FireEye
Auto Added by WPeMatico
Auto Added by WPeMatico
AttackIQ, a cybersecurity startup that provides organizations with breach and attack simulation solutions, has raised $44 million in Series C funding as it looks to ramp up its international expansion.
The funding round was led by Atlantic Bridge, Saudi Aramco Energy Ventures (SAEV) and Gaingels, with existing vendors — including Index Ventures, Khosla Ventures, Salesforce Ventures and Telstra Ventures — also participating. The round brings the company’s total funding raised to date to $79 million.
AttackIQ was founded in 2013 and is based out of San Diego, California. It provides an automated validation platform that runs scenarios to detect any gaps in a company’s defenses, enabling organizations to test and measure the effectiveness of their security posture and receive guidance on how to fix what’s broken. Broadly, AttackIQ’s platform helps an organization’s security teams anticipate, prepare and hunt for threats that may impact their business, before hackers get there first.
Its Security Optimization Platform platform, which supports Windows, Linux and macOS across public, private and on-premises cloud environments, is based on the MITRE ATT&CK framework, a curated knowledge base of known adversary threats, tactics and techniques. This is used by a number of cybersecurity companies also building continuous validation services, including FireEye, Palo Alto Networks and Cymulate.
AttackIQ says this latest round of funding, which comes more than two years after its last, arrives at a “dynamic time” for the company. Not only has cybersecurity become more of a priority for organizations as a result of a major uptick in both ransomware and supply-chain attacks, the company also recently accelerated its international expansion efforts through a partnership with technology distributor Westcon.
The startup says it’s planning to use these new funds to further expand internationally through its newfound partnership with Atlantic Bridge, which will also see Kevin Dillon, the company’s co-founder and managing director, join the AttackIQ board of directors.
“AttackIQ has established itself as a category leader with a formidable enterprise customer base that includes four of the Fortune 20,” said Dillon. “We believe deeply in the company’s vision and potential to become the next billion-dollar cybersecurity software company and look forward to helping the company turn early traction in Europe and the Middle East into robust, long-term expansion.”
Brett Galloway, CEO of AttackIQ, said the round “reaffirms the strength” of its platform.
As well as enabling organizations to review the robustness of their security defenses, the startup also runs the AttackIQ Academy, which provides free entry-level and advanced cybersecurity training. It has accumulated 17,200 registered students to date across 176 countries.
Powered by WPeMatico
Panaseer, which takes a data science approach to cybersecurity, has raised $26.5 million in a Series B funding led by AllegisCyber Capital. Existing investors, including Evolution Equity Partners, Notion Capital, AlbionVC, Cisco Investments and Paladin Capital Group, as well as new investor National Grid Partners, also participated. Panaseer has now raised $43 million to date.
Panaseer’s special sauce and sales pitch amount to what it calls “Continuous Controls Monitoring” (CCM). In plainer English that means correlating a great deal of data from all available security tools to check assets, control gaps, you name it.
As a result, the company says it can identify zero-day and other exposures faster, or exposure to, say, FireEye or SolarWinds vulnerabilities.
Jonathan Gill, CEO, Panaseer said: “Most enterprises have the tools and capability to theoretically prevent a breach from occurring. However, one of the key reasons that breaches occur is that there is no technology to monitor and react to failed controls. CCM continuously validates and measures levels of protection and provides notifications of failures. Ultimately, CCM enables these failures to be fixed before they become security incidents.”
Speaking to me on a call he added: “The investment, allows us to scale our organization to meet those demands of customers with a team of people to implement the platform and help them get tremendous value and to evolve the product. To add more and more capability to that technology to support more and more use cases. So they’re the two main directions, and there’s a market we think of tens of thousands of organizations of a certain size, who are regulated or they have assets worth protecting and a level of complexity that makes it difficult to solve the problem themselves. And our Advisory Board and the customers I’ve spoken with think maybe there are barely 20 companies in the world who can solve this problem. And everybody else gets stuck on the fact that it’s a really difficult data science problem to solve. So we want to scale that and take that to more organizations.”
And why did they pick these investors: “I think we picked them and they picked us, we’ve been on that journey together. It takes months to find the best combination. The dollars are all the same when it comes to investors, but I think they can help improve as an organization and grow just like the existing investors do. They give us access and reach into parts of the market and help make us better as organizations as well.”
Bob Ackerman, founder and managing director of AllegisCyber Capital, and co-founder of DataTribe said: “The emergence of Continuous Controls Monitoring as a new cybersecurity category demonstrates a ‘coming of age’ for cybersecurity. Cyber is the existential threat to the global digital economy. All levels of the enterprise, from the CISO, to Chief Risk Officer, to the Board of Directors are demanding comprehensive visibility, transparency and hard metrics to assess cyber situational awareness.”
Powered by WPeMatico
If the definition of insanity is doing the same thing over and over and expecting a different outcome, then one might say the cybersecurity industry is insane.
Criminals continue to innovate with highly sophisticated attack methods, but many security organizations still use the same technological approaches they did 10 years ago. The world has changed, but cybersecurity hasn’t kept pace.
Distributed systems, with people and data everywhere, mean the perimeter has disappeared. And the hackers couldn’t be more excited. The same technology approaches, like correlation rules, manual processes and reviewing alerts in isolation, do little more than remedy symptoms while hardly addressing the underlying problem.
The current risks aren’t just technology problems; they’re also problems of people and processes.
Credentials are supposed to be the front gates of the castle, but as the SOC is failing to change, it is failing to detect. The cybersecurity industry must rethink its strategy to analyze how credentials are used and stop breaches before they become bigger problems.
Compromised credentials have long been a primary attack vector, but the problem has only grown worse in the midpandemic world. The acceleration of remote work has increased the attack footprint as organizations struggle to secure their network while employees work from unsecured connections. In April 2020, the FBI said that cybersecurity attacks reported to the organization grew by 400% compared to before the pandemic. Just imagine where that number is now in early 2021.
It only takes one compromised account for an attacker to enter the active directory and create their own credentials. In such an environment, all user accounts should be considered as potentially compromised.
Nearly all of the hundreds of breach reports I’ve read have involved compromised credentials. More than 80% of hacking breaches are now enabled by brute force or the use of lost or stolen credentials, according to the 2020 Data Breach Investigations Report. The most effective and commonly-used strategy is credential stuffing attacks, where digital adversaries break in, exploit the environment, then move laterally to gain higher-level access.
Powered by WPeMatico
The security sector is ever frothy and acquisitive. Just last week Palo Alto Networks grabbed Expanse for $800 million. Today it was FireEye’s turn, snagging Respond Software, a company that helps customers investigate and understand security incidents, while reducing the need for highly trained (and scarce) security analysts. The deal has closed, according to the company.
FireEye had its eye on Respond’s Analyst product, which it plans to fold into its Mandiant Solutions platform. Like many companies today, FireEye is focused on using machine learning to help bolster its solutions and bring a level of automation to sorting through the data, finding real issues and weeding out false positives. The acquisition gives them a quick influx of machine learning-fueled software.
FireEye sees a product that can help add speed to its existing tooling. “With Mandiant’s position on the front lines, we know what to look for in an attack, and Respond’s cloud-based machine learning productizes our expertise to deliver faster outcomes and protect more customers,” Kevin Mandia, FireEye CEO said in a statement announcing the deal.
Mike Armistead, CEO at Respond, wrote in a company blog post that today’s acquisition marks the end of a four-year journey for the startup, but it believes it has landed in a good home with FireEye. “We are proud to announce that after many months of discussion, we are becoming part of the Mandiant Solutions portfolio, a solution organization inside FireEye,” Armistead wrote.
While FireEye was at it, it also announced a $400 million investment from Blackstone Tactical Opportunities fund and ClearSky (an investor in Respond), giving the public company a new influx of cash to make additional moves like the acquisition it made today.
It didn’t come cheap. “Under the terms of its investment, Blackstone and ClearSky will purchase $400 million in shares of a newly designated 4.5% Series A Convertible Preferred Stock of FireEye (the ‘Series A Preferred’), with a purchase price of $1,000 per share. The Series A Preferred will be convertible into shares of FireEye’s common stock at a conversion price of $18.00 per share,” the company explained in a statement. The stock closed at $14.24 today.
Respond, which was founded in 2016, raised $32 million, including a $12 million Series A in 2017 led by CRV and Foundation Capital and a $20 million Series B led by ClearSky last year, according to Crunchbase data.
Powered by WPeMatico
When FireEye reported its earnings last month, the outlook was a little light, so the security vendor decided to be proactive and make a big purchase. Today, the company announced it has acquired Verodin for $250 million. The deal closed today.
The startup had raised over $33 million since it opened its doors five years ago, according to Crunchbase data, and would appear to have given investors a decent return. With Verodin, FireEye gets a security validation vendor; that is, a company that can run a review against the existing security setup and find gaps in coverage.
That would seem to be a handy kind of tool to have in your security arsenal, and could possibly explain the price tag. Perhaps it could also help set FireEye apart from the broader market, or fill in a gap in its own platform.
FireEye CEO Kevin Mandia certainly sees the potential of his latest purchase. “Verodin gives us the ability to automate security effectiveness testing using the sophisticated attacks we spend hundreds of thousands of hours responding to, and provides a systematic, quantifiable, and continuous approach to security program validation,” he said in a statement.
Chris Key, Verodin co-founder and chief executive officer, sees the purchase through the standard acquisition lens. “By joining FireEye, Verodin extends its ability to help customers take a proactive approach to understanding and mitigating the unique risks, inefficiencies and vulnerabilities in their environments,” he said in a statement. In other words, as part of a bigger company, we’ll do more faster.
While FireEye plans to incorporate Verodin into its on-prem and managed services, it will continue to sell the solution as a standalone product, as well.
Powered by WPeMatico
Cybercorns are companies that have surpassed the magical $1 billion valuation. Several of these extraordinary ventures are Okta, Sophos, Tanium, Palantir, FireEye, Splunk, Zscaler, Lookout, CloudFlare, Illumio and AVAST. But in a world where technology is changing rapidly, and in which attackers are agile and focused, which of these unicorns will survive? What is the half-life, perhaps measured… Read More
Powered by WPeMatico
Business services and retail operations saw the most online intrusions from malicious hackers in 2014, and one business was infiltrated and tapped for a full eight years before it figured out it was being targeted, according to Mandiant, a division of computer security firm FireEye. In the news recently for tracking how supporters of the pro-Assad Syrian government have been… Read More
Powered by WPeMatico