SpyCloud raises $30 million to guard against account takeovers

Cybersecurity firm SpyCloud today closed a $30 million venture financing round, which cofounder and CEO Ted Ross says will be used to grow the company’s product and engineering teams as they build new ways to detect and prevent fraud. It comes as identity theft hit a record high in 2017, according to a 2018 report from Javelin Strategy and Research — the year 16.7 million victims (up 8% from 15.4 million in 2016) incurred losses totaling $16.8 billion.

One of the most common forms of fraud is account takeover, in which criminals use another person’s account information to buy products and services. It also tends to be the most difficult to resolve; on average, it takes about 16 hours and $290 in out-of-pocket expenses (as per the Javelin report). Generally speaking, there’s been an uptick in fraud during the pandemic, with the FBI’s Internet Crime Complaint Center reporting thousands of complaints each day about hacking attempts.

SpyCloud aims to proactively stop those crimes before they happen with the help of big data analytics tools. The company’s cloud-based solution — the brainchild of Ross, who was previously Walmart’s strategy architect, and chief product officer David Endler, an Avast veteran — takes a four-pronged approach to takeover mitigation: prevention, investigation, alerts, and enforcement.

SpyCloud actively recovers data from third-party breaches and identifies when the web users’ credentials have been exposed, prompting those who have been affected by a breach or leak to reset their passwords. All the while, SpyCloud’s fully automated Active Directory component continuously compares newly stolen credentials to active employees and automatically forces a reset of compromised passwords to lock down exposed accounts.

Above: SpyCloud’s approach to gathering credentials data.

Image Credit: SpyCloud

For customers looking to dive deeper, SpyCloud’s Investigations product exposes the tactics and techniques adversaries took to perform fraud, and visualization tool Maltego produces graphs for link analysis (i.e., finding relationships among usernames, passwords, IP addresses, geographic locations, phone numbers, financial information, email addresses, and more). Moreover, thanks to a robust set of APIs, SpyCloud enables strategic partners like CreditKarma and AlienVault to build monitoring and security solutions for third-party clients.

SpyCloud claims its repository of more than 100 billion breach assets — including decrypted, compromised credentials from proprietary sources for the average internet user as well as C-level executives — is one of the largest in the world. The company recovered 9 billion credentials last year from 640 breaches. Current customers include Cisco, Automattic, MailChimp, Samsonite, and “hundreds” of other enterprise organizations in verticals like technology, travel and hospitality, financial services, health care, retail, and higher education.

With an eye toward growth, last July SpyCloud expanded its sales and support operations into Europe, the Middle East, and Africa. In the fall, the company launched automated tools for checking and maintaining password security in Microsoft Active Directory, as well as Third Party Insight, a solution designed to help businesses evaluate risks presented by vendors, partners, or acquisition targets based on factors that stem from the threat of account takeovers.

Centana Growth Partners led the Austin, Texas-based SpyCloud’s series C round, with participation from existing investors M12 (formerly Microsoft Ventures), Altos Ventures, Silverton Partners, and March Capital Partners. The round brings the company’s total capital raised to date to nearly $60 million.