Risk

8/30/2018
04:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Andreessen Horowitz Leads $8.5 Million Investment in Very Good Security

VGS is a modern approach to data security enabling companies to build secure products without compromising safety or compliance

SAN FRANCISCO, CA - Tuesday, August 28, 2018 - San Francisco-based data security firm Very Good Security (VGS) announced today that it has raised $8.5 million via a Series A funding round led by Andreessen Horowitz. The funding will allow VGS to further scale its core security product, which lets companies collect, secure and exchange sensitive data without the risk or liability associated with storing it on their own systems. By reducing or eliminating data security scope, VGS’ customers can rapidly achieve compliance certifications (e.g. PCI, SOC2, EI3PA, HIPAA) and accelerate their time to market. NYCA, Vertex Ventures, Slow Ventures and Max Levchin also participated in the round.

“Data security and compliance shouldn't hold companies back from getting to market safely and quickly,” Mahmoud Abdelkader, CEOand co-founder of VGS, said. “This investment fuels our mission to securely power the world’s sensitive data and transform data security from a business obstacle into a competitive advantage.”

VGS is built on the premise that you can’t hack what isn’t there, allowing companies to preserve the functionality of their sensitive data without having to store that data on their own systems. VGS instead collects and stores the sensitive data in its own highly secure vaults, freeing customers from the costs and liability of building and maintaining their own compliant security systems. When customer applications require sensitive data, VGS identifies that data in transit and swaps it—in real time—for surrogate values that retain the same functionality of the original data.

Integrating VGS requires no changes to existing products or legacy architecture, and the service starts working instantly. Because VGS maintains multiple compliances and isolates customers from sensitive data, it enables businesses to quickly achieve regulatory compliance. Customers include Flutterwave, a payment technology provider for pan-African commerce; Shift Payments, a card issuer that allows users to spend both fiat and digital/cryptocurrencies anywhere major credit cards are accepted; Deserve, an analytics-based financial technology company that connects customers to fair credit products; and LendUp, a fintech company providing loans and credit products as well as financial education in pursuit of better financial health and empowerment for its customers.

“We appreciate VGS’ approach to compliance and security, as it aligns well with our philosophy of protecting cardholder data,” Venkat Udayasankar, architect for LendUp Card Services, said. “Together, we’ve been able to quickly craft a PCI Level 1 solution that fits our business needs. VGS integrations were seamless, fast and easy, allowing us to focus on LendUp's core business.”

By removing the complex constraints posed by digital security and compliance, VGS allows customers to scale rapidly without having to worry about data breaches, regulatory issues, or service provider security requirements that could significantly slow a company’s growth. This latest round of funding will allow VGS to scale its own operations as it works to vastly simplify data security for a growing number of companies.

"VGS ensures that businesses and services requiring identification 'keys'—e.g. credit card or Social Security numbers—for their customers will not have to worry about compliance around the storing of confidential or private data, and frees them from vendor lock-in," said Alex Rampell, general partner at Andreessen Horowitz. "We are incredibly excited to partner with Mahmoud and team to build a category-defining enterprise platform."

About Very Good Security

Very Good Security (VGS) is a data security company providing a fast and simple end-to-end security solution to companies that need to collect and access sensitive data. By securing data collection, processing, and storage as well as enabling rapid achievement of security compliance for its customers, VGS helps companies grow quickly without being constrained by digital security or compliance issues. Founded in 2016 by Mahmoud Abdelkader and Marshall Jones, the company is headquartered in San Francisco, Calif. and has raised $9.9 million in total funding to date. For more information, visit www.verygoodsecurity.com/.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Mozilla, Internet Society and Others Pressure Retailers to Demand Secure IoT Products
Curtis Franklin Jr., Senior Editor at Dark Reading,  2/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8933
PUBLISHED: 2019-02-19
In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ directory (without being blocked by the Web Application Firewall), and then execute this file, via this sequence of steps: visiting the management page, clicking on the template, clicking on Default Template Management, clicking on ...
CVE-2019-7629
PUBLISHED: 2019-02-18
Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to execute arbitrary code by sending a long message to the client.
CVE-2019-8919
PUBLISHED: 2019-02-18
The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.
CVE-2019-8917
PUBLISHED: 2019-02-18
SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The InvokeActionMethod method may b...
CVE-2019-8908
PUBLISHED: 2019-02-18
An issue was discovered in WTCMS 1.0. It allows remote attackers to execute arbitrary PHP code by going to the "Setting -> Mailbox configuration -> Registration email template" screen, and uploading an image file, as demonstrated by a .php filename and the "Content-Type: image/g...