In the tech world, 17 years is an awfully long time to operate without receiving a single penny of institutional investment.

But that’s exactly what cybersecurity company IID (Internet Identity) did, growing to 65 employees solely on revenues. Founded in 1996, the company today accepted its first venture capital funding: an $8 million round from Bessemer Venture Partners.

IID will use the capital to build out and market its ActiveTrust platform, which resembles a security social network. IID has been working on ActiveTrust for the last three years so subscribers can selectively share information about security attacks and threats with other companies.

“A lot of organizations get beat by the same thing their neighbor got beat by,” said Lars Harvey, cofounder and CEO of IID, in an interview with VentureBeat. “It’s like someone stole your mail, and you put up a locked mailbox, but didn’t tell the neighborhood.”

VB Transform 2020 Online - July 15-17. Join leading AI executives: Register for the free livestream.

Major security firms like McAfee and Symantec publicly release information about security threats, but Harvey thinks organizations can discover attacks and vulnerabilities faster if they cooperate privately. ActiveTrust is available to select IID customers today, with a broad release planned for early 2014 (sometime around the RSA conference, according to Harvey).

IID got its start helping companies prevent and handle phishing attacks, and that remains a large part the company’s business. But no matter how efficient IID’s process for gathering information about threats is, it can’t tackle everything — which led to the idea for ActiveTrust.

“Sharing actually makes [companies] more secure,” said Harvey, “I don’t know if they all have that view today, but we certainly see it that way.”

Asked what IID is doing to ensure the security of information that passes through ActiveTrust, Harvey declined to go into specifics, but mentioned encryption and other “leading technologies.” On the yin-and-yang of security versus usability, Harvey said IID leans slightly toward security.

The Tacoma, Wash.-based IID has no plans to relocate, though it expects to grow its employee count “significantly” over the next 18 months.

“So if anyone really wants to move to Tacoma, we’re obviously very interested,” said Harvey, chuckling.