Hunters, a provider of an extended detection and response (XDR) platform, today revealed it has garnered an additional $30 million in investment to help drive the adoption of a security platform that promises to obviate the need for legacy security information event management (SIEM) platforms.
The Hunters XDR platform collects data from a wide range of security tools that is then aggregated on the data management platform from Snowflake residing on the Amazon Web Services (AWS) cloud. That approach enables security analysts to query data residing in a multi-tenant software-as-a-service (SaaS) platform in addition to viewing analytics that are automatically generated in a way that provides more context than a traditional SIEM platform does, said Hunters CEO Uri May.
The $30 million in funding is led by Bessemer Venture Partners, with participation from existing investors YL Ventures, Blumberg Capital, Microsoft’s venture fund M12, and U.S. Venture Partners (USVP). The new funding brings the total investment to $50.4 million, which was previously raised from investors that included Okta Ventures and Snowflake.
The additional investments are an affirmation of faith in an XDR category poised for mainstream adoption, said Ofer Schreiber, partner at YL Ventures, which co-led the seed round for Hunters alongside Blumberg Capital. “We are now executing on that vision,” he said.
Fine-tuning security analysis
SIEM platforms typically require security analysts to know what queries to launch against the data organizations have been able to collect. The Hunters XDR platform has been pre-integrated with a range of security platforms that are already widely employed by enterprise IT environment, said May. That capability eliminates the need for security teams to deploy agent software to collect data that already largely exists in most IT environments, he said.
Once that data is aggregated, the Hunters XDR platform is then able to analyze a wide range of alerts and signals to give security analysts more context about threats. The goal is to reduce the overall volume of alerts by synthesizing signals to surface more actionable analytics results, said May, by using graph technologies embedded with the Hunters XDR platform.
Competition among providers of XDR platforms seeking to supplant SIEM is intensifying. Enterprise IT teams are looking to move beyond SIEM platforms that provide a database of security events that can be queried only if security analysts know the right questions to ask. The challenge is that as attack vectors change and evolve, it’s become even more difficult for cybersecurity analysts to understand which alerts signal an ongoing attack versus, for example, a reconnaissance of the system’s defenses.
Ultimately, May said the goal is to enable cybersecurity teams, which are often understaffed, to better prioritize their efforts. Just as importantly, automating the analytics more should reduce the level of cybersecurity expertise required to identify an attack.
In general, May said that as enterprise IT environments become more extended, it’s only going to become more difficult to identify cybersecurity attacks. Each new platform added to an IT environment increases the number of alerts that are likely to be generated, he added. “The attack surface is becoming more distributed,” he said. “Alert fatigue is a real problem.”
The challenge, of course, is convincing organizations to invest more in cybersecurity. The ongoing onslaught of cybersecurity attacks has many organizations questioning its return on investment. That disillusionment often makes it challenging for cybersecurity teams to convince senior leaders of the company to make additional investments. Like it or not, however, the cybersecurity landscape continues to evolve in ways that require organizations to adapt.
VentureBeatVentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
- up-to-date information on the subjects of interest to you
- our newsletters
- gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
- networking features, and more