The average cost of a data breach is nearly $4 million, and yet 74% of companies say they can’t patch vulnerabilities quickly enough because they lack the necessary staff. That’s why former HP senior business manager and national account director Jay Prassl founded Automox, which is developing a platform that automates endpoint configuration, patching, management, and inventory. After emerging from stealth in 2015, the Boulder, Colorado-based startup went on to raise $12.6 million in a series of funding rounds. This week, Automox nabbed $30 million in a series B round led by Koch Disruptive Technologies, with participation from CRV and CrowdStrike’s Falcon Fund (in partnership with Accel), bringing its total raised to over $40 million.
CEO Prassl says the capital will be used to accelerate R&D and expand Automox’s sales and marketing teams. “The security industry has done a great job of providing tools that are effective at identifying adversaries once they are inside your infrastructure,” he said in a statement. “Unfortunately, little innovation has been applied to proactively reduce the corporate attack surface by making sure the ‘windows and doors’ that attackers commonly exploit are locked to begin with.”
He goes on to stress the importance of timely intervention: “The only true competitive advantage in security today is speed. Hardening infrastructure quickly and confidently is the most impactful step an organization can take to reduce its overall cybersecurity risk.”
Automox’s eponymous suite — which works across operating systems (i.e., Windows, Mac, and Linux), servers, and remote laptops — lets admins and security team members automate and conduct actions through policies. From within a dashboard, users can orchestrate checks to ensure patch compliance of assets, regardless of location, and they’re able to perform both technical and top-level reporting. Automox also enables critical patches and software updates throughout enterprise computing environments, plus security configurations and custom scripting.
Automox claims that customers like Greyhound, Yale University, NASA, Xerox, Hootsuite, Dollar Shave Club, and Unicef have seen an up to 250% return on investment in the first year, a 50% reduction in labor hours to manage patches, and an 80% reduction in corporate attack surfaces. That’s in addition to 2-3 times less effort and 15 times faster hardening of infrastructure than with competing solutions.
“Out of date, unpatched, and misconfigured infrastructure is a pervasive security gap that has plagued corporations of every size for far too long,” said Koch Disruptive Technologies managing director Byron Knight. “Automox, which has proven itself as a disruptive leader in the cybersecurity industry, is addressing this issue. KDT wants to partner with companies solving the world’s most complex challenges with innovative solutions, and Automox fits this criterion.”
Automox occupies a global cybersecurity market that’s anticipated to be worth $120 billion by 2024 — Israeli startups alone raised $6.32 billion between 2013 and 2019. That’s not surprising, considering Juniper Research pegs the number of digital records that will be stolen in 2023 at 33 billion, compared with the 12 billion stolen in 2018. As recently as 2017, the U.S. outranked all other countries in the volume of ransomware attacks, according to Symantec. And analysts elsewhere estimate that the cybercrime economy has grown to $1.5 trillion in annual profits and that damages will reach $6 trillion by 2021.
Indeed, Tel Aviv- and Boston-based Cybereason raised $200 million in August 2019 for its enterprise endpoint protection platform, shortly after SentinelOne nabbed $120 million. CrowdStrike, an AI-powered cybersecurity platform specializing in endpoint protection and threat intelligence, also recently raised $200 million. And AI-powered cybersecurity startup Cylance snagged $120 million in June 2018 to expand its platform globally.