Check out all the on-demand sessions from the Intelligent Security Summit here.
Cado Security, which offers a digital forensics platform for cloud environments, is seeing strong demand for its automation-driven product and plans to scale up quickly to meet the enterprise need, according to CEO James Campbell.
On Tuesday, Cado Security released the findings from a new survey by Enterprise Strategy Group, which found that digital forensics and incident response processes are less mature for cloud environments than for on-premises environments. Investigations are more challenging in cloud environments, according to the research.
Respondents reported that it currently takes about three days to even start an investigation of a cloud breach, following data capture and processing. And almost 9 in 10 companies reported seeing a “negative outcome” occur during that interval of time.
Digital forensics platforms are used to collect and process data from a company’s environments, enabling an investigation of and response to a security incident. London-based Cado says it offers the “first and only” digital forensics platform that is cloud-native.
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
That’s an advantage because it means the Cado platform is “purposeful and designed for these environments,” such as Amazon Web Services and Microsoft Azure, and offers a “depth of instrumentation for these environments” not offered by existing tools, said Doug Cahill, vice president and senior analyst at Enterprise Strategy Group.
While enterprises have accelerated their shift to the cloud during the pandemic, there are many indicators that security has not kept up. For instance, the recently released 2021 Thales Cloud Security Study found that 83% of U.S. businesses still fail to encrypt half of the sensitive data they store in the cloud.
Boom times for Cado
Campbell, who cofounded Cado Security in April 2020, said customer demand for the Cado platform has been substantial in recent months, though the company isn’t disclosing how many customers it has landed so far.
“We’ve had more inbound interest than we can actually handle,” he told VentureBeat. “Our job at Cado now is to make sure we can scale in a feasible way to meet the demand.”
Over the next six months, Cado Security plans to hire steadily and expand to 50 employees, Campbell said. He declined to share the company’s current headcount.
Campbell, who previously led PricewaterhouseCoopers’ cyber response service and Australia’s national Australian Signals Directorate as associate director, cofounded Cado with Chris Doman, who previously built the ThreatCrowd threat intelligence portal and serves as the startup’s chief technology officer.
Along with AWS and Azure, Cado’s platform can also be used with containers and with data from on-premises environments.
Earlier this month, Cado announced a partnership with SentinelOne, a fast-growing vendor offering AI-powered security for endpoints and cloud workloads that went public in June. Other milestones this year for Cado include a $10 million series A round led by Blossom Capital in April, bringing the company’s total funding to $11.5 million to date.
The cloud security challenge
In the new Enterprise Strategy Group survey, respondents cited as major issues a lack of data and context to conduct the investigations of cloud environments, as well as the lengthy time needed to collect and process data. Ultimately, 35% of security alerts for cloud environments go uninvestigated, according to the survey.
But with Cado, “the ability to ingest the event information — the forensics residue from all the relevant sources — and then harmonize that can really expedite that time between detection and investigation,” Cahill said. “So you can start to eliminate some of the bad downstream outcomes.”
Cado’s platform provides these capabilities by automating many of the processes involved with cloud forensics, Campbell said. The platform automatically captures data, rapidly processes the data, and enables customers to understand what it means using analytics powered by machine learning, the company says.
“We’re bringing in automation and taking the complexity out of the cloud-to the point where all you have to do is click a button, and you have your data. It’s easy as that. And that’s how we should be using the cloud. We should make it easy,” Campbell said. “And it’s the only way we’re going to keep pace with the change that’s happening. Attackers are moving to the cloud because everybody is shifting their data and their workload resources to the cloud. And we need to do something about it.”
The Cado platform is well-suited for customers in any industry with a cloud environment, especially for companies that are highly dependent on the cloud, he said. The platform also helps to address the shortage of workers and skills in cybersecurity, Campbell said.
“Now, the IT guy or the security guy is not only having to be an on-premises expert — now you’re asking them to be an AWS expert and an Azure expert,” he said. “The idea is to take out the requirement that they need to be an AWS expert or an Azure expert. We give them something they can use in a very familiar way, to do an investigation quickly, mostly through automation.”
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.