Zafran Security
Category: AI in Cybersecurity
An AI-native Threat Exposure Management platform that utilizes 'Agentic AI' to mobilize existing security controls for automated risk mitigation and vulnerability remediation. Zafran Security was founded in 2022. The company is led by Sanaz Yashar. Based in New York, United States. Team size: 51-200. Total funding raised: $130.0M. Latest round: Series C ($60.0M, Dec 2025). Key investors include Menlo Ventures, Sequoia Capital, Cyberstarts, PSP Growth.
- Founded
- 2022
- Headquarters
- New York, United States
- Team size
- 51-200
- Total funding
- $130.0M
Value proposition
Bridges the gap between vulnerability discovery and remediation by using 'Agentic AI' to automatically apply fixes and mitigations via existing tools (EDR, Firewalls, Identity) without waiting for patches, significantly reducing the 'mean time to mitigate'.
Products and solutions
Zafran Threat Exposure Management Platform (Core), Zafran Detector (Continuous, agentless vulnerability discovery module), RemOps (Remediation Operations automation), Mitigation Knowledgebase (Library of control-based fixes)
Unique value
Pioneered the concept of 'Mitigation' over 'Patching' by mapping vulnerabilities directly to available compensating controls (e.g., blocking an exploit path via a firewall rule instead of patching the server).
Target customer
Enterprise CISOs, Security Operations (SecOps), and Vulnerability Management teams in mid-to-large enterprises (Fortune 500).
Industries served
Financial Services, Healthcare, Technology / SaaS, Critical Infrastructure
Technology advantage
The 'Zafran Detector' (launched Aug 2025) combined with their proprietary 'Mitigation Knowledgebase' creates a closed-loop system that not only finds bugs but autonomously 'defuses' them using the client's existing security stack (API-based Control Mobilization).
How they differentiate
Pioneered 'Agentic AI' for automated mitigation that mobilizes existing security controls (EDR, Firewalls, Identity) to block exploits before patching, unlike competitors that focus primarily on visibility or prioritization.
Main competitors
Wiz, Vulcan Cyber, Veriti
Key partnerships
Endpoint Security: CrowdStrike, SentinelOne, Microsoft Defender, Cloud & Identity: Wiz, Okta, AWS, Workflow: ServiceNow (Strategic integration for remediation tickets), Investors: Menlo Ventures, Sequoia Capital, Cyberstarts (Series C leads)
Notable customers
Fortune 500 Enterprises, Healthcare Organizations, Financial Services Firms
Major milestones
Emerged from stealth with $30M+ funding in March 2024, Launched 'Zafran Detector' and 'Agentic Exposure Management' platform, Secured $60M Series C led by Menlo Ventures in Dec 2025
Growth metrics
Tripled Annual Recurring Revenue (ARR) between Sept 2024 and Dec 2025; Doubled valuation in Series C
Market positioning
Fast-growing Threat Exposure Management (CTEM) leader challenging incumbents like Tenable/Qualys
Geographic focus
North America (Sales/HQ), Israel (R&D)
Patents and IP
6+ patents filed, including US-12141297 covering real-time inspection and mitigation triggering technology.
About Sanaz Yashar
15+ years in Unit 8200 (IDF); Former Director of Threat Intelligence at Mandiant and FireEye; Expert in cyber threat intelligence and offensive operations.
Official website: https://www.zafran.io/