so much in this tool. The solutions that evolved in cloud and in the operating system, they don’t have the necessary visibility.”
What Sets Seraphic’s Approach Apart From Rivals
Seraphic is investing in AI to enhance security capabilities, governance and compliance monitoring, with a focus on controlling how enterprises use tools like ChatGPT and DeepSeek to stop data leaks, Yeshua said. The company also uses AI for extension analysis, risk scoring and threat detection, as well as to simplify policy creation using natural language processing and automated workflows, Yeshua said.
“Mostly, we will invest now in the enablement of generative AI to enable us to address the risk of shadow AI or the leakage of privacy or compliance issues,” Yeshua said. “On the aspect of enablement, this will enable us to do a complete audit log on anything that the user is doing.”
Unlike dedicated secure browsers, which force enterprises to migrate employees to a new browser, he said Seraphic’s technology integrates with existing browsers while offering better visibility than browser extensions. Dedicated security browsers offer strong security but face adoption resistance from user friction, he said, while extension-based solutions are easier to deploy but lack deep visibility and control.
“What we have is a JavaScript code that we can inject into the session, either by an extension or by a proxy, or we can embed it into a browser and make this browser a dedicated browser,” Yeshua said. “We don’t have friction, because we can actually deploy the technology on any browser in a completely seamless way to the user, because we use extensions for deployment, but we don’t rely on the APIs.”
Seraphic Security is targeting large enterprises with more than 5,000 employees through direct sales, working with resellers and VARs, and partnering with CrowdStrike and SASE providers to extend the company’s market reach, according to Yeshua. He said security vendors are increasingly interested in browser security partnerships due to its growing importance in enterprise security.
“When it’s going well with your direct deals, then you get the attention of the channels, and at the same time you get the attention of the technology leaders,” Yeshua said. “I think that all SASE players are actually looking at this evolving category of enterprise browser security, and they understand that they need to have visibility and control in the browser.”