Press Room

About

Company Background

Vorlon was founded in 2022 by Amir Khayat and Amichay Spivak who hold a combined 35+ years of cybersecurity experience. Prior, they developed and sold a Security Orchestration Automation and Response platform called Demisto (now branded XSOAR) which was acquired in 2019 by Palo Alto Networks in its third largest acquisition to date.

While deploying automation solutions for thousands of customers, Amir and Amichay identified a serious problem facing Enterprise organizations. With the rise of automation and continued demand for greater productivity, organizations are increasingly relying on other vendors’ (third-party) applications and services to drive efficiency within their businesses. Every vendor uses Application Programming Interfaces (APIs) to enable their own software to communicate with other systems. This communication is facilitated by ‘secrets' like OAuth, API keys, and user credentials. However, the methods used to transport these secrets continuously pose a security risk to the customer (the one consuming the APIs)—usually by granting over-permissive access to other sensitive data. And while vendors take certain precautions to secure the development of their own APIs, there has been no attention paid to protecting the data in motion from one system to the other.

Today, large enterprises consume an average of 25,500 APIs. While there aren't any good references for the number of APIs a large enterprise publishes, Google itself publishes 246—more than 100X less than what is consumed.

Oftentimes, APIs are granted more access than necessary to perform the task they are designed to do (we call this over-permissive) and the access granted to APIs are able to inadvertently access sensitive data, including Personally Identifiable Information (PII), Protected Health Information (PHI), and even Payment Card Industry (PCI) information. This sensitive data can then be exploited by threat actors in the event of a breach or leak. The APIs themselves are often exploited by threat actors as well.

In fact, 98.3% of organizations have a relationship with a third-party that has experienced a data breach in the last two years. Chances are that you or someone you know is involved in a data breach right now - but you wouldn't even know it because it takes an average of six to seven months to identify, not to mention the two to three months it takes to mitigate.

Our customers use Vorlon to detect, identify, and remediate these threats.

"Vorlon gives us greater visibility across all third-party API assets and dramatically reduced event triage timelines."

Jamie Brown
Vivun, CISO

"Vorlon helped us understand not just the APIs we were using but also what systems these APIs were connecting to and the data that was enabled on top of the APIs. Vorlon provided me with quite a bit of telemetry and threat intel around our API usage — which is especially game-changing for the third parties that might as well be a black box to us. The biggest takeaway for us is the sheer size of the attack surface generated by third-party vendors connecting to our data both directly and indirectly."

Avishai Avivi
SafeBreach, CISO

"The patent-pending technology Vorlon has built is far superior to anything else we have seen in this space."

Steve Loughlin
Accel, Partner

"In many cases, organizations won’t find out about a vendor's data breach until months after the fact. Vorlon’s ability to reduce the timeline between threat detection and remediation to minutes is what makes this technology so powerful. Accel is excited to continue our support for Amir, Amichay, and the team at Vorlon as they grow."

Steve Loughlin
Accel, Partner

"Vorlon’s innovative approach to securing third-party APIs addresses a critical gap in the current cybersecurity infrastructure. We’re proud to be supporting Vorlon and their efforts to safeguard the digital assets that power the global economy and secure critical infrastructure."

Raj Shah
Shield Capital, Managing Partner

"I think most CISOs already know this, but third-party APIs are right now probably one of the Achilles heels of our world, with a very wide usage and almost no visibility unto them. The goal, through a tool like Vorlon, is you can bring that out of the shadows and into the light and can start to put the same sorts of controls in API security that we’ve put on all sorts of other security over the last decades."

Eric Richard
Dutchie, CISO (Formerly HubSpot CISO)

"Every few years, cybersecurity undergoes a transformation to safeguard what's truly invaluable. As businesses increasingly embrace third-party solutions, it's crucial to monitor the data flowing between them. Enter Vorlon, a solution designed to empower businesses with the essential visibility and proactive security measures needed to protect their most valuable assets."

Anthony Lee-Masis
CISO and Data Privacy Officer

Amir Khayat

CEO and Co-Founder

Amir Khayat is the CEO and co-founder of Vorlon. Amir has over 17 years of cybersecurity experience, including software development, and GTM roles. Amir served in the Israeli Defense Forces as a commander and combat soldier at the Paratrooper’s Elite Operations Unit. He graduated from Reichman University, Herzliya, Israel (IDC) with a BA in Computer Science, and he holds an MBA from the Hebrew University of Jerusalem. Amir lives in the Bay Area with his wife and three children.

Amichay Spivak

CTO and Co-Founder

Amichay is the CTO and co-founder of Vorlon. For more than 15 years, Amichay has held diverse roles around cybersecurity research and development. After graduating from the Technion - the Israeli institute of technology, Amichay joined 8200 - Israel's Cybersecurity military unit, where he performed various hands-on roles and led R&D teams. Amichay lives in Tel Aviv with his wife and three children.

Netta Drimer

Head of Product

Netta Drimer is the head of product for Vorlon. She has a passion for driving innovation in early-stage startups. Embarking on her career as a software engineer, Netta has garnered extensive experience in scaling products from ideation to live applications catering to millions of users. Netta lives in Israel with her husband, three children, and a dog.

Alex Yakubov

Head of Marketing

Alex is the Head of Marketing for Vorlon. With over 15 years of experience in cybersecurity, she has a proven track record of building brands and pipeline for global companies including Palo Alto Networks, Expanse, Yubico, McAfee, and Ziff Davis. Alex holds a certification in Cybersecurity and Risk Management from Harvard Kennedy School, and a BA in English Literature from Randolph-Macon Woman's College. She lives in the Bay Area with her family.

Adam Burt

Head of Research

Adam Burt is the head of research at Vorlon. Adam brings over 24 years of experience in cybersecurity, from computer forensics and reverse engineering to programming. Prior to Vorlon, Adam led a team of Solution Architects at Palo Alto Networks, focussed on security and automation. Previously Adam had spent most of his computing career in technically focused roles working across a wide range of verticals. Adam lives in the UK with his wife and two children.

Carl Elsinger

VP of Sales

Carl is the VP of sales of Vorlon. A cybersecurity sales leader with over 25 years of experience in both sales and sales leadership, Carl has successfully built successful GTM sales execution strategies for early-stage SaaS software companies. Carl excels in building high performing teams and executing complex business transactions. He has a proven track record of generating revenue and growth through optimized sales processes, business development, marketing, partnership/alliances, and cross functional communication. Carl lives in Alexandria, VA with his family.