Top 10: Cybersecurity platforms

2023. Google brings generative AI to cybersecurity



Google has introduced Cloud Security AI Workbench, a suite of cybersecurity tools that uses a specialized AI language model called Sec-PaLM. This model is derived from Google's PaLM model but has been optimized for security purposes by incorporating security intelligence, such as research on software vulnerabilities, malware, threat indicators, and behavioral threat actor profiles. The Cloud Security AI Workbench offers various AI-powered tools, including Mandiant's Threat Intelligence AI, which uses Sec-PaLM to identify, summarize, and respond to security threats. VirusTotal, another Google property, will also utilize Sec-PaLM to help subscribers analyze and explain the behavior of malicious scripts. Additionally, Sec-PaLM will aid customers of Chronicle, Google's cloud cybersecurity service, in searching security events and engaging in "conservative" interactions with the results.


2023. Coro raises $75M to grow its all-in-one cybersecurity platform



Coro, a startup which provides a one-stop shop AI-based cybersecurity platform has raised $75 million. The primary objective of Coro is to offer a comprehensive cloud-based SaaS solution that caters to all the cybersecurity software requirements of businesses. The key areas of focus include device monitoring, overseeing user activities, email, networks, data, and applications, as well as addressing any malicious activity detected. Coro's intended audience is mid-sized businesses that typically face a challenge in selecting software products due to their intermediate size. These businesses are often too large to benefit from SMB products but lack the necessary infrastructure and financial resources to adopt enterprise-level products.

2023. CyberSmart raises $15M for an all-in-one cybersecurity and insurance solution for SMBs



CyberSmart, a U.K. startup that has built an all-in-one platform providing cybersecurity technology for small and medium businesses, and cyber insurance if things go wrong regardless — has closed a $15.4M Series B. That security piece of CyberSmart comes in the form of its flagship product Active Protect, which is a “baseline” security tool that can be installed and used without any need for IT experts to integrate or manage it. Recently SMB has increasingly become a target for startups building cybersecurity solutions. That’s included others like Cowbell and Guardz, which are mixing the propositions for security and insurance together, as well as those focused only on tech, and specifically kinds of security incidents, such as ActZero and its focus on ransomware in particular.


2022. GreyNoise to expand its threat intel collection after securing $15M in funding


GreyNoise Intelligence, a cybersecurity startup that analyses internet scanning traffic to help organizations separate threats from internet “background noise,” has landed $15 million in Series A funding to expand its threat collection capabilities and help protect organizations from emerging vulnerabilities. GreyNoise is a self-styled “anti-threat intelligence” company that provides essentially a spam filter for internet threat alerts. Just as inboxes are bombarded with unwanted emails and unsolicited junk, security operations analysts are assaulted by endless, often pointless alerts.


2022. IBM acquires attack surface management startup Randori



IBM has announced that it’s acquiring Randori, a Boston-based offensive security startup that combines attack surface management (ASM) with continuous automated red teaming (CART) to help organizations bolster their cyber defenses. ASM — the continuous discovery, inventory, classification and monitoring of a company’s IT infrastructure — is becoming a must-have for organizations of all sizes. The number of potential exposure points in hybrid cloud operating environments is growing exponentially as a result of the pandemic-fueled shift to remote and hybrid working, with ESG data showing that 67% of organizations saw their external attack surface expand over the past two years due to the rising use of cloud, third-party services and Internet of Things (IoT) devices.


2022. Seemplicity emerges from stealth with $32M to consolidate security notifications and speed up response times



Israel-based startup Seemplicity is emerging from stealth with $32 million in funding for a platform that it believes will help reduce the cyber attack load by handling the huge shower of data that comes down on those DevOps teams that is hard to parse even before any action is taken. It takes all of those alerts and orchestrates them, to figure out which are related, which can be bundled together, which are more urgent (because they are central to how something operates, or because it could signal a cascading problem, for example) and which can be fixed by fixing something else.


2022. Prelude raises $24M to help organizations harden their cybersecurity defenses



Prelude, which describes itself as the first autonomous platform built to attack, defend and train critical assets through continuous red-teaming, has raised $24 million Series A. Prelude aims to harden an organization’s defenses by continuously “asking” it questions through the form of denatured cyberattacks. These attacks respond to the latest vulnerabilities and cyber events, turning complex technical descriptions into easily deployable questions.


2022. Virtual CISO startup Cynomi raises $3.5M to help SMBs automate cybersecurity



Cynomi, an Israeli cybersecurity startup that has built a virtual CISO platform for SMBs and service providers, has raised $3.5 million in seed funding. Typically, virtual CISO — or vCISO — services take the form of an outsourced or on-demand security practitioner that works as a remote, part-time contractor to offer cybersecurity expertise and guidance to organizations. Cynomi’s platform removes the human component and instead uses artificial intelligence (AI) technology to emulate a human CISO and automate previously manual operations.


2021. Breach simulation startup AttackIQ raises $44M



AttackIQ, a cybersecurity startup that provides organizations with breach and attack simulation solutions, has raised $44 million. AttackIQ provides an automated validation platform that runs scenarios to detect any gaps in a company’s defenses, enabling organizations to test and measure the effectiveness of their security posture and receive guidance on how to fix what’s broken. Broadly, AttackIQ’s platform helps an organization’s security teams anticipate, prepare and hunt for threats that may impact their business, before hackers get there first.


2021. Cybersecurity company Arctic Wolf secures $150M



Arctic Wolf, a managed cybersecurity company that offers “security operations-as-a-concierge” service, has raised $150 million at Series F. As a result of challenging cybersecurity landscape, fueled by pandemic turbulence and a mass shift to remote working, Arctic Wolf has seen impressive growth over the last 12 months. The company, which provides round-the-clock security monitoring for small and mid-sized organizations through its cloud security operations platform, saw its revenues double on rapid platform adoption growth, with nearly 60% of its 3,000 customers using at least three of its security operations solutions. This, the company claims, makes it the fastest-growing company at scale in the fastest-growing area of the cybersecurity market.


2021. Microsoft is buying cybersecurity startup RiskIQ



Microsoft is buying (for $500M) RiskIQ, a San Francisco-based cybersecurity company that provides threat intelligence and cloud-based software as a service for organizations. RiskIQ scours the web, mapping out details about websites and networks, domain name records, certificates and other information, like WHOIS registration data, providing customers visibility into what assets, devices and services can be accessed outside of a company’s firewall. That helps companies lock down their assets and limit their attack surface from malicious actors. It’s that data in large part that helped the company discover and understand Magecart, a collection of groups that inject credit card stealing malware into vulnerable websites.


2021. Elisity raises $26M to scale its AI cybersecurity platform



Elisity, a self-styled innovator that provides behavior-based enterprise cybersecurity, has raised $26 million in Series A funding. The platform looks to help organizations transition from legacy access approaches to zero trust, a security model based on maintaining strict access controls and not trusting anyone — even employees — by default, across their entire digital footprint. This enables organizations to adopt a “work-from-anywhere” model, according to the company, which notes that most companies today continue to rely on security and policies based on physical location or low-level networking constructs, such as VLAN, IP and MAC addresses, and VPNs.


2021. Cybersecurity startup Panaseer raises $26.5M



Panaseer, which takes a data science approach to cybersecurity, has raised $26.5 million in a Series B funding. Panaseer’s special sauce and sales pitch amount to what it calls “Continuous Controls Monitoring” (CCM). In plainer English that means correlating a great deal of data from all available security tools to check assets, control gaps, you name it. As a result, the company says it can identify zero-day and other exposures faster, or exposure to, say, FireEye or SolarWinds vulnerabilities. CCM continuously validates and measures levels of protection and provides notifications of failures. Ultimately, CCM enables these failures to be fixed before they become security incidents.


2021. Vulcan Cyber raises $21M for its vulnerability remediation platform



Tel Aviv-based Vulcan Cyber, a cybersecurity startup that helps businesses prioritize and fix security vulnerabilities, has raised a $21 million Series B funding. The company will use the new funding to roll out new remediation solutions and launch a free risk-based vulnerability management platform under the Vulcan Free monicker. The company’s emphasis has always been on not just warning its customers about potential vulnerabilities but also helping them prioritize them based on the severity of the risk and the threat to a company’s business assets. Security teams, after all, are often overwhelmed by alerts and not every vulnerability a scanner represents is a high-priority risk for a business. The promise of Vulcan Cyber’s platform is that it helps these teams figure out where to best focus their resources.


2021. Cloud cybersecurity startup Lumu raises a $7.5M



Miami-based cybersecurity startup Lumu has raised $7.5 million Series A. Lumu offers a cloud-based service that helps companies continually scan and react to data compromises in real time. The company collects and standardizes metadata from across the network, including DNS queries, network traffic, access logs from perimeter proxies, firewalls and spam box filters, then applies AI to correlate threat intelligence from these disparate data sources to isolate confirmed points of compromise. Lumu not only helps companies prevent breaches but also allows them to automate their responses.


2021. CYE raises $100M to help companies shore up their cyber-defenses



Israeli Cybersecurity startup CYE has raised $100M. CYE helps companies shore up their security posture. It does this in large part by conducting offensive operations against their customers — with their explicit consent — to find weaknesses in their network defenses before malicious hackers do. The company also provides incident response and security consultants, as well as its flagship product, Hyver, which helps companies assess their entire network and assets. Hyver is a cloud-based cybersecurity optimization platform that helps organizations reclaim control over their cyber resilience.


2021. CybSafe raises $7.9M for its ‘behavioral’ cybersecurity platform



Cybersecurity startup CybSafe, a “behavioral security” platform, has raised $7.9 million in a Series A funding round. CybSafe is a SaaS product with a per-user-based, subscription licensing model. CybSafe’s “behavior-led” platform manages these people-related security risks using behavioral science and data analytics by delivering personalized cyber support for users. The company already has 350 clients in 15 countries, including Credit Suisse, Air Canada, HSBC and NHS Trusts.


2020. FireEye acquires AI security expert Respond Software for $186M



Cybersecurity company FireEye has acquired Respond Software, a company that helps customers investigate and understand security incidents, while reducing the need for highly trained (and scarce) security analysts. FireEye had its eye on Respond’s Analyst product, which it plans to fold into its Mandiant Solutions platform. Like many companies today, FireEye is focused on using machine learning to help bolster its solutions and bring a level of automation to sorting through the data, finding real issues and weeding out false positives. The acquisition gives them a quick influx of machine learning-fueled software.


2020. Hunters raises $15M for its AI-based threat-hunting platform



Hunters, a Tel Aviv-based cybersecurity startup that helps enterprises defend themselves from intruders and analyze attacks, has raised a $15 million Series A funding round from Microsoft and other investors. The company’s SaaS platform basically automates the threat-hunting processes, which has traditionally been a manual process. The general idea here is to take as much data from an enterprise’s various networking and security tools to detect stealth attacks.


2020. Axonius nabs $58M for its cybersecurity-focused network asset management platform



Axonius, a New York-based company that lets organizations manage and track the range of computing-based assets that are connecting to their networks — and then plug that data into some 100 different cybersecurity tools to analyse it — has picked up a Series C of $58 million. The company has had a huge boost in business in the last year, however — especially right now, not a surprise for a company that helps enable secure remote working, at a time when many businesses have gone remote in an effort to follow government policies encouraging social distancing to slow the spread of the coronavirus pandemic.


2020. Intezer raises $15M for its DNA-style approach to identifying malware code



Israeli startup Intezer, which has built a way to analyse, identify and eradicate malware by way of an ordering system similar to what’s used when mapping out DNA — has raised $15 million. Intezer describes its technique as “genetic malware analysis”, and the basic premise is that all software, whether legitimate or malicious, is comprised of previously written code. Intezer can “map” out different malware, making connections by detecting code reuse and code similarities, which in turn can help it identify new threats, and help put a stop to them. There is a reason why cybercriminals reuse code, and it has to do with economies of scale: they can reuse and work faster. Conversely, it also becomes exponentially harder for them to launch a new attack campaign since they would need to start completely from scratch.


2019. Cybersecurity automation startup Tines scores $4.1M



Tines, a Dublin-based startup that lets companies automate aspects of their cybersecurity, has raised $4.1 million in Series A funding. Tines automates many of the repetitive manual tasks faced by security analysts so they can focus on other high-priority work. Tines lets companies automate parts of their manual security processes with the help of six software “agents,” with each acting as a multipurpose building block. Therefore, regardless of the process being automated, it only requires combinations of these six agent types configured in different ways to replicate a particular workflow.


2019. VMware acquired cybersecurity platform Carbon Black


VMware has acquired Carbon Black, a publicly traded security company that focuses on securing modern cloud-native workloads. The price of the acquisition is about $2.1 billion. Carbon Black provides the security features necessary to secure modern applications and infrastructures. The idea is to seamlessly integrate Carbon Black’s cloud-native endpoint protection platform into all of VMware’s control points. This type of bold move is exactly what the IT and security industries have been looking to see for a very long time.


2019. Cybersecurity platform Confluera snaged $9M


Confluera, the startup that wants to help companies protect themselves in the face of an onslaught of attacks, announced a $9 million Series A investment led by Lightspeed Venture Partners. The company’s solution watches across the customer’s infrastructure, finds issues and recommends ways to mitigate the attack. The platform has visibility across the infrastructure, and uses security information from multiple sources to make that determination of where the attacker currently is and how to mitigate that. It’s early days for Confluera, as it has 19 employees and three customers using the platform so far. For starters, it will be officially launching next week at Black Hat. After that, it has to continue building out the product and prove that it can work as described to stop the types of attacks we see on a regular basis.


2019. Microsoft Defender comes to Mac



Microsoft Defender Advanced Threat Protection (ATP) is coming to the Mac. Previously, this was a Windows solution for protecting the machines of Microsoft 365 subscribers and assets of the IT admins that try to keep them safe. It was also previously called Windows Defender ATP, but given that it is now on the Mac, too, Microsoft decided to drop the “Windows Defender” moniker in favor or “Microsoft Defender.” There are plenty of enterprises that use a mix of Windows machines and Mac, and which provide all of their employees with Office already. Having a security solution that spans both systems can greatly reduce complexity for IT departments — and keeping up with security vulnerabilities on one system is hard enough to begin with.


2016. Cisco acquired cybersecurity-as-a-Service provider CloudLock



Cisco announced it plans to acquire (for $293 million) CloudLock, a cloud-based security provider that uses APIs to let enterprises apply and monitor security on documents and other content that they share and store in cloud-based applications. CloudLock works with Office365, Google Drive, and Salesforce applications, among thousands of other apps and software. Its focus is on offering security and enforcing policies to protect documents, regardless of device used to access it, and allowing for specific controls based on location.