Attivo Networks, the leader in deception solutions for cybersecurity defense, and a competitor in the 2017 ‘ASTORS’ Homeland Security Awards Program, today announced it has raised $21 million in Series C venture capital funding.
The round of funding follows a $15 million Series B financing in May, representing $36 million raised in the last five months and a collective total of $45.7 million overall.
(Learn about deception technology and the Attivo Networks ThreatDefend Deception and Response Platform. Courtesy of Attivo Networks and YouTube)
This new funding will be used to support further development of the Attivo ThreatDefend™ Deception and Response Platform to address the evolving landscape of threats and attack surfaces and to add counterintelligence functionality.
The company will also use the funds to expand global sales initiatives.
Alberto Yépez, a managing director of Trident Capital Cybersecurity and a pioneer of the cybersecurity industry, will join Attivo Networks board.
Yépez has played significant roles as an entrepreneurial and public company CEO, board member, large company senior executive, serial entrepreneur, and an angel and venture capital investor.
Attivo Networks: Revenues Increased 300 Percent; Attracting Fortune 50 Customers
“Attivo is the clear leader in the emerging space of deception solutions that improves real-time breach detection,” Yépez said.
“Deception puts attackers on the defensive making them work harder and increasing their costs. ”
“High accuracy addresses the issue of too many alarms being reported by existing solutions and incident response is improved with the capture of specific techniques and tools being used by the attacker.”
“This is the primary reason why companies are working closely with the Attivo team to help detect and more effectively respond to sophisticated cyber attacks.”
Today’s Series C funding comes at an opportune time for Attivo Networks to expand amid the escalating demand for deception technology across the financial, healthcare, technology, retail, energy, and government sectors.
Further adoption of the cloud with shared security models and a heightened need for specialized device protection of industrial control, Internet of Things, and point-of-sale systems has also fueled company growth.
The company has seen revenues increase 300 percent year over year, accumulated an impressive list of Fortune 50 customers, and is engaged with over 350 companies in evaluation and trials of its deception and response technology.
(Carolyn Crandall, CMO of Attivo Networks, explains the importance of deception technology to FOX news. Courtesy of Fox News, Attivo Networks and YouTube)
FBR Capital Markets has estimated that the deception technology market will grow to $3 billion by 2019, three times its size in 2016.
Rik Turner, principal analyst, infrastructure solutions at Ovum Consulting, states in the 2017 On the Radar Report, “Unlike other deception vendors, Attivo’s offering extends beyond network- and endpoint-based deception technology into vulnerability assessment and response automation, going as far as enabling threat hunting.”
“Attivo stands out for the dynamic nature of its deception technology, while its combination with response automation puts its product ahead of the pack in this market segment.”
“Achieving 100 percent security is not realistic,” explains Tushar Kothari, CEO of Attivo Networks.
“Organizations must know immediately when their perimeter security controls fail and be able to respond quickly.”
“Attivo Networks deception-based detection efficiently closes this detection deficit.”
“It is not enough to understand how an attacker attacks, you must also know how to defend and respond.”
“Attivo engineering has applied its deep expertise based on years of detecting and analyzing threats to deliver an accurate and scalable solution for detecting advanced threats within today’s evolving attack surface.”
Deception-based detection technology changes the game on attackers.
Taking a page out of military operations, Attivo applies deception-based decoy and attacker luring technologies within the network to deceive and misdirect attackers into revealing themselves.
Deception presents a unique opportunity to change the asymmetric war against cyber attackers, altering their reality and imposing increased cost as they are forced to decipher what is real and what is fake.
It is a rare opportunity to exploit the trust that attackers have, slow their attack, and turn the tide against them.
“Attivo’s innovation is impressive and strengthens not only in-network detection but also serves to strengthen a company’s edge defense,” added Enrique Salem, managing director of Bain Capital Ventures.
“Since our initial investment in Attivo in 2015, we continue to see the company chart new territory in deception use cases and in the value it presents to customers.”
“Today we’re particularly excited about Attivo’s creation of deception technology for counterintelligence, opening new opportunities for the government to combat targeted attacks.”
One of the greatest challenges faced by computer security professionals is the inability to detect early credential theft and lateral movement within the computer system or network, reflecting an over reliance on their perimeter defenses.
This failing is why attackers are able to remain undetected for extended periods of time and disappear into the litany of alerts practitioners receive.
Due to this crucial issue, a 2016 Ponemon Institute study found that organizations on average took more than six months to identify a security breach, as well as an additional 66 days to contain the breach after discovery.
This lack of detection resulted in 1,935 successful breaches in 2016, according to the Verizon DBIR report.
“Traditional security detection technologies must parse through oceans of data in hope of identifying suspicious activity,” noted Chris Bishko, partner, Omidyar Technology Ventures.
“This exercise is akin to looking for a needle in a haystack.”
“Attivo’s deception solutions address the shortcomings of this paradigm.”
“Deception “tripwires” are placed pervasively throughout the network, alerting on attacker engagement, and reducing the risk of incursions remaining undetected for extended periods, as seen in essentially all recent high-profile breaches.”
Attivo Networks Deception: Award-Winning Technology
Attivo Networks deception is designed for an evolving landscape of threats and attack surfaces.
Deception efficiently sets traps, lures, and high-interaction attacker engagement that attracts and misdirects, regardless of whether the attackers are human (advanced persistent threat (APT), insiders, third party) or automated (malware, scripts, bots).
The attacker movement, tools, techniques, and methods can then be analyzed and shared with existing security controls to isolate infected systems, block the attack, and threat hunt for further infections.
With this information, enterprise security staffers can quickly identify the attacker and prevent the threat from executing their mission.
Deception as an efficient approach to in network detection has been widely recognized by analysts, with Neil MacDonald from Gartner, Inc. recommending it as a 2017 top 10 cybersecurity initiative.
In addition, Attivo Networks has received 19 awards from cybersecurity publications in 2017 alone.
It has also attracted positive coverage from a number of technology analyst firms, including Gartner Inc. (Cool Vendor 2016), 451 Research, Frost and Sullivan, TAG Cyber, Ovum, and Information Security Group (ISG).
Attivo ThreatDefend Response
- As the attacker engages with the deception environment, the BOTsink multi-correlation engine analyzes the attack and creates the forensic reporting for the incident.
- This attack information will then create evidence-based alerts and be viewable in a threat intelligence dashboard, in which double click actions can be taken through 3rd party integrations to block and quarantine attackers.
- Companies and agencies can then create repeatable playbooks based on information that they would like shared with their firewalls, endpoint, NAC, and SIEM solutions, so that their security policies can automatically be applied.