We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
CyCognito, a company developing bot technology to probe potential cyberattack vectors, today announced that it raised $100 million in a funding round led by The Westly Group with participation from Accel, LightSpeed Venture Partners, Sorenson Ventures, UpWest, and The Heritage Group. The new financing — which values CyCognito at $800 million — brings the company’s total capital raised to $153 million, which CEO and cofounder Rob Gurzeev says will be put toward further developing CyCognito’s platform and expanding the company’s workforce.
Cyberattacks are on the rise as hackers target companies accelerating digital transformations during the pandemic. In the first half of 2020, data breaches exposed 36 billion records. And the amount that companies paid to hackers grew by 300%, in light of high-profile ransomware attacks against the Colonial Pipeline, the Steamship Authority of Massachusetts, JBS (the world’s largest meatpacker), and the Washington, D.C. Metropolitan Police Department. That’s perhaps why 68% of business leaders feel that their cybersecurity risks are increasing, according to a recent Accenture survey — and why the worldwide information security market is forecast to reach $170.4 billion in 2022.
Gurzeev and Dima Potekhin founded CyCognito in 2017 to address a few of the cybersecurity challenges facing enterprises today. Potekhin, a three-time entrepreneur, was a founding engineer at AcceloWeb, a server-side website acceleration platform that was acquired by Limelight Networks in 2011. Gurzeev served as head of offensive security at C4, an intelligence-gathering platform, which was later snatched up by Israel-based defense company Elbit Systems.
“Our number one priority is to help security teams worldwide maintain a strong security posture,” Gurzeev said in a statement. “That’s why we’ve developed the industry’s most dynamic, intelligent platform for comprehensive external attack surface management. Our proactive approach to discovering and prioritizing risk is unmatched in the industry and provides security teams with the insight and confidence to quickly preempt potential attacks.”
CyCognito uses a network of bots to scan, map, and fingerprint digital assets. Using analysis based on statistical methods, clustering, natural language processing, and the actions of its platform’s users, CyCognito learns how to classify assets by their business context and organizational association, producing a graph that captures relationships between organizations, subsidiaries, vendors, partners, cloud platforms, exposed on-premises assets, and third-party systems.
CyCognito profiles billions of web apps, keyword and code fragments, logos and icons, and deployed software to identify potential attack vectors. Using risk evaluation methods like authentication and misconfiguration testing, network design analysis, and data exposure spotlighting, the company’s attack simulator orchestrates assessments without affecting business operations.
From a dashboard, IT teams can use CyCognito to view attacker-exposed assets. Those same teams can also see which department assets belong to and monitor for new assets while taking remediation steps recommended by CyCognito.
“When mapping an organization’s attack surface, the first step we take is to understand its business structure: subsidiaries, organizational hierarchies, business relationships, and more,” Gurzeev explained. “We use natural language understanding (NLU) here in two ways: (1) semi-structured text comprehension to extract information from Wikipedia, financial reports, investor relations materials, Google Search results, and so on; and (2) domain-specific NLU to understand a variety of information such as the fact that “Acme Inc.” “Acme GmbH” and “Acme S.p.A” are different companies but almost certainly related and that “Acme Inc.” and “Acme Incorporated” are the same thing … As we collect and analyze data, have human analysts verify certain results both to validate findings and provide feedback when necessary on how to adjust our machine learning models.”
Palo Alto, California-based CyCognito’s customers include Colgate-Palmolive, Tesco, and government groups like the State of California. Over the past 12 months, the company claims to have grown revenue 400% year-over-year and tripled the size of its client base.
“We have dozens of Fortune 500 companies, and a number of Fortune 100 as well,” Gurzeev said. “Demand for our technology has always been high; 2019 was our first full year of selling products, so our business has primarily operated during the pandemic and we practically don’t know anything else. Last year, the market saw one of the biggest cloud migrations ever, and companies learned the hard way that disruption can happen at any time. Accelerated adoption of cloud computing and remote- and hybrid-workforces accelerates cyber risk as well — making attack surface management even more essential.”
Like its competitors, 130-employee CyCognito is benefiting from an influx of venture capital prompted by growing cybersecurity threats. According to Pitchbook, from January to August, cybersecurity startups raised $17.7 billion in venture capital — more than a 70% increase from last year’s record of $10.2 billion. Despite the fact that some experts view cybersecurity as a losing game, 91% of companies said that they increased their IT security budgets in 2021.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.