Analytics

8/25/2017
04:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Respond Software Powers Self-Driving SOC

Company receives $12 Million in Series A Funding from CRV and Foundation Capital.

MOUNTAIN VIEW, CA - Respond Software today announced the general availability of its initial product, The Respond Analyst™, and $12 million in Series A funding led by CRV and Foundation Capital. With cyber threats such as ransomware, sabotage and credit card theft continuing to escalate at an alarming rate, not only are existing security staff at most enterprises overwhelmed, there is also an extreme and growing shortage of skilled cybersecurity personnel. By emulating the decision-making ability and judgment of an expert security analyst, the Respond Software solution effectively adds personnel capacity to every enterprise Security Operation Center (SOC) and Managed Security Service Provider (MSSP) that services enterprises today.

Market demand for solutions like Respond Software's is high and expected to grow. Based on a recent study by (ISC)2, over the next five years, the number of unfilled cybersecurity jobs will rise to 1.8 million, a 20% increase from 2015 estimates. Additionally, according to Gartner, Inc., enterprise spending on information security will reach $90 billion in 2017, an increase of 7.6% over 2016, and will top $113 billion by 2020.

Central to safeguarding against cyber threats is a corporation's SOC. "Security operations require constant innovation to keep up with the businesses they protect and the threats against them, especially because skilled SOC analysts are so hard to find and retain," said Brett Wahlin, CISO, Staples. "Respond Software provides a unique way to scale and improve SOC capabilities by taking over decision-making in critical, but tough-to-staff, use cases."

The Respond Analyst product is a modern expert system that emulates the decision-making and judgment of a seasoned security analyst. Respond Software currently offers two analyst modules that address network intrusion and system compromise use cases. The product roadmap hosts a strategic mix of analyst modules to address the inherent challenges of today's corporate SOC. In a large customer environment, the Respond Analyst demonstrated workload capacity that is the full-time equivalent (FTE) of 26 SOC analysts, based on today's industry-average for analyst productivity of 75 events processed per hour.

"There could not be a more expert team to tackle transforming today's reactive SOCs to the next generation -- a true Security Response Center -- much like autonomous vehicles are generating an entirely new ecosystem of capability in transportation," said Max Gazor, general partner, CRV. Adds Paul Holland, general partner, Foundation Capital, "It's like having a million more trained analysts instantly at the ready. These days, every organization needs more security resources. With the Respond Software solution, they now have it in spades."

Respond Software was founded by Mike Armistead, Robert Hipps and Chris Calvert. Armistead is a veteran entrepreneur of four previous venture-backed start-ups, including Fortify, a company he co-founded in 2003 that was acquired by Hewlett-Packard, and Pure Software, which executed a successful IPO in 1995. Hipps is a seasoned engineering executive who managed numerous teams that built highly scalable enterprise products. Calvert spent the last 20 years deeply involved with all aspects of SOCs and incident response teams. He led the hiring, training, process definition, tooling and active management of eight Fortune 50 SOCs, including those of Vodafone, Walmart and Shell.

Respond Software has attracted veteran advisors to help guide the technical and business direction of the company including Gerhard Eschelbeck, VP security and privacy engineering, Google; Richard Seiersen, author, CISO and VP of trust at Twilio Inc.; and Izak Mutlu, former CISO, Salesforce.com.

More About the Respond Software Analyst Modules:

Like a veteran security analyst, the Respond product distills data from an organization's existing security technologies and contextual sources that are relevant to the potential incident. Its patent-pending Probabilistic Graphical Optimization (PGO™) technology then performs multi-dimensional analytical checks and probabilistic scenario simulations to determine the likelihood, extent, and severity of a potential incident and whether it should be escalated to incident response. The Respond Analyst continuously improves its decision-making capabilities through human feedback about those escalations and learning across its entire customer base.

Because the Respond Analyst is software, it performs every security check, every time, without fatigue or distraction, at a scale that works for even the largest enterprise or agency. Moreover, the Respond Analyst provides metrics about its performance and information for compliance audits; it also maintains a SOC's tribal security knowledge 24 hours a day, 365 days a year. Improving on current "black-box" machine-learning algorithms, the Respond Analyst can share what it learns with coworkers and managers to provide analytical transparency.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Cybersecurity's 'Broken' Hiring Process
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/11/2017
How Systematic Lying Can Improve Your Security
Lance Cottrell, Chief Scientist, Ntrepid,  10/11/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Search Cybersecuruty and you will get unicorn.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.