Cool Startup: Cybereason

Cybereason, based in Cambridge MA, has raised $4.6M in funding. It was founded by Lior Div, who previously lead a unit within the prestigious Unit 8200 of the Israeli Intelligence Corp. Unit 8200 is the Isreali equivalent of the NSA. Cybereason is a next generation intelligent security platform, that helps companies with rapid detection, and response to security breaches. Cybereason reduces the MTTK (mean-time-to-know), which is the time from the initial network breach, to the time it’s first discovered.

The New Cyber Criminal

Today’s advanced cyber criminal is a talented engineer, mathematician, tactician, and philosopher, that will penetrate networks, and user credentials, through trickery, deception, logic, patience, and dedication, working 24×7. The cyber criminal thrives on challenge, and likes to solves complex problems. Every failure they experience is a lesson learned, that only sharpens their skill set.

For many hackers, being successful is the difference between having no food on the table, to having steak and wine with the family. Taking all these elements into account, is there any network firewall, IPS/IDS, Anti-virus program, or old school security product that’s going to stop the hacker, from breaching the corporate network, the perimeter, applications, or mobile devices. According to Cybereason, “Prevention is Futile” and “Breach is Inevitable”. Cybereason identifies the breaches in real time, detecting it, and mitigating it.

Rapid Detection and Response

The firewall protects against hackers and unauthorized users, but what happens when a hacker compromises a legitimate identity of a real user. In this case, the firewall and anti-virus program is useless. Cybereason detects suspicious behavior, even if it’s from internal users, and takes the appropriate action. For example, let’s say a compromised user account of a Product Manager, tries to access accounting records, the Cybereason platform identifies the suspicious activity, informs security operations,  and acts to stop the breach in its tracks.

Rapid detection and response is the best way to stop an attack. Focusing on the action, and intent of the cyber crime is the only way to stop it. Now throw in mobile devices, and cloud applications like Saleforce into the equation, and things start getting messy. These applications and devices bypass the traditional firewall. Cybereason is the right company at the right time. They are a disruptor, challenging the old ways of doing business. I expect the Cybereason to get acquired within the next 2 years.