Austin-headquartered Command Zero, an one-of-its-kind autonomous and user-led cyber investigation platform, emerged from stealth recently after raising $21 million in seed funding.
The investment round was led by Andreessen Horowitz, which recently backed Hebbia and ElevenLabs with participation from Insight Partners and over 60 cyber industry thought leaders and executives.
What challenge does it address?
Automation has improved threat detection and triaging capabilities, yet all escalated cases still require tedious manual investigations. This makes investigations the most significant bottleneck for security operations. Manually investigating all escalated cases by tier-2 and tier-3 analysts is an impossible task for most organisations today. Complex incidents often result in resource starvation for security operations, or the need to hire third party remediation and response firms.
Investigations are made of questions and answers. Depending on the complexity, investigations can be formed by dozens or thousands of questions
Command Zero combines expert investigative questions, autonomous and user-led methods on a federated data model to transform investigations. Using encoded expert knowledge, automation and advanced Language Learning Models (LLMs), Command Zero is solving the most significant bottleneck in security operations: investigations.
The team behind CommandZero
Founded by a seasoned leadership team – Dov Yoran, Dean De Beer and Alfred Huger with extensive experience in security operations and incident response, Command Zero delivers a consistent, efficient and scalable path for investigations and threat hunting. The founders have led successful cybersecurity acquisitions to date, including exits to Symantec, McAfee, Sourcefire, Cisco and IBM.
What does the company do?
Command Zero leverages human intelligence and creativity by incorporating automation and advanced LLMs to augment human investigators. During an investigation, each question and response is interpreted and analysed, in context of the investigation and organisation.
This removes the laborious work from SecOps teams and helps analysts better interpret the responses from data sources. This unique approach also allows users to know which questions to ask, how to interpret answers and build complete narratives of what occurred. The same capabilities also generate timelines and end-to-end reports for investigations, saving valuable cycles for all analysts.
The platform reduces the need for technology specific expertise for tier-2, tier-3 analysts, incident responders and threat hunters. Command Zero enables all users to perform at the highest level by ensuring consistent, repeatable, auditable investigations with automated reporting.
“Running escalations to ground truth has always been the biggest challenge in cyber. To date, conducting thorough cyber investigations has relied on individual expertise, and has been exclusive to select few advanced organisations.” said Dov Yoran, co-founder and CEO. “Command Zero removes technology expertise barriers, dramatically reduces repetitive manual work and speeds up investigations. Improving institutional knowledge, automation and consistent outcomes are transforming how organisations run threat hunting and investigations at scale.”