cybersecurity

Auto Added by WPeMatico

Cyware nabs $30M to help organizations detect and stop advanced cyberattacks

Malicious hacking has become a pernicious and dogged fact of life for more organizations, and it’s a threat that has seemingly grown more complicated and sophisticated over time. One effective approach to tackling that has been collaboration: not just applying an array of services to address the issue, but creating environments to help those building cybersecurity to work better together. Today one of the startups building tools to do just that is announcing a round of funding, underscoring the opportunity and its own growth within that.

Cyware, a New York startup that has created a platform for organizations to build and operate virtual “cyber fusion centers” — spaces for people to share threat intelligence, run end-to-end security automation and orchestrate and execute 360-degree threat responses — has picked up $30 million in funding, a Series B that it will use to continue growing its business.

The funding is being co-led by Advent International and Ten Eleven Ventures. Advent made some waves in the cybersecurity industry last year when it partnered with Crosspoint to acquire Forescout for $1.9 billion. Ten Eleven, meanwhile, is a VC that specializes in cybersecurity startups. Prelude Fund (the venture practice at Mercato Partners), Emerald Development Managers, Great Road Holdings and cloud security firm Zscaler — a mix of financial and strategic investors — also participated. Before this, the startup had raised around $13 million, and it is not disclosing its valuation.

The story of the last year in the world of business has been about how everything has gone online: people and their companies have been working remotely; consumers are browsing, buying and entertaining themselves over the internet and with apps. Digital is where all the traffic is.

Unsurprisingly that has also played out in the world of cybersecurity: the threat landscape has grown, and so cybersecurity responses have grown with them. Cyware said that in the last year it saw 120% year-over-year growth in annual recurring revenue — although it doesn’t disclose actual revenue figures. Its customers are a mix of large enterprises, but also those that both collaborate with others to manage cybersecurity, such as information sharing communities (ISACs), as well as organizations that manage cybersecurity on behalf of a number of others, such as managed security service providers and computer emergency response teams.

Although many might have in their heads a stereotype of a malicious hacker who sits alone in a darkened room with a determined look in his/her eye, the reality is more likely to be a collaboration between a number of people, providing tips, technology and threads that are developed, and so on. Cyware, in its focus on providing a platform for collaboration and creating operations centers, seems to take the same approach in what it has built, a platform to make collaborating easier and part of the solution.

It does so through security orchestration, automation and response (known as SOAR), used by teams to collaborate better and make more informed threat scoring, and to respond better to threat alerts. Indeed, a key part of the challenge for a lot of security services is that they cross multiple parts of organizations, including IT, compliance, trust and safety, and indeed security itself. One aim of Cyware is to create a platform for these all to meet and exchange information that could be helpful to others in one place.

“Over the past decade, security operations teams have had difficulty with trying to sift through copious amounts of threat data and lacked the humans’ role as part of their security orchestration strategies,” said Anuj Goel, PhD, co-founder and CEO of Cyware, in a statement. “Our goal with our Virtual Cyber Fusion platform is to help our customers unite their security teams to efficiently respond to high-priority threats by connecting the dots in their environments, and the momentum we’re experiencing is proof that we are executing on that mission. This Series B financing will help us continue to overdeliver for customers, expand our team, improve our platform and truly revolutionize how security operations and threat intelligence teams work together.”

Goel, who co-founded the company with CTO Akshat Jain, cut his teeth in a big security team, as head of global cyber strategy for Citi. He is also an advisor for the Centre for Strategic Cyberspace in London and has worked with other organizations on collaborative approaches to the problem and consequences of malicious hacking.

Investors will have not just been looking at the company’s growth, but also the list of customers — themselves also leaders in cyber — that are trusting Cyware.

“In our increasingly connected environment, companies of all sizes are demanding new and innovative cybersecurity solutions,” said Eric Noeth, principal, Advent International, in a statement. “Cyware’s early traction among leading enterprises and major ISACs reflects its unique ability to bring together all key security functions to seamlessly anticipate, contextualize and remediate threats. We look forward to drawing on our experience in this sector to help the talented Cyware team make its Virtual Cyber Fusion platform the gold standard technology for enterprises around the world.”

Powered by WPeMatico

Why ‘blaming the intern’ won’t save startups from cybersecurity liability

SolarWinds is back in hot water after a shareholder lawsuit accused the company of poor security practices, which they say allowed hackers to break into at least nine U.S. government agencies and hundreds of companies.

The lawsuit said SolarWinds used an easily guessable password “solarwinds123” on an update server, which was subsequently breached by hackers “likely Russian in origin.” SolarWinds chief executive Sudhakar Ramakrishna, speaking at a congressional hearing in March, blamed the weak password on an intern.

There are countless cases of companies bearing the brunt from breaches caused by vendors and contractors across the supply chain.

Experts are still trying to understand just how the hackers broke into SolarWinds servers. But the weak password does reveal wider issues about the company’s security practices — including how the easily guessable password was allowed to be set to begin with.

Even if the intern is held culpable, SolarWinds still faces what’s known as vicarious liability — and that can lead to hefty penalties.

Powered by WPeMatico

YL Ventures sells its stake in cybersecurity unicorn Axonius for $270M

YL Ventures, the Israel-focused cybersecurity seed fund, today announced that it has sold its stake in cybersecurity asset management startup Axonius, which only a week ago announced a $100 million Series D funding round that now values it at around $1.2 billion.

ICONIQ Growth, Alkeon Capital Management, DTCP and Harmony Partners acquired YL Venture’s stake for $270 million. This marks YL’s first return from its third $75 million fund, which it raised in 2017, and the largest return in the firm’s history.

With this sale, the company’s third fund still has six portfolio companies remaining. It closed its fourth fund with $120 million in committed capital in the middle of 2019.

Unlike YL, which focuses on early-stage companies — though it also tends to participate in some later-stage rounds — the investors that are buying its stake specialize in later-stage companies that are often on an IPO path. ICONIQ Growth has invested in the likes of Adyen, CrowdStrike, Datadog and Zoom, for example, and has also regularly partnered with YL Ventures on its later-stage investments.

“The transition from early-stage to late-stage investors just makes sense as we drive toward IPO, and it allows each investor to focus on what they do best,” said Dean Sysman, co-founder and CEO of Axonius. “We appreciate the guidance and support the YL Ventures team has provided during the early stages of our company and we congratulate them on this successful journey.”

To put this sale into perspective for the Silicon Valley and Tel Aviv-based YL Ventures, it’s worth noting that it currently manages about $300 million. Its current portfolio includes the likes of Orca Security, Hunters and Cycode. This sale is a huge win for the firm.

Its most headline-grabbing exit so far was Twistlock, which was acquired by Palo Alto Networks for $410 million in 2019, but it has also seen exits of its portfolio companies to Microsoft, Proofpoint, CA Technologies and Walmart, among others. The fund participated in Axonius’ $4 million seed round in 2017 up to its $58 million Series C round a year ago.

It seems like YL Ventures is taking a very pragmatic approach here. It doesn’t specialize in late-stage firms — and until recently, Israeli startups always tended to sell long before they got to a late-stage round anyway. And it can generate a nice — and guaranteed — return for its own investors, too.

“This exit netted $270 million in cash directly to our third fund, which had $75 million total in capital commitments, and this fund still has six outstanding portfolio companies remaining,” Yoav Leitersdorf, YL Ventures’ founder and managing partner, told me. “Returning multiple times that fund now with a single exit, with the rest of the portfolio companies still there for the upside is the most responsible — yet highly profitable path — we could have taken for our fund at this time. And all this while diverting our energies and means more towards our seed-stage companies (where our help is more impactful), and at the same time supporting Axonius by enabling it to bring aboard such excellent late-stage investors as ICONIQ and Alkeon — a true win-win-win situation for everyone involved!”

He also noted that this sale achieved a top-decile return for the firm’s limited partners and allows it to focus its resources and attention toward the younger companies in its portfolio.

Powered by WPeMatico

SentinelOne, an AI-based endpoint security firm, confirms $267M raise on a $3.1B valuation

This year, more than ever before because of the COVID-19 pandemic, huge droves of workers and consumers have been turning to the internet to communicate, get things done and entertain themselves. That has created a huge bonanza for cybercriminals, but also companies that are building tools to combat them.

In the latest development, an Israel-hatched, Mountain View-based enterprise startup called SentinelOne — which has built a machine learning-based solution that it sells under the brand Singularity that works across the entire edge of the network to monitor and secure laptops, phones, containerised applications and the many other devices and services connected to a network — has closed $267 million in funding to continue expanding its business to meet demand, which has seen business boom this year. Its valuation is now over $3 billion.

Given the large sums the company has now raised — $430 million to date — the funding will likely be used for acquisitions (cyber is a very crowded market and will likely see some strong consolidation in the coming years), as well as more in-house development and sales and marketing. Earlier this year, CEO and founder Tomer Weingarten told me that an IPO “would be the next logical step” for the company. “But we’re not in any rush,” he said at the time. “We have one to two years of growth left as a private company.”

SentinelOne contacted TechCrunch with the above details but said that an official press release was due only to be released at 3 p.m. U.K. time. We’ll update with more details if they’re available when they are published. In the meantime, other outlets such as Calcalist in Israel (in Hebrew) have also published these details. And it should be noted that the round was rumored for almost a month ahead of this, although the sums raised were off by quite a bit: the reports had said $150-200 million.

(Side note: Why the pointless games with timings and exclusives? Who knows — I certainly don’t. )

This round included Tiger Global, Sequoia, Insight Partners, Third Point Ventures and Qualcomm Ventures . It looks like Sequoia — which is currently building up a new European operation to look more closely at opportunities on this side of the globe — is the only new name in that list. The others have all backed SentinelOne in previous rounds.

It was only in February of this year that SentinelOne had raised $200 million at a $1.1 billion valuation.

The rapid fundraising, from a top-shelf list of firms, is a notable aspect of this story.

In the world of startups, we are firmly living in a time when investors are looking for strong opportunities to back companies that are shining in a market that is particularly challenging. COVID-19 has all but decimated the travel industry and live in-person event industry, among others.

But services that are helping people continue to live their lives, and those that are helping find a cure or at least solutions to minimise the impact, are very much in demand.

The cybersecurity market — in particular companies that are providing solutions that can immediately prove to be effective in what is an increasingly sophisticated threat landscape — is incredibly active right now, even more than it already was.

“Around 450 cybersecurity companies are operating in Israel, constituting 5% of the global cybersecurity market, in some cyber segments the two world leaders are by Israeli founders like CheckPoint and Palo Alto,” noted Avihai Michaeli, an advisor who scouts startups for corporate VCs.

Within that, endpoint security, the area where SentinelOne concentrates its efforts, is particularly strong. Last year, endpoint security solutions was estimated to be around an $8 billion market, and analysts project that it could be worth as much as $18.4 billion by 2024.

While SentinelOne has a lot of competitors — they include Microsoft, CrowdStrike, Kaspersky, McAfee and Symantec — it is also a strong player in the market. Relying on the advances of AI and with roots in the Israeli cyberintelligence community, its platform is built around the idea of working automatically not just to detect endpoints and their vulnerabilities, but to apply behavioral models, and various modes of protection, detection and response in one go.

“We are seeing more automated and real-time attacks that themselves are using more machine learning,” Weingarten said to me this year. “That translates to the fact that you need defence that moves in real time as with as much automation as possible.”

As of February, it had 3,500 customers, including three of the biggest companies in the world, and “hundreds” from the global 2,000 enterprises, with 113% year-on-year new bookings growth, revenue growth of 104% year-on-year and 150% growth year-on-year in transactions over $2 million. Those numbers will have likely grown significantly since then. (We’ll update as and when we learn more.)

Powered by WPeMatico

Hunters raises $15M Series A for its threat-hunting platform

Hunters, a Tel Aviv-based cybersecurity startup that helps enterprises defend themselves from intruders and analyze attacks, today announced that it has raised a $15 million Series A funding round from Microsoft’s M12 and U.S. Venture Partners. Seed investors YL Ventures and Blumberg Captial also participated in this round, as well as new investor Okta Ventures, the venture arm of identity provider Okta. With this, Hunters has now raised a total of $20.4 million.

The company’s SaaS platform basically automates the threat-hunting processes, which has traditionally been a manual process. The general idea here is to take as much data from an enterprise’s various networking and security tools to detect stealth attacks.

“Hunters is basically this layer, a cognitive layer or connective tissue that you put on top of your telemetry stack,” Hunters co-founder and CEO Uri May told me. “So you have your [endpoint detection and response], your firewalls, cloud, production environment sensors — and all of those are shooting telemetry and detections all over the organization, generating huge amounts of data. And, basically, our place in the world depends on our ability to generate that delta. So without being able to find things that you can’t see with a single point solution or without really expediting response procedures and workflows by correlating things in a nontrivial way, we don’t have any excuse to exist. But we got pretty good at those — at showing that delta — and we onboarded customers — nice logos — and that was a very strong validation.”

Image Credits: Hunters

Hunters’ first customer was actually data management service Snowflake, which functioned as the company’s design partner. In addition to being a customer, Snowflake now also features Hunters in its partner marketplace, as does security service CrowdStrike. May also noted that Crowdstrike is a good example for the kind of customer Hunters is going after.

“Not necessarily Global 2000 or Fortune 500. It’s really high-end mid-market organizations, not necessarily tens of thousand employees, but billions of dollars in revenues, a lot of value at risk, born to the cloud, super mature tech stack, not necessarily a big security operation center, but definitely CISO and a team of security engineers and analysts, and they’re looking for the solution, that on-top solution that can make sense of a lot of the data and give them the confidence and also give them results in terms of cybersecurity, posture and their detection and response capabilities.”

Microsoft already has a large security development center in Israel and so it’s no surprise that Hunters appeared on the company’s radar. Hunters also spent some time proactively looking at the Microsoft ecosystem, May told me, but the company’s VCs also made some introductions. All of this culminated in a number of meetings at the Tel Aviv CyberTech conference in January and the RSA Conference in San Francisco in February, just before the coronavirus pandemic essentially shut down travel.

Hunters says it will use the new funding to build out its go-to-market capabilities in the U.S. and expand its R&D team in Israel. As for the product itself, the company will look to broaden its product integration and machine learning capabilities to help it generate better attack stories. May also noted that it plans to give its users capabilities to customize the system for their needs by allowing them to develop their own signals and detections to augment the company’s default tools. This, May argued, will allow the company to go after higher-end enterprise customers that already have threat-hunting teams but that are looking to automate more of the process. With that, it will also look to partner with other security firms to leverage its system to provide better services to their customers as well.

Powered by WPeMatico

6 CISOs share their game plans for a post-pandemic world

Oren Yunger
Contributor

Oren Yunger is an investor at GGV Capital, focused on enterprise IT infrastructure, development tools and cybersecurity. He was previously chief information security officer at a SaaS company and a public financial institution.

Like all business leaders, chief information security officers (CISOs) have shifted their roles quickly and dramatically during the COVID-19 pandemic, but many have had to fight fires they never expected.

Most importantly, they’ve had to ensure corporate networks remain secure even with 100% of employees suddenly working from home. Controllers are moving millions between corporate accounts from their living rooms, HR managers are sharing employees’ personal information from their kitchen tables and tens of millions of workers are accessing company data using personal laptops and phones.

This unprecedented situation reveals once and for all that security is not only about preventing breaches, but also about ensuring fundamental business continuity.

While it might take time, everyone agrees the pandemic will end. But how will the cybersecurity sector look in a post-COVID-19 world? What type of software will CISOs want to buy in the near future, and two years down the road?

To find out, I asked six of the world’s leading CISOs to share their experiences during the pandemic and their plans for the future, providing insights on how cybersecurity companies should develop and market their solutions to emerge stronger:

The security sector will experience challenges, but also opportunities

The good news is, many CISOs believe that cybersecurity will weather the economic storm better than other enterprise software sectors. That’s because security has become even more top of mind during the pandemic; with the vast majority of corporate employees now working remotely, a secure network has never been more paramount, said Rinki Sethi, CISO at Rubrik. “Many security teams are now focused on ensuring they have controls in place for a completely remote workforce, so endpoint and network security, as well as identity and access management, are more important than ever,” said Sethi. “Additionally, business continuity and disaster recovery planning are critical right now — the ability to respond to a security incident and have a robust plan to recover from it is top priority for most security teams, and will continue to be for a long time.”

That’s not to say all security companies will necessarily thrive during this current economic crisis. Adrian Ludwig, CISO at Atlassian, notes that an overall decline in IT budgets will impact security spending. But the silver lining is that some companies will be acquired. “I expect we will see consolidation in the cybersecurity markets, and that most new investments by IT departments will be in basic infrastructure to facilitate work-from-home,” said Ludwig. “Less well-capitalized cybersecurity companies may want to begin thinking about potential exit opportunities sooner rather than later.”

Powered by WPeMatico

Axonius nabs $58M for its cybersecurity-focused network asset management platform

As companies get to grips with a wider (and, lately, more enforced) model of remote working, a startup that provides a platform to help track and manage all the devices that are accessing networked services — an essential component of cybersecurity policy — has raised a large round of growth funding. Axonius, a New York-based company that lets organizations manage and track the range of computing-based assets that are connecting to their networks — and then plug that data into some 100 different cybersecurity tools to analyse it — has picked up a Series C of $58 million, money it will use to continue investing in its technology (its R&D offices are in Tel Aviv, Israel) and expanding its business overall.

The round is being led by prolific enterprise investor Lightspeed Venture Partners, with previous backers OpenView, Bessemer Venture Partners, YL Ventures, Vertex, and WTI also participating in the round.

Dean Sysman, CEO and Co-Founder at Axonius, said in an interview that the company is not disclosing its valuation, but for some context, the company has now raised $95 million, and PitchBook noted that in its last round, a $20 million Series B in August 2019, it had a post-money valuation of $110 million.

The company has had a huge boost in business in the last year, however — especially right now, not a surprise for a company that helps enable secure remote working, at a time when many businesses have gone remote in an effort to follow government policies encouraging social distancing to slow the spread of the coronavirus pandemic. As of this month, Axonius has seen customer growth increase 910% compared to a year ago.

Sysman said that this round had been in progress for some time ahead of the announcement being made, but the final stages of closing it were all done remotely last week, which has become something of a new normal in venture deals at the moment.

“We’ve all been staying at home for the last few weeks,” he said in an interview. “The crisis is not helping with deals. It’s making everything more complex for sure. But specifically for us there wasn’t a major difference in the process.”

Sysman said that he first thought of the idea for Axonius when at a previous organization — his experience includes several years with the Israeli Defense Forces, as well as time at a startup called Integrity Project, acquired by Mellanox — where he realised the organization itself, and all of its customers, never actually knew how many devices accessed their network, which is a crucial first step in being able to secure any network.

“Every CIO I met I would ask, do you know how many devices you have on your network? And the answer was either ‘I don’t know,’ or big range, which is just another way of saying, ‘I don’t know,’” Sysman said. “It’s not because they’re not doing their jobs but because it’s just a tough problem.”

Part of the reason, he added, is because IP addresses are not precise enough, and de-duplicating and correlating numbers is a gargantuan task, especially in the current climate of people using not just a multitude of work-provided devices, but a number of their own.

That was what prompted Sysman and his cofounders Ofri Shur and Avidor Bartov to build the algorithms that formed the basis of what Axonius is today. It’s not based on behavioural data as some cybersecurity systems are, but something that Sysman describes as “a deterministic algorithm that knows and builds a unique set of identifiers that can be based on anything, including timestamp, or cloud information. We try to use every piece of data we can.”

The resulting information becomes a very valuable asset in itself that can then be used across a number of other pieces of security software to search for inconsistencies in use (bringing in the behavioural aspect of cybersecurity) or other indicators of malicious activity — specifically following the company’s motto, “Know Your Assets, Identify Gaps, and Automate Security Policy Enforcement” — even as data itself may seem a little pedestrian on its own.

“We like to call ourselves the Toyota Camry of cybersecurity,” Sysman said. “It’s nothing exotic in a world of cutting-edge AI and advanced tech. However it’s a fundamental thing that people are struggling with, and it is what everyone needs. Just like the Camry.”

For now, Axonius is following the route of providing a platform that can interconnect with a number of other security products — currently numbering around 100 — rather than building those tools itself, or acquiring them to bring them in house. That could be one option for how potentially it might evolve over time, however.

For now, the idea of being agnostic to those specific tools and providing a platform just to identify and manage assets is a formula that has already seen a lot of traction with customers — which include companies like Schneider Electric, the New York Times, and Landmark Medical, among others — as well as investors.

“Any enterprise CISO’s top priority, with unwavering consistency, is asset discovery and management. You can’t protect a device if you don’t know it exists.” said Arsham Menarzadeh, general partner at Lightspeed Venture Partners, in a statement. “Axonius integrates into any security and management product to show customers their full asset landscape and automate policy enforcement. Their integrated approach and remediation capabilities position them to become the operating system and single source of truth for security and IT teams. We’re excited to play a part in helping them scale.”

Powered by WPeMatico

Accel and Index back Tines, as the cybersecurity startup adds another $11M to its Series A

It was just a couple of months ago that Tines, the cybersecurity automation startup, raised $4.1 million in Series A funding led by Blossom Capital. The Dublin-based company is now disclosing an $11 million extension to the round.

This additional Series A funding is led by venture capital firm Accel, with participation from Index Ventures and previous backer Blossom Capital. The extra cash will be used to continue developing its cybersecurity automation platform and for further expansion into the U.S. and Europe.

Founded in February 2018 by ex-eBay, PayPal and DocuSign security engineer Eoin Hinchy, and subsequently joined by former eBay and DocuSign colleague Thomas Kinsella, Tines automates many of the repetitive manual tasks faced by security analysts so they can focus on other high-priority work. The pair had bootstrapped the company as recently as October.

“It was while I was at DocuSign that I felt there was a need for a platform like Tines,” explained Hinchy at the time of the initial Series A. “We had a team of really talented engineers in charge of incident response and forensics but they weren’t developers. I found they were doing the same tasks over and over again so I began looking for a platform to automate these repetitive tasks and didn’t find anything. Certainly nothing that did what we needed it to, so I came up with the idea to plug this gap in the market.”

To remedy this, Tines lets companies automate parts of their manual security processes with the help of six software “agents,” with each acting as a multipurpose building block. The idea is that, regardless of the process being automated, it only requires combinations of these six agent types configured in different ways to replicate a particular workflow.

In addition, the platform doesn’t rely on pre-built integrations to interact with external systems. Instead, Tines is able to plug in to any system that has an API. “This means integration with commercial, off-the-shelf products, or existing in-house tools is quick and simple, with most security teams automating stories (workflows) within the first 24 hours,” says the startup. Its software is also starting to find utility beyond cybersecurity processes, with several Tines customers using it in IT, DevOps and HR.

“We heard that Eoin, a senior member of the security team at DocuSign (another Accel portfolio company), had recently left to start Tines, so we got in touch,” Accel’s Seth Pierrepont tells TechCrunch. “They were in the final stages of closing their Series A. However, we were so convinced by the founders, their product approach and the market timing, that we asked them to extend the round.”

Pierrepont also points out that a unique aspect of the Dublin ecosystem is that many of the world’s largest tech companies have their European headquarters in the country (often attracted by relatively low corporation tax), “so it’s an incredibly rich talent pool despite being a relatively small city.”

Asked whether Accel views Tines as a cybersecurity automation company or a more general automation play that puts automation in the hands of non-technical employees for a multitude of possible use cases, Pierrepont says, given Hinchy and Kinsella’s backgrounds, the cybersecurity automation sector should be the primary focus for the company in the short term. However, longer term it is likely that Tines will be adopted across other functions as well.

“From our investment in Demisto (which was acquired by Palo Alto Networks earlier this year), we know the security automation or SOAR category (as Gartner defines it) very well,” he says. “Demisto pioneered the category and was definitively the market leader when it was acquired. However, we think the category is just getting started and that there is still a ton of whitespace for Tines to go after.”

Meanwhile, in less than a year, Tines says it has on-boarded 10 enterprise customers across a variety of industries, including Box, Auth0 and McKesson, with companies automating on average 100,000 actions per day.

Powered by WPeMatico

Cybersecurity automation startup Tines scores $4.1M Series A led by Blossom Capital

Tines, a Dublin-based startup that lets companies automate aspects of their cybersecurity, has raised $4.1 million in Series A funding. Leading the round is Blossom Capital, the venture capital firm co-founded by ex-Index Ventures and LocalGlobe VC Ophelia Brown.

Founded in February 2018 by ex-eBay, PayPal and DocuSign security engineer Eoin Hinchy, who was subsequently joined by former eBay and DocuSign colleague Thomas Kinsella, Tines automates many of the repetitive manual tasks faced by security analysts so they can focus on other high-priority work. The pair have bootstrapped the company until now.

“It was while I was at DocuSign that I felt there was a need for a platform like Tines,” explains Hinchy. “We had a team of really talented engineers in charge of incident response and forensics but they weren’t developers. I found they were doing the same tasks over and over again so I began looking for a platform to automate these repetitive tasks and didn’t find anything. Certainly nothing that did what we needed it to, so I came up with the idea to plug this gap in the market.”

To that end, Tines lets companies automate parts of their manual security processes with the help of six software “agents,” with each acting as a multipurpose building block. Therefore, regardless of the process being automated, it only requires combinations of these six agent types configured in different ways to replicate a particular workflow.

“I wanted there to be as few agent types as possible, to simplify the system, and I haven’t discovered a workflow in which tasks sit outside of these agents yet,” says Hinchy. “Once a customer signs up they can start automating their own workflows immediately, and most of our customers see value from day one. If they need a hand, my team works with them to establish how they currently manually carry out tasks, such as identifying and dealing with a phishing attack. Each step of dealing with the attack — from cross-checking the email address with trusted contacts or a blacklist, to scanning attachments for viruses or examining URLs — will be performed by one of the six agent types. This means we can assign these tasks to an agent to create the workflow, or as we call it, the “story.”

So, for example, once a phishing email triggers the first agent, the following steps in the “story” are automatically carried out. In this way, Tines might be described as akin to IFTTT, “but an exceptionally powerful, enterprise version of the IFTTT concept, designed to manage much more complex workflows.”

Competitors are cited as Phantom, which last year was acquired by Splunk, and Demisto, which was bought by Palo Alto Networks. However, Hinchy argues that a key differentiator is that Tines doesn’t rely on pre-built integrations to interact with external systems. Instead, he says the software is able to plug in to any system that has an API.

Meanwhile, Tines says it will use the new funding to hire engineers in Dublin who can help improve the platform through R&D, as well as grow its customer base with companies in the U.S. and in Europe. Notably, the startup plans to expand beyond cybersecurity automation, too.

“Our background is in security, so with Tines, we’ve initially focused on helping security teams automate their repetitive, manual processes,” says Hinchy. “What makes us different is that nowhere does it say we can’t expand beyond this, to help other teams and sectors automate tasks. The advantage of our direct-integration model is that Tines doesn’t care if you’re talking to a security tool, HR system or CRM, it treats them the same. In the next 18 months, we plan to expand Tines outside security, hire more talent and increase the product team from 8 to 20.”

Powered by WPeMatico

What startup CSOs can learn from three enterprise security experts

How do you keep your startup secure?

That’s the big question we explored at TC Sessions: Enterprise earlier this month. No matter the size, every startup is an enterprise. Every startup will grow in size as it builds out. But as a company expands, that rapid growth can lead to a distraction from the foundational principle of any modern company — keeping it secure.

Security isn’t just a buzzword. As some of the largest companies in Silicon Valley have shown, security can be difficult. From storing passwords in plaintext to data breaches galore, how can startups learn from some of the biggest security lapses in the tech industry’s history?

Our panel consisted of three of the brightest minds in enterprise security: Wendy Nather, head of advisory CISOs at Duo Security, is an enterprise security expert; Martin Casado, general partner at Andreessen Horowitz, is a security and enterprise startup investor; and Emily Heath, United’s chief information security officer, oversees the security operations of the largest U.S. airlines.

This is what advice they had.

Security from the very start

Powered by WPeMatico