Apparently there is money to be made with AI-powered vulnerability remediation.

Today, New York based AI-powered cybersecurity startup Vicarious announced that it has raised $30 million in a Series B round of funding. 

The new round was led by Bright Pixel Capital, with participation from AllegisCyber Capital, AlleyCorp, and Strait.Total funding to date for the company now stands at $56 million.The new funding will be used to help the company to continue to build out its automated vulnerabilities management capabilities which increasing are powered by AI technologies.

Vicarius is aiming to transform the vulnerability management market with vRx, its end-to-end platform that uses AI to automate the discovery, prioritization and remediation of vulnerabilities. The company claims to have over 400 customers, including Fortune 500 companies like PepsiCo, Hewlett Packard Enterprise and Equinix. Vicarious also has an active community of researchers that contribute vulnerability management scripts via its vSociety community.  

This past summer, Vicarious released its vuln_GPT tool, which uses the power of generative AI to help individuals and organizations find and remediate software vulnerabilities. In the months since then, the capabilities of vuln_GPT as well the broader Vicarious platform have grown. 

“All the stuff that we’re doing around the product and around the company are definitely creating positive traction,” Michael Assraf, CEO of Vicarius, told TechForgePulse.

How vuln_GPT continues to advance security automation

With vuln_GPT, Vicarious has developed a large language model (LLM) technology for vulnerability management.

The basic promise of vuln_GPT is that with simple natural language queries, users can search for and find scripts that will help with vulnerability remediation. The script generation benefits from fine-tuning training for the LLM on Vicarius’ knowledge base and data.

Assraf said that since its initial introduction vuln_GPT has been updated with a stream of incremental updates. Of particular note he claimed that the accuracy of generated scripts has been significantly improved. Going a step further, there is now also a validation step before any generated script gets pushed up into Vicarious’ commercial product to ensure they are not malicious.

The scope of remediation has also been expanded. The initial release of vuln_GPT was focussed largely on Microsoft Windows systems. Assraf said that vuln_GPT now also supports Linux and Apple macOS vulnerabilities. Additionally, vuln_GPT is being expanded beyond just remediation scripts to also help users to generate vulnerability detection scripts.

Next up? AI powered compliance

Assraf has big plans for 2024 and putting the new money his company has raised to good use.

In addition to expanding the company’s go to market and sales efforts, Vicarious is also expanding its solution set. Among the new services coming in 2024 is the x_comply AI-driven compliance and benchmark tool.

“We are developing a cohesive language system designed to consolidate various streams of compliance documents and scripts into streamlined scripts,” Assraf said. “Our aim is to facilitate our customers in effortlessly identifying and addressing compliance discrepancies.”

TechForgePulse's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.