Vectra AI picks up $130M at a $1.2B valuation for its network approach to threat detection and response

Cybersecurity nightmares like the SolarWinds hack highlight how malicious hackers continue to exploit vulnerabilities in software and apps to do their dirty work. Today a startup that’s built a platform to help organizations protect themselves from this by running threat detection and response at the network level is announcing a big round of funding to continue its growth.

Vectra AI, which provides a cloud-based service that uses artificial intelligence technology to monitor both on-premise and cloud-based networks for intrusions, has closed a round of $130 million at a post-money valuation of $1.2 billion.

The challenge that Vectra is looking to address is that applications — and the people who use them — will continue to be weak links in a company’s security set-up, not least because malicious hackers are continually finding new ways to piece together small movements within them to build, lay and finally use their traps. While there will continue to be an interesting, and mostly effective, game of cat-and-mouse around those applications, a service that works at the network layer is essential as an alternative line of defense, one that can find those traps before they are used.

“Think about where the cloud is. We are in the wild west,” Hitesh Sheth, Vectra’s CEO, said in an interview. “The attack surface is so broad and attacks happen at such a rapid rate that the security concerns have never been higher at the enterprise. That is driving a lot of what we are doing.”

Sheth said that the funding will be used in two areas. First, to continue expanding its technology to meet the demands of an ever-growing threat landscape — it also has a team of researchers who work across the business to detect new activity and build algorithms to respond to it. And second, for acquisitions to bring in new technology and potentially more customers.

(Indeed, there has been a proliferation of AI-based cybersecurity startups in recent years, in areas like digital forensics, application security and specific sectors like SMBs, all of which complement the platform that Vectra has built, so you could imagine a number of interesting targets.)

The funding is being led by funds managed by Blackstone Growth, with unnamed existing investors participating (past backers include Accel, Khosla and TCV, among other financial and strategic investors). Vectra today largely focuses on enterprises, highly demanding ones with lots at stake to lose. Blackstone was initially a customer of Vectra’s, using the company’s flagship Cognito platform, Viral Patel — the senior MD who led the investment for the firm — pointed out to me.

The company has built some specific products that have been very prescient in anticipating vulnerabilities in specific applications and services. While it said that sales of its Cognito platform grew 100% last year, Cognito Detect for Microsoft Office 365 (a separate product) sales grew over 700%. Coincidentally, Microsoft’s cloud apps have faced a wave of malicious threats. Sheth said that implementing Cognito (or indeed other network security protection) “could have prevented the SolarWinds hack” for those using it.

“Through our experience as a client of Vectra, we’ve been highly impressed by their world-class technology and exceptional team,” 
John Stecher, CTO at Blackstone, said in a statement. “They have exactly the types of tools that technology leaders need to separate the signal from the noise in defending their organizations from increasingly sophisticated cyber threats. We’re excited to back Vectra and Hitesh as a strategic partner in the years ahead supporting their continued growth.”

Looking ahead, Sheth said that endpoint security will not be a focus for the moment because “in cloud there is so much open territory”. Instead it partners with the likes of CrowdStrike, SentinelOne, Carbon Black and others.

In terms of what is emerging as a stronger entry point, social media is increasingly coming to the fore, he said. “Social media tends to be an effective vector to get in and will remain to be for some time,” he said, with people impersonating others and suggesting conversations over encrypted services like WhatsApp. “The moment you move to encryption and exchange any documents, it’s game over.”


By Ingrid Lunden

SentinelOne, an AI-based endpoint security firm, confirms $267M raise on a $3.1B valuation

This year, more than ever before because of the Covid-19 pandemic, huge droves of workers and consumers have been turning to the internet to communicate, get things done, and entertain themselves. That has created a huge bonanza for cybercriminals, but also companies that are building tools to combat them.

In the latest development, an Israel-hatched, Mountain View-based enterprise startup called SentinelOne — which has built a machine learning-based solution that it sells under the brand Singularity that works across the entire edge of the network to monitor and secure laptops, phones, containerised applications and the many other devices and services connected to a network — has closed $267 million in funding to continue expanding its business to meet demand, which has seen business boom this year. Its valuation is now over $3 billion.

Given the large sums the company has now raised — $430 million to date — the funding will likely be used for acquisitions (cyber is a very crowded market and will likely see some strong consolidation in the coming years) as well as more in-house development and sales and marketing. Earlier this year, CEO and founder Tomer Weingarten told me that an IPO “would be the next logical step” for the company. “But we’re not in any rush,” he said at the time. “We have one to two years of growth left as a private company.”

SentinelOne contacted TechCrunch with the above details but said that an official press release was due only to be released at 3pm UK time. We’ll update with more details if they’re available when they are published. In the meantime, other outlets such as Calcalist in Israel (in Hebrew) have also published these details. And it should be noted that the round was rumored for almost a month ahead of this, although the sums raised were off by quite a bit: the reports had said $150-200 million.

(Sidenote: Why the pointless games with timings and exclusives? Who knows — I certainly don’t. )

This round included Tiger Global, Sequoia, Insight Partners, Third Point Ventures and Qualcomm Ventures. It looks like Sequoia — which is currently building up a new European operation to look more closely at opportunities on this side of the globe — is the only new name in that list. The others have all backed SentinelOne in previous rounds.

In the world of startups, we are firmly living in a time when investors are looking for strong opportunities to back companies that are shining in a market that is particularly challenging. Covid-19 has all but decimated the travel industry and live in-person event industry, among others.

But services that are helping people continue to live their lives, and those that are helping find a cure or at least solutions to minimise the impact, are very much in demand.

The curecybersecurity market — in particular for companies that are providing solutions that can immediately prove to be effective in what is an increasingly sophisticated threat landscape — is incredibly active right now, even more than it already was. It was only in February of this year that SentinelOne had raised $200 million at a $1.1 billion valuation.

Within that, endpoint security, the area where SentinelOne concentrates its efforts, is particularly strong. Last year, endpoint security solutions was estimated to be around an $8 billion market, and analysts project that it could be worth as much as $18.4 billion by 2024.

While SentinelOne has a lot of competitors — they include Microsoft, CrowdStrike, Kaspersky, McAfee, and Symantec — it is also a strong player in the market. Relying on the advances of AI and with roots in the Israeli cyberintelligence community, its platform is built around the idea of working automatically not just to detect endpoints and their vulnerabilities, but to apply behavioral models, and various modes of protection, detection and response in one go.

“We are seeing more automated and real-time attacks that themselves are using more machine learning,” Weingarten said to me this year. “That translates to the fact that you need defence that moves in real time as with as much automation as possible.”

As of February, it had 3,500 customers, including three of the biggest companies in the world, and “hundreds” from the global 2,000 enterprises, with 113% year-on-year new bookings growth, revenue growth of 104% year-on-year and 150% growth year-on-year in transactions over $2 million. Those numbers will have likely grown significantly since then. (We’ll update as and when we learn more.)


By Ingrid Lunden

Hunters raises $15M Series A for its threat-hunting platform

Hunters, a Tel Aviv-based cybersecurity startup that helps enterprises defend themselves from intruders and analyze attacks, today announced that it has raised a $15 million Series A funding round from Microsoft’s M12 and U.S. Venture Partners. Seed investors YL Ventures and Blumberg Captial also participated in this round, as well as new investor Okta Ventures, the venture arm of identity provider Okta. With this, Hunters has now raised a total of $20.4 million.

The company’s SaaS platform basically automates the threat-hunting processes, which has traditionally been a manual process. The general idea here is to take as much data from an enterprise’s various networking and security tools to detect stealth attacks.

“Hunters is basically this layer, a cognitive layer or connective tissue that you put on top of your telemetry stack,” Hunters co-founder and CEO Uri May told me. “So you have your [endpoint detection and response], your firewalls, cloud, production environment sensors — and all of those are shooting telemetry and detections all over the organization, generating huge amounts of data. And, basically, our place in the world depends on our ability to generate that delta. So without being able to find things that you can’t see with a single point solution or without really expediting response procedures and workflows by correlating things in a nontrivial way, we don’t have any excuse to exist. But we got pretty good at those — at showing that delta — and we onboarded customers — nice logos — and that was a very strong validation.”

Image Credits: Hunters

Hunters’ first customer was actually data management service Snowflake, which functioned as the company’s design partner. In addition to being a customer, Snowflake now also features Hunters in its partner marketplace, as does security service CrowdStrike. May also noted that Crowdstrike is a good example for the kind of customer Hunters is going after.

“Not necessarily Global 2000 or Fortune 500. It’s really high-end mid-market organizations, not necessarily tens of thousand employees, but billions of dollars in revenues, a lot of value at risk, born to the cloud, super mature tech stack, not necessarily a big security operation center, but definitely CISO and a team of security engineers and analysts, and they’re looking for the solution, that on-top solution that can make sense of a lot of the data and give them the confidence and also give them results in terms of cybersecurity, posture and their detection and response capabilities.”

Microsoft already has a large security development center in Israel and so it’s no surprise that Hunters appeared on the company’s radar. Hunters also spent some time proactively looking at the Microsoft ecosystem, May told me, but the company’s VCs also made some introductions. All of this culminated in a number of meetings at the Tel Aviv CyberTech conference in January and the RSA Conference in San Francisco in February, just before the coronavirus pandemic essentially shut down travel.

Hunters says it will use the new funding to build out its go-to-market capabilities in the U.S. and expand its R&D team in Israel. As for the product itself, the company will look to broaden its product integration and machine learning capabilities to help it generate better attack stories. May also noted that it plans to give its users capabilities to customize the system for their needs by allowing them to develop their own signals and detections to augment the company’s default tools. This, May argued, will allow the company to go after higher-end enterprise customers that already have threat-hunting teams but that are looking to automate more of the process. With that, it will also look to partner with other security firms to leverage its system to provide better services to their customers as well.


By Frederic Lardinois

6 CISOs share their game plans for a post-pandemic world

Like all business leaders, chief information security officers (CISOs) have shifted their roles quickly and dramatically during the COVID-19 pandemic, but many have had to fight fires they never expected.

Most importantly, they’ve had to ensure corporate networks remain secure even with 100% of employees suddenly working from home. Controllers are moving millions between corporate accounts from their living rooms, HR managers are sharing employees’ personal information from their kitchen tables and tens of millions of workers are accessing company data using personal laptops and phones.

This unprecedented situation reveals once and for all that security is not only about preventing breaches, but also about ensuring fundamental business continuity.

While it might take time, everyone agrees the pandemic will end. But how will the cybersecurity sector look in a post-COVID-19 world? What type of software will CISOs want to buy in the near future, and two years down the road?

To find out, I asked six of the world’s leading CISOs to share their experiences during the pandemic and their plans for the future, providing insights on how cybersecurity companies should develop and market their solutions to emerge stronger:

The security sector will experience challenges, but also opportunities

The good news is, many CISOs believe that cybersecurity will weather the economic storm better than other enterprise software sectors. That’s because security has become even more top of mind during the pandemic; with the vast majority of corporate employees now working remotely, a secure network has never been more paramount, said Rinki Sethi, CISO at Rubrik. “Many security teams are now focused on ensuring they have controls in place for a completely remote workforce, so endpoint and network security, as well as identity and access management, are more important than ever,” said Sethi. “Additionally, business continuity and disaster recovery planning are critical right now — the ability to respond to a security incident and have a robust plan to recover from it is top priority for most security teams, and will continue to be for a long time.”

That’s not to say all security companies will necessarily thrive during this current economic crisis. Adrian Ludwig, CISO at Atlassian, notes that an overall decline in IT budgets will impact security spending. But the silver lining is that some companies will be acquired. “I expect we will see consolidation in the cybersecurity markets, and that most new investments by IT departments will be in basic infrastructure to facilitate work-from-home,” said Ludwig. “Less well-capitalized cybersecurity companies may want to begin thinking about potential exit opportunities sooner rather than later.”


By Walter Thompson

Axonius nabs $58M for its cybersecurity-focused network asset management platform

As companies get to grips with a wider (and, lately, more enforced) model of remote working, a startup that provides a platform to help track and manage all the devices that are accessing networked services — an essential component of cybersecurity policy — has raised a large round of growth funding. Axonius, a New York-based company that lets organizations manage and track the range of computing-based assets that are connecting to their networks — and then plug that data into some 100 different cybersecurity tools to analyse it — has picked up a Series C of $58 million, money it will use to continue investing in its technology (its R&D offices are in Tel Aviv, Israel) and expanding its business overall.

The round is being led by prolific enterprise investor Lightspeed Venture Partners, with previous backers OpenView, Bessemer Venture Partners, YL Ventures, Vertex, and WTI also participating in the round.

Dean Sysman, CEO and Co-Founder at Axonius, said in an interview that the company is not disclosing its valuation, but for some context, the company has now raised $95 million, and PitchBook noted that in its last round, a $20 million Series B in August 2019, it had a post-money valuation of $110 million.

The company has had a huge boost in business in the last year, however — especially right now, not a surprise for a company that helps enable secure remote working, at a time when many businesses have gone remote in an effort to follow government policies encouraging social distancing to slow the spread of the coronavirus pandemic. As of this month, Axonius has seen customer growth increase 910% compared to a year ago.

Sysman said that this round had been in progress for some time ahead of the announcement being made, but the final stages of closing it were all done remotely last week, which has become something of a new normal in venture deals at the moment.

“We’ve all been staying at home for the last few weeks,” he said in an interview. “The crisis is not helping with deals. It’s making everything more complex for sure. But specifically for us there wasn’t a major difference in the process.”

Sysman said that he first thought of the idea for Axonius when at a previous organization — his experience includes several years with the Israeli Defense Forces, as well as time at a startup called Integrity Project, acquired by Mellanox — where he realised the organization itself, and all of its customers, never actually knew how many devices accessed their network, which is a crucial first step in being able to secure any network.

“Every CIO I met I would ask, do you know how many devices you have on your network? And the answer was either ‘I don’t know,’ or big range, which is just another way of saying, ‘I don’t know,’” Sysman said. “It’s not because they’re not doing their jobs but because it’s just a tough problem.”

Part of the reason, he added, is because IP addresses are not precise enough, and de-duplicating and correlating numbers is a gargantuan task, especially in the current climate of people using not just a multitude of work-provided devices, but a number of their own.

That was what prompted Sysman and his cofounders Ofri Shur and Avidor Bartov to build the algorithms that formed the basis of what Axonius is today. It’s not based on behavioural data as some cybersecurity systems are, but something that Sysman describes as “a deterministic algorithm that knows and builds a unique set of identifiers that can be based on anything, including timestamp, or cloud information. We try to use every piece of data we can.”

The resulting information becomes a very valuable asset in itself that can then be used across a number of other pieces of security software to search for inconsistencies in use (bringing in the behavioural aspect of cybersecurity) or other indicators of malicious activity — specifically following the company’s motto, “Know Your Assets, Identify Gaps, and Automate Security Policy Enforcement” — even as data itself may seem a little pedestrian on its own.

“We like to call ourselves the Toyota Camry of cybersecurity,” Sysman said. “It’s nothing exotic in a world of cutting-edge AI and advanced tech. However it’s a fundamental thing that people are struggling with, and it is what everyone needs. Just like the Camry.”

For now, Axonius is following the route of providing a platform that can interconnect with a number of other security products — currently numbering around 100 — rather than building those tools itself, or acquiring them to bring them in house. That could be one option for how potentially it might evolve over time, however.

For now, the idea of being agnostic to those specific tools and providing a platform just to identify and manage assets is a formula that has already seen a lot of traction with customers — which include companies like Schneider Electric, the New York Times, and Landmark Medical, among others — as well as investors.

“Any enterprise CISO’s top priority, with unwavering consistency, is asset discovery and management. You can’t protect a device if you don’t know it exists.” said Arsham Menarzadeh, general partner at Lightspeed Venture Partners, in a statement. “Axonius integrates into any security and management product to show customers their full asset landscape and automate policy enforcement. Their integrated approach and remediation capabilities position them to become the operating system and single source of truth for security and IT teams. We’re excited to play a part in helping them scale.”


By Ingrid Lunden

The right way to do AI in security

Artificial intelligence applied to information security can engender images of a benevolent Skynet, sagely analyzing more data than imaginable and making decisions at lightspeed, saving organizations from devastating attacks. In such a world, humans are barely needed to run security programs, their jobs largely automated out of existence, relegating them to a role as the button-pusher on particularly critical changes proposed by the otherwise omnipotent AI.

Such a vision is still in the realm of science fiction. AI in information security is more like an eager, callow puppy attempting to learn new tricks – minus the disappointment written on their faces when they consistently fail. No one’s job is in danger of being replaced by security AI; if anything, a larger staff is required to ensure security AI stays firmly leashed.

Arguably, AI’s highest use case currently is to add futuristic sheen to traditional security tools, rebranding timeworn approaches as trailblazing sorcery that will revolutionize enterprise cybersecurity as we know it. The current hype cycle for AI appears to be the roaring, ferocious crest at the end of a decade that began with bubbly excitement around the promise of “big data” in information security.

But what lies beneath the marketing gloss and quixotic lust for an AI revolution in security? How did AL ascend to supplant the lustrous zest around machine learning (“ML”) that dominated headlines in recent years? Where is there true potential to enrich information security strategy for the better – and where is it simply an entrancing distraction from more useful goals? And, naturally, how will attackers plot to circumvent security AI to continue their nefarious schemes?

How did AI grow out of this stony rubbish?

The year AI debuted as the “It Girl” in information security was 2017. The year prior, MIT completed their study showing “human-in-the-loop” AI out-performed AI and humans individually in attack detection. Likewise, DARPA conducted the Cyber Grand Challenge, a battle testing AI systems’ offensive and defensive capabilities. Until this point, security AI was imprisoned in the contrived halls of academia and government. Yet, the history of two vendors exhibits how enthusiasm surrounding security AI was driven more by growth marketing than user needs.


By Arman Tabatabai

Backed by Benchmark, Blue Hexagon just raised $31 million for its deep learning cybersecurity software

Nayeem Islam spent nearly 11 years with chipmaker Qualcomm, where he founded its Silicon Valley-based R&D facility, recruited its entire team and oversaw research on all aspects of security, including applying machine learning on mobile devices and in the network to detect threats early.

Islam was nothing if not prolific, developing a system for on-device machine learning for malware detection, libraries for optimizing deep learning algorithms on mobile devices, and systems for parallel compute on mobile devices, among other things.

In fact, because of his work, he also saw a big opportunity in better protecting enterprises from cyberthreats through deep neural networks that are able to process every single raw byte within a file without ignoring anything, and that can uncover complex relations within datasets. So two years ago, Islam and Saumitra Das, a former Qualcomm engineer with 330 patents to his name and another 450 pending, struck out on their own to create Blue Hexagon, a now 30-person Sunnyvale, Ca.-based company that is today disclosing that it has raised $31 million in funding from Benchmark and Altimeter.

The funding comes roughly one year after Benchmark quietly led a $6 million Series A round for the firm.

So what has investors so bullish on the company’s prospects, aside from its credentialed founders? In a word, speed, seemingly. According to Islam, Blue Hexagon has created a real-time, cybersecurity platform that he says can detect known and unknown threats at first encounter, then block them in “sub seconds” so the malware doesn’t have time to spread.

The industry has to move to real-time detection, he says, explaining that four new and unique malware samples is released every second, and arguing that traditional security methods can’t keep pace. He says that sandboxes, for example, meaning restricted environments that quarantine cyber threats and keep them from breaching sensitive files, are no longer state of the art. The same is true of signatures, which are mathematical techniques used to validate the authenticity and integrity of a message, software or digital document but are being bypassed by rapidly evolving new malware.

Only time will tell if Blue Hexagon is far more capable of identifying and stopping attackers, as Islam insists is the case. It is not the only startup to apply deep learning to cybersecurity, though it’s certainly one of the first.

Critics, some who are protecting their own corporate interests, also worry that hackers can foil security algorithms by targeting the warning flags they look for.

Still, with its technology, its team, and its pitch, Blue Hexagon is starting to persuade not only top investors of its merits, but a growing —  and broad — base of customers, says Islam. “Everyone has this issue, from large banks, insurance companies, state and local governments. Nowhere do you find someone who doesn’t need to be protected.”

Blue Hexagon can even help customers that are already under attack, Islam says, even if it isn’t ideal. “Our goal is to catch an attack as early in the kill chain as possible. But if someone is already being attacked, we’ll see that activity and pinpoint it and be able to turn it off.”

Some damage may already be done, of course. It’s another reason to plan ahead, he says. “With automated attacks, you need automated techniques.” Deep learning, he insists, “is one way of leveling the playing field against attackers.”


By Connie Loizos

NYC wants to build a cyber army

Empires rise and fall, and none more so than business empires. Whole industries that once dominated the planet are just a figment in memory’s eye, while new industries quietly grow into massive behemoths.

New York City has certainly seen its share of empires. Today, the city is a global center of finance, real estate, legal services, technology, and many, many more industries. It hosts the headquarters of roughly 10% of the Fortune 500, and the metro’s GDP is roughly equivalent to that of Canada.

So much wealth and power, and all under constant attack. The value of technology and data has skyrocketed, and so has the value of stealing and disrupting the services that rely upon it. Cyber crime and cyber wars are adding up: according to a report published jointly between McAfee and the Center for Strategic and International Studies, the costs of these operations are in the hundreds of billions of dollars – and New York’s top industries such as financial services bare the brunt of the losses.

Yet, New York City has hardly been a bastion for the cybersecurity industry. Boston and Washington DC are far stronger today on the Acela corridor, and San Francisco and Israel have both made huge impacts on the space. Now, NYC’s leaders are looking to build a whole new local empire that might just act as a bulwark for its other leading ecosystems.

Today, the New York City Economic Development Corporation (NYCEDC) announced the launch of Cyber NYC, a $30 million “catalyzing” investment designed to rapidly grow the city’s ecosystem and infrastructure for cybersecurity.

James Patchett, CEO of New York City Economic Development Corporation. (Photo from NYCEDC)

James Patchett, CEO of NYCEDC, explained in an interview with TechCrunch that cybersecurity is “both an incredible opportunity and also a huge threat.” He noted that “the financial industry has been the lifeblood of this city for our entire history,” and the costs of cybercrime are rising quickly. “It’s a lose-lose if we fail to invest in the innovation that keeps the city strong” but “it’s a win if we can create all of that innovation here and the corresponding jobs,” he said.

The Cyber NYC program is made up of a constellation of programs:

  • Partnering with Jerusalem Venture Partners, an accelerator called Hub.NYC will develop enterprise cybersecurity companies by connecting them with advisors and customers. The program will be hosted in a nearly 100,000 square foot building in SoHo.
  • Partnering with SOSA, the city will create a new, 15,000 square foot Global Cyber Center co-working facility in Chelsea, where talented individuals in the cyber industry can hang out and learn from each other through event programming and meetups.
  • With Fullstack Academy and Laguardia Community College, a Cyber Boot Camp will be created to enhance the ability of local workers to find jobs in the cybersecurity space.
  • Through an “Applied Learning Initiative,” students will be able to earn a “CUNY-Facebook Master’s Degree” in cybersecurity. The program has participation from the City University of New York, New York University, Columbia University, Cornell Tech, and iQ4.
  • With Columbia University’s Technology Ventures, NYCEDC will introduce a program called Inventors to Founders that will work to commercialize university research.

NYCEDC’s map of the NYC Cyber initiative. (Photo from NYCEDC)

In addition to Facebook, other companies have made commitments to the program, including Goldman Sachs, MasterCard, PricewaterhouseCoopers, and edX.org. Two Goldman execs, Chief Operational Risk Officer Phil Venables and Chief Information Security Officer Andy Ozment, have joined the initiative’s advisory boards.

The NYCEDC estimates that there are roughly 6,000 cybersecurity professionals currently employed in New York City. Through these programs, it estimates that the number could increase by another 10,000. Patchett said that “it is as close to a no-brainer in economic development because of the opportunity and the risk.”

From Jerusalem to New York

To tackle its ambitious cybersecurity goals, the NYCEDC is partnering with two venture firms, Jerusalem Venture Partners (JVP) and SOSA, with significant experience investing, operating, and growing companies in the sector.

Jerusalem-based JVP is an established investor that should help founders at Hub.NYC get access to smart capital, sector expertise, and the entrepreneurial experience needed to help their startups scale. JVP invests in early-, late-, and growth-stage companies focused on cybersecurity, big data, media, and enterprise software.

JVP will run Hub.NYC, a startup accelerator that will help cybersecurity startups connect with customers and mentors. (Photo from JVP)

Erel Margalit, who founded the firm in 1993, said that “If you look at what JVP has done … we create ecosystems.” Working with Jerusalem’s metro government, Margalit and the firm pioneered a number of institutions such as accelerators that turned Israel into an economic powerhouse in the cybersecurity industry. His social and economic work eventually led him to the Knesset, Israel’s unicameral legislature, where he served as an MP from 2015-2017 with the Labor Party.

Israel is a very small country with a relative dearth of large companies though, a huge challenge for startups looking to scale up. “Today if you want to build the next-generation leading companies, you have to be not only where the ideas are being brewed, but also where the solutions are being [purchased],” Margalit explained. “You need to be working with the biggest customers in the world.”

That place, in his mind, is New York City. It’s a city he has known since his youth – he worked at Moshe’s Moving IN NYC while attending Columbia as a grad student where he got his PhD in philosophy. Now, he can pack up his own success from Israel and scale it up to an even larger ecosystem.

Since its founding, JVP has successfully raised $1.1 billion across eight funds, including a $60 million fund specifically focused on the cybersecurity space. Over the same period, the firm has seen 32 successful exits, including cybersecurity companies CyberArk (IPO in 2014) and CyActive (Acquired by PayPal in 2013).

JVP’s efforts in the cybersecurity space also go beyond the investment process, with the firm recently establishing an incubator, known as JVP Cyber Labs, specifically focused on identifying, nurturing and building the next wave of Israeli cybersecurity and big data companies.

On average, the firm has focused on deals in the $5-$10 million range, with a general proclivity for earlier-stage companies where the firm can take a more hands-on mentorship role. Some of JVP’s notable active portfolio companies include Source Defense, which uses automation to protect against website supply chain attacks, ThetaRay, which uses big data to analyze threats, and Morphisec, which sells endpoint security solutions.

Opening up innovation with SOSA

The self-described “open-innovation platform,” SOSA is a global network of corporations, investors, and entrepreneurs that connects major institutions with innovative startups tackling core needs.

SOSA works closely with its partner startups, providing investor sourcing, hands-on mentorship and the physical resources needed to achieve growth. The group’s areas of expertise include cybersecurity, fintech, automation, energy, mobility, and logistics. Though headquartered in Tel Aviv, SOSA recently opened an innovation lab in New York, backed by major partners including HP, RBC, and Jefferies.

With the eight-floor Global Cyber Center located in Chelsea, it is turning its attention to an even more ambitious agenda. Uzi Scheffer, CEO of SOSA, said to TechCrunch in a statement that “The Global Cyber Center will serve as a center of gravity for the entire cybersecurity industry where they can meet, interact and connect to the finest talent from New York, the States, Israel and our entire global network.”

SOSA’s new building in Chelsea will be a center for the cybersecurity community (Photo from SOSA)

With an already established presence in New York, SOSA’s local network could help spur the local corporate participation key to the EDC’s plan, while SOSA’s broader global network can help achieve aspirations of turning New York City into a global cybersecurity leader.

It is no coincidence that both of the EDC’s venture partners are familiar with the Israeli cybersecurity ecosystem. Israel has long been viewed as a leader in cybersecurity innovation and policy, and has benefited from the same successful public-private sector coordination New York hopes to replicate.

Furthermore, while New York hopes to create organic growth within its own local ecosystem, the partnerships could also benefit the city if leading Israeli cybersecurity companies look to relocate due to the limited size of the Israeli market.

Big plans, big results?

While we spent comparatively less time discussing them, the NYCEDC’s educational programs are particularly interesting. Students will be able to take classes at any university in the five-member consortium, and transfer credits freely, a concept that the NYCEDC bills as “stackable certificates.”

Meanwhile, Facebook has partnered with the City University of New York to create a professional master’s degree program to train up a new class of cybersecurity leaders. The idea is to provide a pathway to a widely-respected credential without having to take too much time off of work. NYCEDC CEO Patchett said, ”you probably don’t have the time to take two years off to do a masters program,” and so the program’s flexibility should provide better access to more professionals.

Together, all of these disparate programs add up to a bold attempt to put New York City on the map for cybersecurity. Talent development, founder development, customer development – all have been addressed with capital and new initiatives.

Will the community show up at initiatives like the Global Cyber Center, pictured here? (Photo from SOSA)

Yet, despite the time that NYCEDC has spent to put all of these partners together cohesively under one initiative, the real challenge starts with getting the community to participate and build upon these nascent institutions. “What we hear from folks a lot of time,” Patchett said to us, is that “there is no community for cyber professionals in New York City.” Now the buildings have been placed, but the people need to walk through the front doors.

The city wants these programs to be self-sustaining as soon as possible. “In all cases, we don’t want to support these ecosystems forever,” Patchett said. “If we don’t think they’re financially sustainable, we haven’t done our job right.” He believes that “there should be a natural incentive to invest once the ecosystem is off the ground.”

As the world encounters an ever increasing array of cyber threats, old empires can falter – and new empires can grow. Cybersecurity may well be one of the next great industries, and it may just provide the needed defenses to ensure that New York City’s other empires can live another day.


By Arman Tabatabai

Stripe debuts Radar anti-fraud AI tools for big businesses, says it has halted $4B in fraud to date

Cybersecurity continues to be a growing focus and problem in the digital world, and now Stripe is launching a new paid product that it hopes will help its customers better battle one of the bigger side-effects of data breaches: online payment fraud. Today, Stripe is announcing Radar for Fraud Teams, an expansion of its free AI-based Radar service that runs alongside Stripe’s core payments API to help identify and block fraudulent transactions.

And there are further efforts that Stripe is planning in coming months. Michael Manapat, Stripe’s engineering manager for Radar and machine learning, said the company is going to soon launch a private beta of a “dynamic authentication” that will bring in two-factor authentication and start to see Stripe’s first forays into considering how to implement biometric factors in payments. Fingerprints and other physical attributes have become increasingly popular ways to identify mobile and other users.

The initial iteration of Radar launched in October 2016, and since then, Manapat tells me that it has prevented $4 billion in fraud for its “hundreds of thousands” of customers.

Considering the wider scope of how much e-commerce is affected by fraud — one study estimates $57.8 billion in e-commerce fraud across eight major verticals in a one-year period between 2016 and 2017 — this is a decent dent, but there is a lot more work to be done. And Stripe’s position of knowing four out of every five payment card numbers globally (on account of the ubiquity of its payments API) gives it a strong position to be able to tackle it.

The new paid product comes alongside an update to the core, free product that Stripe is dubbing Radar 2.0, which Stripe claims will have more advanced machine learning built into it and can therefore up its fraud detection by some 25 percent over the previous version.

New features for the whole product (free and paid) will include being able to detect when a proxy VPN is being used (which fraudsters might use to appear like they are in one country when they are actually in another) and ingesting billions of data points to train its model, which is now being updated on a daily basis automatically — itself an improvement on the slower and more manual system that Manapat said Stripe has been using for the past couple of years.

Meanwhile, the paid product is an interesting development.

At the time of the original launch, Stripe co-founder John Collison hinted that the company would be considering a paid product down the line. Stripe has said multiple times that it’s in no rush to go public — and statement that a spokesperson reiterated this week — but it’s notable that a paid tier is a sign of how Stripe is slowly building up more monetization and revenue generation.

Stripe is valued at around $9.2 billion as of its last big round in 2016. Most recently, it raised $150 million back in that November 2016 round. A $44 million from March of this year, noted in Pitchbook, was actually related to issuing stock related to its quiet acquisition of point-of-sale payments startup Index in that month — incidentally another interesting move for Stripe to expand its position and placement in the payments ecosystem. Stripe has raised around $450 million in total.

The Teams product, aimed at businesses that are big enough to have dedicated fraud detection staff, will be priced at an additional $0.02 per transaction, on top of Stripe’s basic transaction fees of a 2.9 percent commission plus 30 cents per successful card charge in the U.S. (fees vary in other markets).

The chief advantage of taking the paid product will be that teams will be able to customise how Radar works with their own transactions.

This will include a more complete set of data for teams that review transactions, and a more granular set of tools to determine where and when sales are reviewed, for example based on usage patterns or the size of the transaction. There are already a set of flags the work to note when a card is used in frequent succession across disparate geographies; but Manapat said that newer details such as analysing the speed at which payment details are entered and purchases are made will now also factor into how it flags transactions for review.

Similarly, teams will be able to determine the value at which a transaction needs to be flagged. This is the online equivalent of when certain purchases require or waive you to enter a PIN or provide a signature to seal the deal. (And it’s interesting to see that some e-commerce operations are potentially allowing some dodgy sales to happen simply to keep up the user experience for the majority of legitimate transactions.)

Users of the paid product will also be able to now use Radar to help with their overall management of how it handles fraud. This will include being able to keep lists of attributes, names and numbers that are scrutinised, and to check against them with analytics also created by Stripe to help identify trending issues, and to plan anti-fraud activities going forward.

Updated with further detail about Stripe’s funding.