Shape Security adopts one of malware’s key strategies — altering its code to avoid detection — to protect enterprises from cyberattacks.
It calls its product ShapeShifter.
The cybersecurity startup has raised $40 million to continue building its ShapeShifter tech and sales team, the company announced today.
Most malware only changes its code when it installs because it’s trying to alter its signature. But ShapeShifter changes websites’ code in real time. The company touts it as the cybersecurity industry’s first botwall. ShapeShifter doesn’t detect attacks — it deflects them.
Both malware and ShapeShifter use “the same fundamental concept of polymorphism, but the implementation is different,” said Shuman Ghosemajumder, Shape Security’s vice president of strategy.
Ghosemajumder promised ShapeShifter doesn’t lead to major website latency. It also doesn’t affect website management: Site operators see the original interface, not jumbled code.
Today’s financing brings Shape Security’s total funding to $66 million. Norwest Venture Partners led the $40 million round, which also included participation from Sierra Ventures and Shape Security’s existing investors (Kleiner Perkins, Venrock, Google Ventures, Eric Schmidt’s TomorrowVentures, and Allegis Capital).
With price points north of $1 million, Shape Security aims to serve enterprises across myriad industries, but some early ShapeShifter adopters are in financial services, health care, and retail. ShapeShifter is currently only available as an onsite solution, but the startup is working on a cloud-based version.