There’s a reason the enterprise security market is expected to be worth $71 billion by 2021, according to Statista: Unguarded systems and networks pose a constant threat. Data breaches resulted in the leaks of an estimated 1.76 billion records in January 2019 alone, and ransomware is expected to cost businesses and organizations a whopping $11.5 billion this year. Perhaps worse still, the global cost of all cybercrime might exceed $2 trillion by next year — a fourfold increase from 2015.
That’s why in 2013 Stephan Chenette and Rajesh Sharma founded AttackIQ, a San Diego-based automated security validation platform for enterprises. It launched out of stealth in 2016, and the startup today announced closure of a new round of capital that will provide runway well into the remainder of this year.
AttackIQ says it has secured $17.6 million in a series B round led by Khosla Ventures, with participation from existing investors Index Ventures, Salesforce Ventures, and Telstra Ventures. This brings the company’s total raised to $35 million, and CEO Brett Galloway said the funds will be used to accelerate platform development, increase hiring across all teams, and expand field operations.
“AttackIQ is on a mission to fix enterprise security. We believe that security matters very deeply,” said Galloway, who is a Cisco veteran and cofounder of Mist Systems and Packeteer and who previously served as president of wireless LAN switch vendor Airespace. “A successful cyber attack on critical infrastructure would be devastating, yet the effectiveness of enterprise security controls is often poor. The missing ingredient is systematic feedback on effectiveness. The best way to deliver this feedback is to emulate attacker behavior and see what the security controls do — or, all too frequently, what they don’t do.”
AttackIQ’s platform — which supports Windows, Linux, and OS X across public, private, and on-premises cloud environments — lets customers design and run attack scenarios with test point agents that imitate threats. It provides continuous validation against common attack vectors with detailed executive and technical reports, and from its cloud dashboard admins can pull up visualizations of system performance and “attack readiness” and kick off (or schedule) scenarios with a button click. In the event a breach or vulnerability is uncovered, AttackIQ issues push notifications with mitigation recommendations to IT and security workflows.
AttackIQ can be deployed as a native, virtual, or cloud agent and integrated with existing infrastructure via its API, and it boasts a library of templates and prebuilt scenarios covering adversarial tactics, techniques, and procedures. Several of these are mapped to Mitre’s ATT&CK, a freely accessible knowledgebase of tactics based on real-world observations, and each can be customized with AttackIQ’s software development kit.
“AttackIQ’s unique approach fits our view that effective enterprise security programs require an objective, continuous, and machine-driven approach to pressure-test and validate the sprawl of security products and controls,” said Khosala Ventures partner Brian Byun, who intends to join AttackIQ’s board of directors. “We believe this market opportunity is huge and that AttackIQ is well-positioned to lead the market.”