Analytics

8/25/2017
04:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Respond Software Powers Self-Driving SOC

Company receives $12 Million in Series A Funding from CRV and Foundation Capital.

MOUNTAIN VIEW, CA - Respond Software today announced the general availability of its initial product, The Respond Analyst™, and $12 million in Series A funding led by CRV and Foundation Capital. With cyber threats such as ransomware, sabotage and credit card theft continuing to escalate at an alarming rate, not only are existing security staff at most enterprises overwhelmed, there is also an extreme and growing shortage of skilled cybersecurity personnel. By emulating the decision-making ability and judgment of an expert security analyst, the Respond Software solution effectively adds personnel capacity to every enterprise Security Operation Center (SOC) and Managed Security Service Provider (MSSP) that services enterprises today.

Market demand for solutions like Respond Software's is high and expected to grow. Based on a recent study by (ISC)2, over the next five years, the number of unfilled cybersecurity jobs will rise to 1.8 million, a 20% increase from 2015 estimates. Additionally, according to Gartner, Inc., enterprise spending on information security will reach $90 billion in 2017, an increase of 7.6% over 2016, and will top $113 billion by 2020.

Central to safeguarding against cyber threats is a corporation's SOC. "Security operations require constant innovation to keep up with the businesses they protect and the threats against them, especially because skilled SOC analysts are so hard to find and retain," said Brett Wahlin, CISO, Staples. "Respond Software provides a unique way to scale and improve SOC capabilities by taking over decision-making in critical, but tough-to-staff, use cases."

The Respond Analyst product is a modern expert system that emulates the decision-making and judgment of a seasoned security analyst. Respond Software currently offers two analyst modules that address network intrusion and system compromise use cases. The product roadmap hosts a strategic mix of analyst modules to address the inherent challenges of today's corporate SOC. In a large customer environment, the Respond Analyst demonstrated workload capacity that is the full-time equivalent (FTE) of 26 SOC analysts, based on today's industry-average for analyst productivity of 75 events processed per hour.

"There could not be a more expert team to tackle transforming today's reactive SOCs to the next generation -- a true Security Response Center -- much like autonomous vehicles are generating an entirely new ecosystem of capability in transportation," said Max Gazor, general partner, CRV. Adds Paul Holland, general partner, Foundation Capital, "It's like having a million more trained analysts instantly at the ready. These days, every organization needs more security resources. With the Respond Software solution, they now have it in spades."

Respond Software was founded by Mike Armistead, Robert Hipps and Chris Calvert. Armistead is a veteran entrepreneur of four previous venture-backed start-ups, including Fortify, a company he co-founded in 2003 that was acquired by Hewlett-Packard, and Pure Software, which executed a successful IPO in 1995. Hipps is a seasoned engineering executive who managed numerous teams that built highly scalable enterprise products. Calvert spent the last 20 years deeply involved with all aspects of SOCs and incident response teams. He led the hiring, training, process definition, tooling and active management of eight Fortune 50 SOCs, including those of Vodafone, Walmart and Shell.

Respond Software has attracted veteran advisors to help guide the technical and business direction of the company including Gerhard Eschelbeck, VP security and privacy engineering, Google; Richard Seiersen, author, CISO and VP of trust at Twilio Inc.; and Izak Mutlu, former CISO, Salesforce.com.

More About the Respond Software Analyst Modules:

Like a veteran security analyst, the Respond product distills data from an organization's existing security technologies and contextual sources that are relevant to the potential incident. Its patent-pending Probabilistic Graphical Optimization (PGO™) technology then performs multi-dimensional analytical checks and probabilistic scenario simulations to determine the likelihood, extent, and severity of a potential incident and whether it should be escalated to incident response. The Respond Analyst continuously improves its decision-making capabilities through human feedback about those escalations and learning across its entire customer base.

Because the Respond Analyst is software, it performs every security check, every time, without fatigue or distraction, at a scale that works for even the largest enterprise or agency. Moreover, the Respond Analyst provides metrics about its performance and information for compliance audits; it also maintains a SOC's tribal security knowledge 24 hours a day, 365 days a year. Improving on current "black-box" machine-learning algorithms, the Respond Analyst can share what it learns with coworkers and managers to provide analytical transparency.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Is Threat Intelligence Garbage?
Chris McDaniels, Chief Information Security Officer of Mosaic451,  5/23/2018
New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
What Israel's Elite Defense Force Unit 8200 Can Teach Security about Diversity
Lital Asher-Dotan, Senior Director, Security Research and Content, Cybereason,  5/21/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Shhh!  They're watching... And you have a laptop?  
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-3018
PUBLISHED: 2018-05-24
The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM X-Force ID: 84354.
CVE-2013-3023
PUBLISHED: 2018-05-24
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. IBM X-Force ID: 84361.
CVE-2013-3024
PUBLISHED: 2018-05-24
IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. IBM X-Force ID: 84362.
CVE-2018-5674
PUBLISHED: 2018-05-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
CVE-2018-5675
PUBLISHED: 2018-05-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...