6 min Security

Dawnguard promises true shift-left: “The only solution is to build something that isn’t vulnerable”

Dawnguard promises true shift-left: “The only solution is to build something that isn’t vulnerable”

Cybersecurity starts at the foundation. And in many cases, that’s the underlying architecture or code. If it’s riddled with vulnerabilities, we’ll just be fighting a losing battle. The Dutch company Dawnguard (which, by the way, also has an office in New York) makes a platform generally available that aims to solve this problem once and for all. We spoke with founders Mahdi Abdulrazak (CEO) and Kim van Lavieren (CTO) to learn more about this platform.

“Why are we unable to develop secure systems?” Abdulrazak gets right to the point with this question. He’s been working in IT and security for about thirty years and has been seeing insecure systems for just as long. To make those systems more secure, organizations have to invest a lot of time, including in searching for and finding the right people. When he met Van Lavieren early last year, who had conducted PhD research on replacing (infrastructure) architects with AI, a few things fell into place. The result was the founding of Dawnguard.

In about ten months, Dawnguard raised six million euros and grew to thirty employees. During that time, the company worked with design partners to ensure it could bring something to market that truly fits the market. As of today, the time has come: the“security architecture automation platform,” as Dawnguard calls it, is generally available.

Not a new idea, but a new implementation

In a nutshell, Dawnguard’s platform is designed to ensure that the security of the IT infrastructure organizations build and deploy is more or less a given. In other words, it should become impossible to program infrastructure that is vulnerable. Another way to position Dawnguard’s platform is to say that it makes “shift-left” (the integration of security into development) more or less a given.

In and of itself, this is not a new idea or concept. There are all kinds of tools that ensure security is incorporated into the development process. Think, for example, of tools that scan code before it goes live, or scan a landing zone in the cloud before an application is put into production.

According to Abdulrazak, however, these types of tools do not scale to meet today’s demands. Partly because they are always incorporated too late in the process, and partly because, in his view, existing tooling simply cannot keep up with the machine scale at which attacks can be launched today. Consider, for example, all that the latest LLMs can uncover in organizations’ codebases. When you combine this with the ever-increasing complexity of digital infrastructure, it’s clear that something needs to be done. That’s the point he wants to make.

What is the basis of Dawnguard?

If we had to explain what Dawnguard does in a single sentence, it’s that it can read and map an organization’s entire underlying infrastructure. Not just once, but continuously. In this way, the Dawnguard platform also detects issues such as security drift in the architecture. That is, a discrepancy between how something was intended to work during development and how it actually functions in reality.

Dawnguard can do this for existing environments, as well as when developing new digital infrastructure. Currently, the focus is on mapping cloud infrastructure, but Van Lavieren indicates that on-premises support is definitely on the way.

Mapping the underlying infrastructure means that you not only know what you have (an absolute prerequisite for virtually everything these days), but you also understand how systems, networks, applications, integrations, and so on interact with one another. Furthermore, the Dawnguard platform also provides context, which is extremely important in cybersecurity. It does this by actively offering insights into the causes of any potential issues.

To properly map everything, the Dawnguard platform uses graph databases in combination with what Van Lavieren calls “micro-agentic swarms.” These swarms of tiny agents can examine specific components in extreme detail to extract as many insights as possible. These swarms also significantly improve reliability, he tells us. These very small agents use specific models that complement general AI models.

Much more than security

As mentioned, at launch, Dawnguard refers to itself as a security architecture automation platform. This might suggest that we’re dealing with a purely security-focused product. However, that’s not the case. Of course, security is one of the key priorities, but a FinOps approach can just as easily be adopted. “It’s about designing optimal architectures,” Van Lavieren explains. And organizations can determine for themselves what “optimal” means. If their primary goal is to keep costs low, they can use that as their starting point. If the focus is on sustainability or, conversely, on maximum performance, they can view it through that lens. The security lens is always included though.

With this approach, Dawnguard is not a “standard” security company. Such companies are often extremely binary; something is either secure or it isn’t. One might say that Dawnguard is more of a development platform than a security platform. You can use it to fully automatically generate Infrastructure-as-Code that’s ready for production, according to the team at Dawnguard. Developers have been the primary users among most customers so far, Van Lavieren explains. Security teams come in second.

One of the ways customers often use the Dawnguard platform is to navigate compliance hurdles. They can upload policy documents and other documentation, and the platform translates that into concrete steps to make the infrastructure compliant.

It should be noted, however, that Dawnguard also faces challenges regarding what it can independently detect within a customer’s environment. That’s why it collaborates with partners, such as Hadrian Security, which focuses on Attack Surface Management and agent-based penetration testing. Dawnguard incorporates input from such tools.

Can Dawnguard truly bring development and security together?

The founders of Dawnguard have big ambitions. “The speed at which you can build exploits these days is staggering. So the only solution is to build something that isn’t vulnerable,” Abdulrazak briefly summarizes once again. This is because the “real compromise often lies in the architecture.” The fact that they’ve already opened an office in New York indicates that they’re clearly thinking beyond the Netherlands.

Based on what we’ve heard from Abdulrazak and Van Lavieren, and certainly also on the demo we were shown a while back, we find Dawnguard a very intriguing new start-up. Developing software and digital infrastructure where cybersecurity is, so to speak, a given, because it’s built right in, without causing any hassle for developers, is something you could certainly call the holy grail.

Add to that the many other approaches organizations can take when it comes to determining what constitutes optimal architecture, for example, to keep costs as low as possible, and Dawnguard becomes even more relevant. However, the foundation for everything is and remains security. The architecture you build using this platform must always inherently include all the necessary security measures.

An additional benefit of using the Dawnguard platform is something that has long been sought after: the people responsible for building the infrastructure and those responsible for securing it work in the same environment/workspace. This is an important step toward greater understanding between teams and, ultimately, a better underlying architecture for organizations.

Read also: Post-Mythos security is still very much pre-Mythos security