Unxpose tracks security gaps before hackers can find them
Unxpose's founders: Josemando Sobral, Tiago Assumpção and Patrick Costa. Photo: Thiago Queiroz/Courtesy

Unxpose tracks security gaps before hackers can find them

With an eye on a booming market – both in investments and in demand due to the increase in global cybercrime – Unxpose has developed a solution to identify system flaws ahead of criminals

Ler em português

The global cost of cybercrime to companies may reach $6 trillion by 2021, according to a study by the German consulting firm Roland Berger. The survey also shows that Brazil is among the main targets – in the first half of this year, there were 9.1 million occurrences, more than the total of the last year.

On the one hand, the increase in cybercrimes has left thousands of companies with their ears perked. On the other hand, it has driven the development of innovative cybersecurity solutions and boosted the cyber tech ecosystem. According to a recent report by the Distrito, between 2013 and 2021 the sector raised $388 million in investments in Brazil, $282 million of which were invested in the last two years.

READ ALSO: Edtech giants are poised for ascension

Although the picture is promising for new businesses, Brazil ranks 42nd among 50 countries evaluated regarding education in cyber risk, according to a ranking by consultancy Oliver Wyman. In other words, there are cybercrimes and there are innovative solutions to prevent them, but, before that, there is still a lack of awareness about what cybersecurity is and how to implement it. 

Unxpose was born to solve this particular issue. The cyber tech was founded in October 2020 by Josemando Sobral, Patrick Costa, and Tiago Assumpção, who have worked for companies such as BlackBerry, Tempest Security Intelligence, DrumWave, and Colab.

Unxpose has built a solution that monitors the internet 24/7 for data leaks and security loopholes in websites, apps, and cloud systems used by any company. Once the security flaws are identified, the startup‘s system explains how to fix them.

READ ALSO: Brazilian Y Combinator-backed Jestor helps companies to run with a no-code platform

Sobral told LABS that the whole idea of Unxpose is to democratize cybersecurity knowledge and help companies understand when they are vulnerable and what risks they are subject to, in an easy way. “We built Unxpose as a solution to simplify security in the digital environment.” 

Starting in 2019 more and more cybersecurity issues started to emerge and we realized that there was no such thing as a cybersecurity product for non-security professionals. Most products target analysts and specialists. We saw an opportunity there. We saw that there is room for a product that translates cybersecurity data to anyone. Even more so when virtually every company, regardless of sector and size, has some online presence and depends to a greater or lesser extent on digital services and operations.

Josemando Sobral, CEO of Unxpose

The company’s software solution also gives scores for each company’s cybersecurity status, considering five areas – Web, DNS, Cloud, People, and Network. Then the company receives an overall security score. Unxpose’s ace in the hole is to deliver this diagnosis in plain language. For example, the People Exposure score relates to exposed credentials (such as emails and passwords), while the Cloud Security score points to possible cracks in the cloud infrastructure. 

Unxpose’s interface. Image: Courtesy

Almost one year-old, Unxpose has already raised its first round of investment led by venture capital firm Canary. The fundraising also included the participation of Norte Ventures and angel investors such as Rodrigo Jorge, from Neoway, Julian Tonioli, founding partner of Auddas, Rodrigo Schmidt, engineering director at Facebook, Leo Pinho, CEO at Hent, Wagner Elias, CEO at Conviso, and Kiko Lumark, founder of Valutia.

According to Sobral, the goal now is to expand the customer portfolio and improve the product, which is currently offered in three modalities, according to the size of the client company, through an annual subscription plan.

Free security diagnostics

A few days ago, Unxpose launched a free feature to help companies to check how exposed and vulnerable they are to a cyber attack. The test generates an exposure score and a kind of diagnosis that points out how many vulnerabilities the company has and how many corporate accounts have been targeted for leakage. 

READ ALSO: DIVI•hub, an app that makes fans partners of their idols, raises $2.4 million and prepares to launch in the U.S.

Sobral explains that the free test has to do with the startup‘s purpose, to democratize the knowledge about cybersecurity. According to him, the illusion of security is still common in Brazil, many companies believe they are safe because they are not very large or popular, for example. “But in fact, hacker attacks are not targeted.” 

Unxpose’s diagnostic generates an overall exposure score in three areas: domain vulnerability (DNS), website vulnerability, and people exposure. In the report, companies will have a score for each area and how many vulnerabilities and credentials were exposed. The grades, which range from A to F, are assigned from a proprietary algorithm that takes into account the relevance of the security flaws found, the potential impact of each, and the likelihood of them being used by cybercriminals.

READ ALSO: Marco DeMello, from CyberLabs Group: “AI will change our world in ways that we can’t even predict right now”

“We reduce the companies’ exposure on the Internet. We look from the outside in, we look at what a hacker could see and attack,” said Sobral.

To do the test and find out how vulnerable your site is to cyberattacks, just visit the Unxpose site and fill out a registration form. The software sends a link to the diagnostic report within half an hour. According to the startup, the test does not use the private information of companies and is made through monitoring security flaws in visible and open data on the Internet.