Cybersecurity startup Randori today announced that it secured $20 million in equity financing, bringing the startup’s total raised to $29.75 million. The infusion of capital comes after a year during which attacks on internet of things devices tripled, and during which the number of malicious payloads on the web hit 24.6 billion — up 14% from 2018.
Randori’s attack platform promises to safely launch attacks on organizations to help them understand how to prevent or mitigate the effects of data breaches and other compromises, in part by leveraging machine learning to asses the exploitability of vulnerabilities. It’s a novel approach in that it needs only a corporate email address to scan for threats, and thus ostensibly requires less setup and configuration than rival offerings.
Randori — whose name was inspired by Japanese martial arts, and whose customers include Carbon Black, Greenhill, RapidDeploy, and the Center for Strategic and International Studies — provides a suite that aims to automate the assessment and decision-making underpinning when, where, and how an attacker is most likely to strike. To this end, it provides context and information about findings, remediation steps, and exploitable systems to prioritize.
Randori’s Recon product enables teams to continuously scan for misconfigurations, blind spots, and process failures using a black-box approach. Starting with an email address, Recon automatically creates a baseline of an organization’s attack surface. An integrated model — the Target Temptation model — then spots the assets most likely to elicit action from an attacker, taking into account factors like known weaknesses, post-exploitation potential, and the cost of action by an attacker.
As for Randori’s Attack, which is designed to pair with and complement Recon, it tests defenses against attacks by mirroring adversaries, exposing gaps and critical problems in the process. It attempts to gain access to valuable data and assets, taking pains at each step to elucidate successful and unsuccessful actions mapped to MITRE ATT&CK, a freely accessible knowledge base of tactics based on real-world observations. At the conclusion of each attack, it reports metrics including the time taken to detect, contain, or expel the attack; the percent of attacks detected; the detection rate; and the sophistication required to reach the assets.
Randori tells VentureBeat that it uses AI classification models to prioritize the targets attackers are most interested in, as well as affiliation mechanisms that make up a confidence engine responsible for analyzing information gleaned from internet scans. The confidence engine generates a relative score of how likely an entity — whether an IP address, hostname, domain, certificate, network, or other entity — on the internet is to be associated with a provided domain. This information helps Randori to identify where one company’s assets end and another’s begin.
Randori — which has 21 employees and expects to have over 100 by 2022 — was cofounded in 2018 by CEO and former Carbon Black exec Brian Hazzard and CTO David Wolpoff, along with Evan Anderson, Eric McIntyre, and Ian Lee. Hazzard says the funding from this latest round (a series A), which was led by Harmony Venture Partners with participation from existing investors Accomplice, .406 Ventures, and Legion Capital, will be used to build out a team of red-team hackers and to develop attack techniques to integrate with the platform.
“Security teams are looking for ways to be more proactive. They want to anticipate, not just react, to threats. This requires understanding what’s possible from the attacker’s perspective and where your security program is likely to break down,” Hazzard said, adding that Randori has over 150 active users. “Our platform exposes how attackers think, act and conduct campaigns, bringing a continuous red team experience to the mass market. This funding accelerates that by enabling us to double our headcount over the next year.”
Randori isn’t without competitors in the cyberthreat detection and remediation space. Ironscales employs AI and machine learning to defeat organization-wide phishing attacks in real time, and France- and Boston-based Vade recently raised $79 million to further develop its filtering stack that protects against compromise, malware, and spam. There’s also Tessian, which uses machine learning for securing enterprise mail, and Valimail, which nabbed $45 million last year to thwart email phishing attacks. That’s not to mention ZeroFox — it novelly taps AI to surface threats of violence and identify deepfake videos, or videos that take a person in an existing image, audio recording, or video and replace them with someone else’s likeness using AI.