Breaking the Cycle of Ineffective Vulnerability Management with its Purpose-Built Solution Harnessing Runtime Insights

AUSTIN, Texas–(BUSINESS WIRE)–Spektion, an emerging leader in software vulnerability management, announces the general availability of its purpose-built solution, Spektion, which enables vulnerability management teams to proactively address software risks based on their runtime behavior. This launch marks Spektion’s emergence from stealth mode after months of research and development, in collaboration with early customers, to create a robust solution, built by practitioners for practitioners, that leverages runtime data and software behavior analytics. Their technological innovation and go-to-market strategy are backed by $5M in seed funding led by LiveOak Ventures.

Spektion is a unique solution created for security teams by security experts to tackle a massive gap in software security:

• CEO and Co-founder Joe Silva previously served as the Global CISO of Jones Lang LaSalle (JLL) and the Senior VP of Cybersecurity and Fraud at TransUnion.
• CTO and Co-founder Josh Skorich founded the Dolos Group, a premier boutique consulting practice specializing in red teaming and vulnerability research, and previously led Red Team at TransUnion.
• R&D Head and Co-founder Julien Maladrie held senior roles in offensive security and malware research with JLL, TransUnion, Symantec, and the European Commission.

Addressing Legacy Vulnerability Management Issues: Vulnerability Management 2.0

During their tenure, Silva, Skorich, and Maladrie identified a persistent flaw in legacy software vulnerability management: the critical lack of real insights, beyond CVE disclosures, into how software can be exploited and the impact of exploitation based on its system access and behavior. They saw this problem getting worse with the advent of AI-generated software proliferating, particularly internally developed software used within organizations and outside the typical scope of CVE discovery. They concluded that legacy solutions relying primarily on CVEs offer teams outdated, inadequate, and low-quality data that fail to sufficiently prioritize patching and enable mitigation solutions.

“We founded Spektion to break the cycle of ineffective vulnerability management,” said Silva. “The current approach is reactive, inefficient, and fails to significantly reduce risk, despite considerable resource investments. Today’s software vulnerability management for commercial, open source, and homegrown applications is stuck in the same paradigm as early antivirus solutions — relying on static data points that can’t keep pace with the dynamic nature of vulnerabilities and lacking the insights that runtime solutions offer. This outdated approach leaves organizations perpetually vulnerable, just as traditional antivirus eventually proved inadequate against evolving threats such as zero days and sophisticated malware.”

Funding

Spektion’s seed funding round allowed the company to address these issues head-on by building the first solution that uses runtime data and software behavior analytics to identify and expose actual risks introduced by software (commercial, open source, or internally developed).

The $5 million seed funding round was led by LiveOak Ventures, an Austin-based venture capital firm that invests in exceptional founders from Texas. The round also includes participation from Tau Ventures and Dauntless Ventures.

“Vulnerability management – one of the critical functions of every cybersecurity team – is fundamentally broken. It’s stuck in a never-ending, reactive struggle with backlogs that continue to grow,” said Creighton Hicks, Partner at LiveOak Ventures. “We are excited to partner with the Spektion team to solve one of today’s biggest challenges in cybersecurity. Their deep operational and domain expertise has led them to a revolutionary approach that enables security teams to be proactive and stay ahead of the problem. Spektion has hit the ground running, signing up blue-chip customers less than a year since its founding—a testament to both the unmet demand for such a solution and the Spektion team’s ability to capture it.”

With Spektion, security teams can measure software security risks and continuously monitor for new exploitable risks that have not yet been disclosed as CVEs. They then can understand the potential impact of exploits to prioritized remediation, and via integrations with leading threat detection and response solutions, implement controls to detect and prevent risks that can’t be immediately remediated.

Breaking the Cycle of Vulnerability Management Whack-a-Mole

Spektion does not rely on static data or predefined vulnerabilities like traditional legacy vulnerability management tools. Spektion’s unique technology provides actionable insights into runtime vulnerabilities of software. This allows organizations to identify and mitigate risks before they escalate into critical issues.

Key features of Spektion are:

• Complete software visibility: Identify all software in your environment, including hidden applications that other tools miss.
• Contextual risk assessment: Analyze application behavior specific to enterprise configurations to reflect the actual risk to their environment
• Comprehensive risk intelligence: Continuously monitor software based on runtime behavior, uncovering risks beyond standard CVE databases.
• Intelligent prioritization: Combine runtime context with CVE data to focus remediation efforts where they matter most.
• Seamless integration: Connect with leading security solutions for enhanced exploitation detection.
• Lightweight deployment: Gain comprehensive visibility with minimal overhead for implementation and management.

“Spektion’s entire basis comes from a red teaming perspective,” said Spektion CTO and Co-founder Josh Skorich. “In a perfect world with unlimited resources, organizations would continuously red team their software to model risks and identify mitigations. We built Spektion as a solution to continuously purple team all of your software, ensuring your risk visibility and threat defenses stay on par with the evolving risks in your environment. All baked into one solution. There are no other solutions, currently, that do what we do.”

Static solutions that lag vulnerability disclosure and exploitation will never create a hardened attack surface, but organizations no longer have to engage in vulnerability management like a game of whack-a-mole. Spektion’s approach breaks the cycle to increase the efficacy of their vulnerability management by enabling continuous security assessment of software at scale and providing tailored threat mitigations.

Spektion is also debuting its first white paper titled “Proactive Security: Transforming Vulnerability Management with Runtime Intelligence” which you can download here.

To learn more about Spektion’s software behavioral analytics solution and how it propels vulnerability management into modern security needs, visit the Spektion team at RSA Conference 2025, Booth ESE-36 in ESE South Level 2, Moscone Center, San Francisco, April 28th – May 1st, or visit us at https://www.spektion.com/.

About Spektion

Spektion is revolutionizing software security by equipping organizations with proactive vulnerability management solutions. By integrating advanced technology with the extensive expertise of security leaders from global enterprises, offensive security, and intelligence operations, Spektion effectively addresses the critical gap in software supply chain security. Understanding organizations’ real-world challenges, Spektion delivers solutions that go beyond reactive measures, ensuring customers remain ahead of evolving threats. To learn more, visit https://spektion.com.

Contacts

Media Contacts
Casie Abello, Spektion
casie@spektion.com

Ryan Romana
Touchdown PR for Spektion
Spektion@touchdownpr.com

(c)2025 Business Wire, Inc., All rights reserved.