Security

Auto Added by WPeMatico

BluBracket nabs $12M Series A to expand source code security platform

BluBracket, an early-stage startup that focuses on keeping source code repositories secure, even in distributed environments, announced a $12 million Series A today.

Evolution Equity Partners led the round, with help from existing investors Unusual Ventures, Point72 Ventures, SignalFire and Firebolt Ventures. When combined with the $6.5 million seed round we reported on last year, the company has raised $19.5 million so far.

As you might imagine, being able to secure code in distributed environments came in quite handy when much of the technology world moved to work from home last year. BluBracket co-founder and COO Ajay Arora says that the pandemic forced many organizations to look carefully at how they secured their code base.

“So the anxiety organizations had about making sure their source code was secure and that it wasn’t leaking, from that standpoint that was a big tailwind for us. [With companies moving to a] completely remote development workforce, and with code being so important to their business as intellectual property, they needed to get that visibility into what vulnerabilities were there,” Arora explained.

Even prior to the pandemic, the company was finding they were gaining traction with developers and security pros by using a bottom up approach offering a free community version of the software. Having that free version as a top of the funnel for their sales motion was also helpful once COVID hit full force.

Today, Arora says the company has multiple thousands of developers, DevOps and SecOps users across dozens of organizations using the company’s suite of products. The big reference company right now is Priceline, but he says there are other big names that would prefer not to be public about it.

The company currently has 30 employees, with plans to double that by the end of the year, and he says that building diversity and inclusion into the hiring process is part of the company’s core values, and part of how the executive team gets measured.

“We’re big believers in putting our money where our mouth is and one of the OKRs for me and my co-founder [CEO Prakash Linga], or one of the things that we’re actually compensated for, is how well we are doing in building diversity and inclusion on the team,” he said. He adds that the recruiters that they are using are also being held to the same standard when it comes to providing a diverse set of candidates for open positions.

The company launched in 2018 and the founding team came from Vera, a startup that helped secure documents in motion. That company was sold to HelpSystems in December 2020 after Arora and Linga had left to start BluBracket.

Powered by WPeMatico

GasBuddy tops the App Store for the first time due to Colonial Pipeline attack

The GasBuddy mobile app, which typically helps consumers find the cheapest gas nearby, has now become the No. 1 app on the U.S. App Store for the first time ever, due to the fuel shortages in the U.S. that followed the cyberattack on the Colonial Pipeline. Americans, fearful that gas would become unavailable, began panic-buying in ways that haven’t been seen since the great toilet paper outage of 2020. As a result, thousands of gas stations ran out of fuel entirely. This dramatic situation has greatly benefitted the GasBuddy app, which includes a crowdsourced feature that helps users locate which local stations still have gas for sale.

As of Wednesday afternoon, GasBuddy says the effects of the Colonial Pipeline shutdown are being felt across 11 U.S. states, largely in the Southeast and Washington, D.C. North Carolina had the highest number of gas stations with fuel outages, with 65% of stations reportedly out of gas as of 2:48 p.m. ET on Wednesday. Kentucky has the lowest at only 2%. Because this data is self-reported by GasBuddy users, it may not represent the most current information, we should note.

Image Credits: GasBuddy app screenshot

During the week, consumers have been turning to GasBuddy to help them find where they can fill up. Yesterday, the app hit No. 1 in the “Travel” category on the App Store, while it steadily climbed its way up the App Store’s Top Overall charts.

This afternoon, GasBuddy became both the No.1 app in the non-games category as well as the highest-ranked app Overall across the U.S. App Store.

According to data from app store intelligence firm Apptopia, GasBuddy yesterday saw 15,203 new downloads — a 59% increase from its average daily downloads, which were 9,560 for the past 30 days. However, third-party data isn’t always accurate for sudden shots in rank — it catches up a few days after the fact.

Image Credits: Apptopia

Reached for comment, GasBuddy says its downloads were actually far higher than the third-party estimates. Across all platforms, including both iOS and Google Play, it saw 20x more downloads yesterday compared with an average day in 2021. The company told TechCrunch it counted 313,001 total downloads yesterday, compared with average daily downloads for the previous 30 days of 15,339.

Broken down by platform, GasBuddy says it saw 104,735 downloads on Android and 208,266 downloads on iOS on Tuesday, May 11, 2021.

Apptopia also noted that GasBuddy hadn’t been the No. 1 app on the App Store in all the time it’s been recording app store rankings, which goes back to January 1, 2015. However, it noted the app itself launched back in 2010, making it possible (though not likely) that the app had reached No. 1 at some point.

GasBuddy confirmed that’s not the case. Today is the first time it has ever topped the App Store, though it got close once before when it reached No. 2 behind a walkie-talkie app during Hurricane Irma in September 2017.

Image Credits: App Store screenshot on Wed., May 12, 2021

Consumers can continue to track statewide fuel outages here on GasBuddy’s website as well as where highest prices are being found. In the app, they can report whether gas stations have gas or diesel, as well as current prices.

The Colonial Pipeline, which runs 5,500 miles from the Gulf to the Northeast, shut down on Friday due to a ransomware attack from a criminal hacking network known as DarkSide, which is suspected to be based in Russia or Eastern Europe. The pipeline delivers about 45% of fuel used by the Eastern Seaboard. Reports of the shutdown sent Americans to stock up on gas, worsening the situation further. The U.S. Energy Secretary Jennifer Granholm said the Colonial Pipeline intends to restore operations by the end of the week.

Powered by WPeMatico

Cybersecurity startup Panaseer raises $26.5M Series B led by AllegisCyber Capital

Panaseer, which takes a data science approach to cybersecurity, has raised $26.5 million in a Series B funding led by AllegisCyber Capital. Existing investors, including Evolution Equity Partners, Notion Capital, AlbionVC, Cisco Investments and Paladin Capital Group, as well as new investor National Grid Partners, also participated. Panaseer has now raised $43 million to date.

Panaseer’s special sauce and sales pitch amount to what it calls “Continuous Controls Monitoring” (CCM). In plainer English that means correlating a great deal of data from all available security tools to check assets, control gaps, you name it.

As a result, the company says it can identify zero-day and other exposures faster, or exposure to, say, FireEye or SolarWinds vulnerabilities.

Jonathan Gill, CEO, Panaseer said: “Most enterprises have the tools and capability to theoretically prevent a breach from occurring. However, one of the key reasons that breaches occur is that there is no technology to monitor and react to failed controls. CCM continuously validates and measures levels of protection and provides notifications of failures. Ultimately, CCM enables these failures to be fixed before they become security incidents.”

Speaking to me on a call he added: “The investment, allows us to scale our organization to meet those demands of customers with a team of people to implement the platform and help them get tremendous value and to evolve the product. To add more and more capability to that technology to support more and more use cases. So they’re the two main directions, and there’s a market we think of tens of thousands of organizations of a certain size, who are regulated or they have assets worth protecting and a level of complexity that makes it difficult to solve the problem themselves. And our Advisory Board and the customers I’ve spoken with think maybe there are barely 20 companies in the world who can solve this problem. And everybody else gets stuck on the fact that it’s a really difficult data science problem to solve. So we want to scale that and take that to more organizations.”

And why did they pick these investors: “I think we picked them and they picked us, we’ve been on that journey together. It takes months to find the best combination. The dollars are all the same when it comes to investors, but I think they can help improve as an organization and grow just like the existing investors do. They give us access and reach into parts of the market and help make us better as organizations as well.”

Bob Ackerman, founder and managing director of AllegisCyber Capital, and co-founder of DataTribe said: “The emergence of Continuous Controls Monitoring as a new cybersecurity category demonstrates a ‘coming of age’ for cybersecurity. Cyber is the existential threat to the global digital economy. All levels of the enterprise, from the CISO, to Chief Risk Officer, to the Board of Directors are demanding comprehensive visibility, transparency and hard metrics to assess cyber situational awareness.”

Powered by WPeMatico

Jamf snags zero trust security startup Wandera for $400M

Jamf, the enterprise Apple device management company, announced that it was acquiring Wandera, a zero trust security startup, for $400 million at the market close today. Today’s purchase is the largest in the company’s history.

Using a set of management services for Apple devices, Jamf provides IT at large organizations. It is the leader in the market, and snagging Wandera provides a missing modern security layer for the platform.

Jamf CEO Dean Hager says that Wandera’s zero trust approach fills in an important piece in the Jamf platform tool set. “The combination of Wandera and Jamf will provide our customers a single source platform that handles deployment, application lifecycle management, policies, filtering and security capabilities across all Apple devices while delivering zero trust network access for all mobile workers,” Hager said in a statement.

Zero trust, as the name implies, is an approach to security where you don’t trust anybody regardless of whether they are inside or outside your network. It requires that you force everyone to provide multiple forms of authentication to prove their identity before they can access company resources.

The need for a zero trust approach became even more acute during the pandemic when employees have often been working from home and have needed access to applications and other company resources from wherever they happened to be, a trend that was happening even prior to COVID, and is likely to continue after it ends.

Wandera, which is based in London, was founded in 2012 by brothers Roy and Eldar Tuvey, who had previously co-founded another security startup called ScanSafe. Cisco acquired that company, which helped protect web gateways as a service, for $183 million back in 2009. The brothers raised over $53 million along the way for Wandera. Investors included Bessemer Venture Partners, 83North and Sapphire Ventures.

Sapphire co-founder and managing director Andreas Weiskam had this to say about the company: “I’ve had the pleasure of working with co-founders (and brothers) Eldar Tuvey and Roy Tuvey for the last several years now and I can honestly say they’re great entrepreneurs and leaders, having built a real company of consequence.”

He added, “They’ve created a unique security product which addresses mobile threats by leveraging the increasingly important zero trust network. By joining the Jamf family, the two will help shape the future of the zero trust cloud. And it goes without saying that this is a big win for the customers, especially for those in the Apple ecosystem.”

Under the terms of the deal, Jamf is paying Wandera $350 million in cash, then paying them two $25 million payments on October 1, 2021 and December 15, 2021. The deal is expected to close in the third quarter, assuming it passes regulatory scrutiny.

 

Powered by WPeMatico

Cycode raises $20M to secure DevOps pipelines

Israeli security startup Cycode, which specializes in helping enterprises secure their DevOps pipelines and prevent code tampering, today announced that it has raised a $20 million Series A funding round led by Insight Partners. Seed investor YL Ventures also participated in this round, which brings the total funding in the company to $24.6 million.

Cycode’s focus was squarely on securing source code in its early days, but thanks to the advent of infrastructure as code (IaC), policies as code and similar processes, it has expanded its scope. In this context, it’s worth noting that Cycode’s tools are language and use case agnostic. To its tools, code is code.

“This ‘everything as code’ notion creates an opportunity because the code repositories, they become a single source of truth of what the operation should look like and how everything should function, Cycode CTO and co-founder Ronen Slavin told me. “So if we look at that and we understand it — the next phase is to verify this is indeed what’s happening, and then whenever something deviates from it, it’s probably something that you should look at and investigate.”

Cycode Dashboard

Cycode Dashboard. Image Credits: Cycode

The company’s service already provides the tools for managing code governance, leak detection, secret detection and access management. Recently it added its features for securing code that defines a business’ infrastructure; looking ahead, the team plans to add features like drift detection, integrity monitoring and alert prioritization.

“Cycode is here to protect the entire CI/CD pipeline — the development infrastructure — from end to end, from code to cloud,” Cycode CEO and co-founder Lior Levy told me.

“If we look at the landscape today, we can say that existing solutions in the market are kind of siloed, just like the DevOps stages used to be,” Levy explained. “They don’t really see the bigger picture, they don’t look at the pipeline from a holistic perspective. Essentially, this is causing them to generate thousands of alerts, which amplifies the problem even further, because not only don’t you get a holistic view, but also the noise level that comes from those thousands of alerts causes a lot of valuable time to get wasted on chasing down some irrelevant issues.”

What Cycode wants to do then is to break down these silos and integrate the relevant data from across a company’s CI/CD infrastructure, starting with the source code itself, which ideally allows the company to anticipate issues early on in the software life cycle. To do so, Cycode can pull in data from services like GitHub, GitLab, Bitbucket and Jenkins (among others) and scan it for security issues. Later this year, the company plans to integrate data from third-party security tools like Snyk and Checkmarx as well.

“The problem of protecting CI/CD tools like GitHub, Jenkins and AWS is a gap for virtually every enterprise,” said Jon Rosenbaum, principal at Insight Partners, who will join Cycode’s board of directors. “Cycode secures CI/CD pipelines in an elegant, developer-centric manner. This positions the company to be a leader within the new breed of application security companies — those that are rapidly expanding the market with solutions which secure every release without sacrificing velocity.”

The company plans to use the new funding to accelerate its R&D efforts, and expand its sales and marketing teams. Levy and Slavin expect that the company will grow to about 65 employees this year, spread between the development team in Israel and its sales and marketing operations in the U.S.

Powered by WPeMatico

Following Apple’s launch of privacy labels, Google to add a ‘safety’ section in Google Play

Months after Apple’s App Store introduced privacy labels for apps, Google announced its own mobile app marketplace, Google Play, will follow suit. The company today pre-announced its plans to introduce a new “safety” section in Google Play, rolling out next year, which will require app developers to share what sort of data their apps collect, how it’s stored and how it’s used.

For example, developers will need to share what sort of personal information their apps collect, like users’ names or emails, and whether it collects information from the phone, like the user’s precise location, their media files or contacts. Apps will also need to explain how the app uses that information — for example, for enhancing the app’s functionality or for personalization purposes.

Developers who already adhere to specific security and privacy practices will additionally be able to highlight that in their app listing. On this front, Google says it will add new elements that detail whether the app uses security practices like data encryption; if the app follows Google’s Families policy, related to child safety; if the app’s safety section has been verified by an independent third party; whether the app needs data to function or allows users to choose whether or not to share data; and whether the developer agrees to delete user data when a user uninstalls the app in question.

Apps will also be required to provide their privacy policies.

While clearly inspired by Apple’s privacy labels, there are several key differences. Apple’s labels focus on what data is being collected for tracking purposes and what’s linked to the end user. Google’s additions seem to be more about whether or not you can trust the data being collected is being handled responsibility, by allowing the developer to showcase if they follow best practices around data security, for instance. It also gives the developer a way to make a case for why it’s collecting data right on the listing page itself. (Apple’s “ask to track” pop-ups on iOS now force developers to beg inside their apps for access user data.)

Another interesting addition is that Google will allow the app data labels to be independently verified. Assuming these verifications are handled by trusted names, they could help to convey to users that the disclosures aren’t lies. One early criticism of Apple’s privacy labels was that many were providing inaccurate information — and were getting away with it, too.

Google says the new features will not roll out until Q2 2022, but it wanted to announce now in order to give developers plenty of time to prepare.

Image Credits: Google

There is, of course, a lot of irony to be found in an app privacy announcement from Google.

The company was one of the longest holdouts on issuing privacy labels for its own iOS apps, as it scrambled to review (and re-review, we understand) the labels’ content and disclosures. After initially claiming its labels would roll out “soon,” many of Google’s top apps then entered a lengthy period where they received no updates at all, as they were no longer compliant with App Store policies.

It took Google months after the deadline had passed to provide labels for its top apps. And when it did, it was mocked by critics — like privacy-focused search engine DuckDuckGo — for how much data apps like Chrome and the Google app collect.

Google’s plan to add a safety section of its own to Google Play gives it a chance to shift the narrative a bit.

It’s not a privacy push, necessarily. They’re not even called privacy labels! Instead, the changes seem designed to allow app developers to better explain if you can trust their app with your data, rather than setting the expectation that the app should not be collecting data in the first place.

How well this will resonate with consumers remains to be seen. Apple has made a solid case that it’s a company that cares about user privacy, and is adding features that put users in control of their data. It’s a hard argument to fight back against — especially in an era that’s seen too many data breaches to count, careless handling of private data by tech giants, widespread government spying and a creepy adtech industry that grew to feel entitled to user data collection without disclosure.

Google says when the changes roll out, non-compliant apps will be required to fix their violations or become subject to policy enforcement. It hasn’t yet detailed how that process will be handled, or whether it will pause app updates for apps in violation.

The company noted its own apps would be required to share this same information and a privacy policy, too.

Powered by WPeMatico

Emerging open cloud security framework has backing of Microsoft, Google and IBM

Each of the big cloud platforms has its own methodology for passing on security information to logging and security platforms, leaving it to the vendors to find proprietary ways to translate that into a format that works for their tool. The Cloud Security Notification Framework (CSNF), a new working group that includes Microsoft, Google and IBM is trying to create a new open and standard way of delivering this information.

Nick Lippis, who is co-founder and co-chairman of ONUG, an open enterprise cloud community, which is the primary driver of CSNF, says that what they’ve created is part standard and part open source. “What we’ve been really focusing on is how do we automate governance on the cloud. And so security was the place that was ripe for that where we can actually provide some value right away for the community,” he said.

While they’ve pulled in some of the big cloud vendors, they’ve also got large companies who consume cloud services like FedEx, Pfizer and Goldman Sachs. Conspicuously missing from the group is AWS, the biggest player in the cloud infrastructure market by far. But Lippis says that he hopes, as the project matures, other companies including AWS will join.

“There’s lots of security programs and industry programs that get out there and that people are asking them to join, and so some companies want to wait to see how well this pans out [before making a commitment to it],” Lippis said. His hope is, that over time, Amazon will come around and join the group, but in the meantime they are working to get to the point where everyone in the community will feel good about what they’re doing.

The idea is to start with security alerts and find a way to build a common format to give companies the same kind of system they have in the data center to track security alerts in the cloud. The way they hope to do that is with this open dialogue between the cloud vendors and the companies involved with the group.

“So the structure of that is that there’s a steering committee that is chaired by CISOs from these large cloud consumer brands, and also the cloud providers, and they provide voting and direction. And then there’s the working group where all the work is done. The beauty of what we do is that we have now consumers and also providers working together and collaborating,” he said.

Don Duet, a member of ONUG, who is CEO and co-founder of Concourse Labs, has been involved in the formation of the CSNF. He says to keep the project focused they are looking at this as a data management problem and they are establishing a common vocabulary for everyone to work within the group.

“How do you build a consensus on what are the types of terms that everybody can agree on and then you build the underlying basis so that the experts in your resource providers in this case, Cloud Service Providers, can bless how their data [connects] to those common standards,” Duet explained.

He says that particular problem is more of an organizational problem than a technical one, getting the various stakeholders together and just building consensus around this. At this point, they have that process in place and the next step is proving it by having the various companies involved in this test it out in the coming months.

After they get past the testing phase, in October they plan to actually demonstrate what this looks like in a before and after scenario, with the new framework and without it. As the group works toward these goals, the hope is that eventually the framework will become more established and other companies and vendors will come on board and make this a more standard way of sharing security alerts. If all goes well, they hope to build in other security information into this framework over time.

Powered by WPeMatico

Cymulate nabs $45M to test and improve cybersecurity defenses via attack simulations

With cybercrime on course to be a $6 trillion problem this year, organizations are throwing ever more resources at the issue to avoid being a target. Now, a startup that’s built a platform to help them stress-test the investments that they have made into their security IT is announcing some funding on the back of strong demand from the market for its tools.

Cymulate, which lets organizations and their partners run machine-based attack simulations on their networks to determine vulnerabilities and then automatically receive guidance around how to fix what is not working well enough, has picked up $45 million, funding that the startup — co-headquartered in Israel and New York — will be using to continue investing in its platform and to ramp up its operations after doubling its revenues last year on the back of a customer list that now numbers 300 large enterprises and mid-market companies, including the Euronext stock exchange network as well as service providers such as NTT and Telit.

London-based One Peak Partners is leading this Series C, with previous investors Susquehanna Growth Equity (SGE), Vertex Ventures Israel, Vertex Growth and Dell Technologies Capital also participating.

According to Eyal Wachsman, the CEO and co-founder, Cymulate’s technology has been built not just to improve an organization’s security, but an automated, machine learning-based system to better understand how to get the most out of the security investments that have already been made.

“Our vision is to be the largest cybersecurity ‘consulting firm’ without consultants,” he joked.

The valuation is not being disclosed, but as some measure of what is going on, David Klein, managing partner at One Peak, said in an interview that he expects Cymulate to hit a $1 billion valuation within two years at the rate it’s growing and bringing in revenue right now. The startup has now raised $71 million, so it’s likely the valuation is in the mid-hundreds of millions. (We’ll continue trying to get a better number to have a more specific data point here.)

Cymulate — pronounced “sigh-mulate”, like the “cy” in “cyber” and a pun of “simulate”) is cloud-based but works across both cloud and on-premises environments and the idea is that it complements work done by (human) security teams both inside and outside of an organization, as well as the security IT investments (in terms of software or hardware) that they have already made.

“We do not replace — we bring back the power of the expert by validating security controls and checking whether everything is working correctly to optimize a company’s security posture,” Wachsman said. “Most of the time, we find our customers are using only 20% of the capabilities that they have. The main idea is that we have become a standard.”

The company’s tools are based in part on the MITRE ATT&CK framework, a knowledge base of threats, tactics and techniques used by a number of other cybersecurity services, including a number of others building continuous validation services that compete with Cymulate. These include the likes of FireEye, Palo Alto Networks, Randori, Khosla-backed AttackIQ and many more.

Although Cymulate is optimized to help customers better use the security tools they already have, it is not meant to replace other security apps, Wachsman noted, even if the by-product might become buying fewer of those apps in the future.

“I believe my message every day when talking with security experts is to stop buying more security products,” he said in an interview. “They won’t help defend you from the next attack. You can use what you’ve already purchased as long as you configure it well.”

In his words, Cymulate acts as a “black box” on the network, where it integrates with security and other software (it can also work without integrating, but integrations allow for a deeper analysis). After running its simulations, it produces a map of the network and its threat profile, an executive summary of the situation that can be presented to management and a more technical rundown, which includes recommendations for mitigations and remediations.

Alongside validating and optimising existing security apps and identifying vulnerabilities in the network, Cymulate also has built special tools to fit different kinds of use cases that are particularly relevant to how businesses operate today. They include evaluating remote working deployments, the state of a network following an M&A process, the security landscape of an organization that links up with third parties in supply chain arrangements, how well an organization’s security architecture is meeting (or potentially conflicting) with privacy and other kinds of regulatory compliance requirements, and it has built a “purple team” deployment, where in cases where security teams do not have the resources for running separate “red teams” to stress test something, blue teams at the organization can use Cymulate to build a machine learning-based “team” to do this.

The fact that Cymulate has built the infrastructure to run all of these processes speaks to a lot of potential of what more it could build, especially as our threat landscape and how we do business both continue to evolve. Even as it is, though, the opportunity today is a massive one, with Gartner estimating that some $170 billion will be spent on information security by enterprises in 2022. That’s one reason why investors are here, too.

“The increasing pace of global cyber security attacks has resulted in a crisis of trust in the security posture of enterprises and a realization that security testing needs to be continuous as opposed to periodic, particularly in the context of an ever-changing IT infrastructure and rapidly evolving threats. Companies understand that implementing security solutions is not enough to guarantee protection against cyber threats and need to regain control,” said Klein, in a statement. “We expect Cymulate to grow very fast,” he told me more directly.

Powered by WPeMatico

Acronis raises $250M at a $2.5B+ valuation to double down on cyber protection services

As cybersecurity continues to grow in profile amid an increasingly complex and dangerous landscape of malicious activity, a cybersecurity vendor that specializes in “all-in-one” services covering the many aspects of security IT has closed a big round of funding.

Acronis has raised $250 million in equity, and co-founder and CEO Serguei Beloussov said in an interview the company plans to use the financing both to grow organically, as well as for acquisitions to bring more “proactive” technology into its portfolio. The funding is being led by CVC and values Acronis at over $2.5 billion.

Originally a spinoff from the parent company of virtualization giant Parallels, Acronis initially made its name in data recovery and backup, but has, over time, and to better differentiate itself from competitors like Commvault, Veeam and Barracuda (among others), expanded to provide an all-in-one package of services to include continuous data protection, patch management, anti-malware protection and more.

Integrating with a range of popular enterprise software packages and platforms and service providers, its business is now profitable, with some 10,000 managed service providers and 500,000 businesses (SMBs and bigger) among its customers.

“We didn’t need the money, but now we will invest it to grow faster and capitalise on our leadership,” Beloussov said in an interview.

New-wave revenues, based on its newer (not legacy) products such as Acronis Cyber Protect, grew 100% during the pandemic, he added. “We are spending the money on engineers and M&A to complement our cyber protection,” he said. “We have a single mission, which is to protect all data applications, providing privacy and security in one package. We protect about 10 million workloads today and we are aiming to grow that to 100x. There is a lot to do in terms of making that protection easier and deeper for our customers.”

He said that while the company is continuing to remain private, it’s also starting to think about its next steps, which could involve a public listing or a sale, in the next 12-24 months.

“With private equity investors like Goldman Sachs [which led its previous round in 2019] and CVC, they definitely expect liquidity at some point,” Beloussov said.

The funding and Acronis’s strategy to double down on growing its business comes at a key moment in the world of cybersecurity. The bigger landscape in the world of business has seen a huge shift in the last year to more people working remotely and across a wider set of geographies and devices. Although that shift was pushed along by the COVID-19 pandemic, many believe that the longer-term effect will be a very different working environment, with a greater acceptance that fewer people will be spending all of their time in their offices, and that it won’t necessarily impact productivity.

What it has impacted is how IT provisions and manages networks and the device that run on them, and specifically has exposed some of the loopholes in company’s cybersecurity policies. Malicious hackers, who were hard at work well before the pandemic, have jumped on this and exploited it.

Acronis has been one of the companies that has seen a growing demand for its services as a result of all that, with  Acronis’s software sold via managed service providers seeing a particular lift.

“Last year definitely pushed customers to understand that IT is mission critical and that is for every business,” Beloussov said, with security coming along with that by association. With security, though, organizations have realized that “managing by in-house resources is not always ideal so outsourcing to special service providers can guarantee service levels. With internal IT people, you can only shout at them, and that is okay because they are used to it.” Third parties, by contrast, operate with service-level agreements that are easier to enforce if something goes wrong.

“Acronis’ talented management and R&D teams have invested significant resources developing an innovative cloud-native ‘MSP in a box’ solution, with integrated backup, disaster recovery, cybersecurity, remote management, and workflow tools,” said Leif Lindbäck, senior managing director of CVC Capital Partners. “Acronis provides mission-critical solutions to more than 10,000 MSPs and half a million small and medium businesses. CVC has a strong track record in cybersecurity and partnering up with successful entrepreneurs, and we are looking forward to teaming up with Serguei Beloussov and the Acronis team to accelerate the company’s growth.”

Powered by WPeMatico

Vectra AI picks up $130M at a $1.2B valuation for its network approach to threat detection and response

Cybersecurity nightmares like the SolarWinds hack highlight how malicious hackers continue to exploit vulnerabilities in software and apps to do their dirty work. Today a startup that’s built a platform to help organizations protect themselves from this by running threat detection and response at the network level is announcing a big round of funding to continue its growth.

Vectra AI, which provides a cloud-based service that uses artificial intelligence technology to monitor both on-premise and cloud-based networks for intrusions, has closed a round of $130 million at a post-money valuation of $1.2 billion.

The challenge that Vectra is looking to address is that applications — and the people who use them — will continue to be weak links in a company’s security set-up, not least because malicious hackers are continually finding new ways to piece together small movements within them to build, lay and finally use their traps. While there will continue to be an interesting, and mostly effective, game of cat-and-mouse around those applications, a service that works at the network layer is essential as an alternative line of defense, one that can find those traps before they are used.

“Think about where the cloud is. We are in the wild west,” Hitesh Sheth, Vectra’s CEO, said in an interview. “The attack surface is so broad and attacks happen at such a rapid rate that the security concerns have never been higher at the enterprise. That is driving a lot of what we are doing.”

Sheth said that the funding will be used in two areas. First, to continue expanding its technology to meet the demands of an ever-growing threat landscape — it also has a team of researchers who work across the business to detect new activity and build algorithms to respond to it. And second, for acquisitions to bring in new technology and potentially more customers.

(Indeed, there has been a proliferation of AI-based cybersecurity startups in recent years, in areas like digital forensics, application security and specific sectors like SMBs, all of which complement the platform that Vectra has built, so you could imagine a number of interesting targets.)

The funding is being led by funds managed by Blackstone Growth, with unnamed existing investors participating (past backers include Accel, Khosla and TCV, among other financial and strategic investors). Vectra today largely focuses on enterprises, highly demanding ones with lots at stake to lose. Blackstone was initially a customer of Vectra’s, using the company’s flagship Cognito platform, Viral Patel — the senior MD who led the investment for the firm — pointed out to me.

The company has built some specific products that have been very prescient in anticipating vulnerabilities in specific applications and services. While it said that sales of its Cognito platform grew 100% last year, Cognito Detect for Microsoft Office 365 (a separate product) sales grew over 700%. Coincidentally, Microsoft’s cloud apps have faced a wave of malicious threats. Sheth said that implementing Cognito (or indeed other network security protection) “could have prevented the SolarWinds hack” for those using it.

“Through our experience as a client of Vectra, we’ve been highly impressed by their world-class technology and exceptional team,” John Stecher, CTO at Blackstone, said in a statement. “They have exactly the types of tools that technology leaders need to separate the signal from the noise in defending their organizations from increasingly sophisticated cyber threats. We’re excited to back Vectra and Hitesh as a strategic partner in the years ahead supporting their continued growth.”

Looking ahead, Sheth said that endpoint security will not be a focus for the moment because “in cloud there is so much open territory”. Instead it partners with the likes of CrowdStrike, SentinelOne, Carbon Black and others.

In terms of what is emerging as a stronger entry point, social media is increasingly coming to the fore, he said. “Social media tends to be an effective vector to get in and will remain to be for some time,” he said, with people impersonating others and suggesting conversations over encrypted services like WhatsApp. “The moment you move to encryption and exchange any documents, it’s game over.”

Powered by WPeMatico