SANS partners with Elevate Security to shift the industry paradigm to solve for the human element

SANS Institute announces partnership with Elevate Security, a human risk management platform nominated by RSA Conference as a top ten most innovative startup.

SANS and Elevate Security are partnering to shift the industry paradigm to solve for the human element, with a data-driven approach focused on provable outcomes.

The partnership between SANS and Elevate Security combines the most trusted cybersecurity training provider with the most innovative technology, empowering security teams to reduce human risk and understand what interventions, training, and investments are yielding results.

“The industry has been trying to solve a decade old problem the wrong way. We’ve focused only on measuring what people know when, in fact, it’s what they do that matters most.” says Robert Fly, Co-Founder and CEO, Elevate Security, “We are excited to partner with SANS to shift the paradigm to focus on reducing human risk with measurable outcomes.”

Elevate Security’s innovative technology integrates and pulls data from security tools that organizations already use to help security teams holistically understand their human risk and automates delivering SANS best-in-class training to the right person at the right time based on weaknesses and habits unique to them.

“For decades, SANS has remained the thought leader in security awareness and training, with an army of industry experts developing world-class training that moves the industry forward,” says Masha Sedova, Co-founder and Chief Product Officer, Elevate Security. “We are honored to partner with SANS to measurably reduce human risk and prove efficacy and impact.”

“Masha and her team at Elevate Security are true innovators,” says Lance Spitzner, SANS Director of Security Awareness. “We are very excited to combine the world’s most effective security training content with the ability to both measure and motivate people down to the individual level.”

Elevate Security appoints Nicholas Telford as chief financial officer

Elevate Security, a platform that measures, influences, and reduces human cybersecurity risk, announced the appointment of Nicholas (Nick) Telford as chief financial officer. Telford will oversee Elevate Security’s long-term financial strategy, providing oversight and a roadmap to the organization’s growth plan.

“Having Nick join Elevate Security as our chief financial officer is a big win,” said Robert Fly, chief executive officer of Elevate Security.

“We’ve been impressed with Nick’s experience helping enterprise and security software companies grow. Nick brings deep knowledge in all aspects of finance and a passion for leading organizational transformation. We believe that Nick will enable us to move from early-stage to optimizing for continued success and sustained growth.”

Telford comes to Elevate Security with more than 25 years of experience in accounting, finance, and operations with a track record of building successful software companies. Most recently he was chief financial officer at Bugcrowd, a leading crowdsourced security platform.

Before Bugcrowd, Telford was previously chief financial officer of Perforce Software (acquired by Summit Partners) and his background includes AmberPoint (acquired by Oracle) and Ernst & Young. He is a certified public accountant and a Bay Area native.

Elevate Security just celebrated its three year founding anniversary and has seen tremendous growth in that short time. The company was just recently nominated as an RSA 2020 Innovation Sandbox Finalist.

“While I wasn’t planning to go back to an early stage business, there is something very special about Elevate Security, the product, the team, and the co-founders Robert and Masha,” said Telford.

“I am really honored to be here and play a leading role in Elevate Security’s financial success and position us to create value for our team and investors over the long term. I look forward to what’s in store for me here and am delighted to be part of this amazing team.”

RSA Conference announces finalists for Innovation Sandbox Contest 2020

RSA Conference announced the 10 finalists for its Innovation Sandbox Contest 2020. The competition calls on the most promising young companies in cybersecurity to showcase their transformative technologies to a panel of judges and live audience at RSA Conference 2020 in San Francisco. Past winners include Imperva, Phantom, and most recently, Axonius.

Innovation Sandbox Contest 2020

Dr. Herbert (Hugh) Thompson

On Monday, February 24, the finalists will present a three-minute pitch followed by a question-and-answer round as they battle on stage for the title of “Most Innovative Startup.” The renowned panel of expert judges includes:

  • Asheem Chandna, Partner, Greylock Partners
  • Scott Darling, President, Dell Technologies Capital
  • Dorit Dor, VP Products, Check Point Software Technologies
  • Patrick Heim, Partner and CISO ClearSky
  • Paul Kocher, Researcher and Entrepreneur.

Dr. Herbert (Hugh) Thompson, Program Committee Chair of RSA Conference, will return to host the contest.

The Innovation Sandbox Contest 2020 finalists (in alphabetical order) are:


AppOmni is a leading software-as-a-service (SaaS) security and management platform providing data access visibility, management, and security of SaaS solutions. AppOmni’s patent-pending technology deeply scans APIs, security controls, and configuration settings to secure mission-critical and sensitive data.

Blu Bracket

BluBracket is an enterprise security solution for code in a software-driven world. BluBracket gives companies visibility into where source code introduces security risk while also enabling them to fully secure their code—without altering developer workflows or productivity.

Elevate Security

Elevate Security solves for the human element. Using data companies already have, Elevate Security scores employee risk based on their security actions, showing actionable trends while delivering personalized communications that nudge employees to better security habits.


ForAllSecure aims to secure the world’s software. Using patented technology from CMU research, ForAllSecure delivers a next generation fuzzing solution to Fortune 1000 companies in telecom, aerospace, automotive and more. DARPA named ForAllSecure a Cyber Grand Challenge winner and MIT Tech Review named it one of the 50 Smartest Companies.

INKY Technology

INKY is an industry leader in mail protection powered by unique computer vision, artificial intelligence, and machine learning. The company’s flagship product, INKY Phish Fence, uses these novel techniques to “see” each email much like a human does, to block phishing attacks that get through every other system.

Obsidian Security

Obsidian Cloud Detection and Response delivers frictionless security for SaaS. Using a unique identity graph and machine learning, Obsidian stops the most advanced attacks in the cloud. Unified visibility across applications, users, and data provides threat detection, breach remediation, and security hardening with no production impact. is a leader in AI-powered PrivacyOps. Its solution automates privacy compliance with patent-pending People Data Graphs and robotic automation. It enables enterprises to give rights to people on their data, comply with global privacy regulations and build trust with customers.


Sqreen is the application security platform for the modern enterprise. Organizations of all sizes trust Sqreen to protect, observe and test their software. As opposed to pattern-based approaches, Sqreen analyses in-app execution in real time to deliver more robust security without compromising performance.

Tala Security

Tala safeguards the modern web against client-side risk. Tala’s AI-driven analytics engine continuously interrogates site architecture to work in concert with an advanced automation engine that activates standards-based security to prevent a broad range of client-side attacks like magecart, XSS, session re-directs, and client-side malware.

Vulcan Cyber

Vulcan is a vulnerability remediation and orchestration platform that is modernizing the way enterprises reduce cyber risk. With its remediation-driven approach, Vulcan automates and orchestrates the vulnerability remediation lifecycle, enabling security, operational and business teams to effectively remediate cyber risks at scale.

“The RSAC Innovation Sandbox has catapulted young companies to success for well over a decade. In fact, the top 10 finalists have collectively seen 48 acquisitions and raised $5.2 billion in investments to-date,” said Linda Gray Martin, Senior Director and General Manager, RSA Conference. “But what’s really exciting is how the competition has propelled the entire cybersecurity community forward by encouraging much-needed innovation and collaboration in an industry that faces new changes, threats and challenges every day. This year’s finalists will undoubtedly make for a tough decision for the judges and a must-see event for RSA Conference attendees.”

The contest kicks off at 1:30 PM PT on February 24 at the Moscone Center and winners will be announced at 4:30 PM that same day.