Risk

8/30/2018
04:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Andreessen Horowitz Leads $8.5 Million Investment in Very Good Security

VGS is a modern approach to data security enabling companies to build secure products without compromising safety or compliance

SAN FRANCISCO, CA - Tuesday, August 28, 2018 - San Francisco-based data security firm Very Good Security (VGS) announced today that it has raised $8.5 million via a Series A funding round led by Andreessen Horowitz. The funding will allow VGS to further scale its core security product, which lets companies collect, secure and exchange sensitive data without the risk or liability associated with storing it on their own systems. By reducing or eliminating data security scope, VGS’ customers can rapidly achieve compliance certifications (e.g. PCI, SOC2, EI3PA, HIPAA) and accelerate their time to market. NYCA, Vertex Ventures, Slow Ventures and Max Levchin also participated in the round.

“Data security and compliance shouldn't hold companies back from getting to market safely and quickly,” Mahmoud Abdelkader, CEOand co-founder of VGS, said. “This investment fuels our mission to securely power the world’s sensitive data and transform data security from a business obstacle into a competitive advantage.”

VGS is built on the premise that you can’t hack what isn’t there, allowing companies to preserve the functionality of their sensitive data without having to store that data on their own systems. VGS instead collects and stores the sensitive data in its own highly secure vaults, freeing customers from the costs and liability of building and maintaining their own compliant security systems. When customer applications require sensitive data, VGS identifies that data in transit and swaps it—in real time—for surrogate values that retain the same functionality of the original data.

Integrating VGS requires no changes to existing products or legacy architecture, and the service starts working instantly. Because VGS maintains multiple compliances and isolates customers from sensitive data, it enables businesses to quickly achieve regulatory compliance. Customers include Flutterwave, a payment technology provider for pan-African commerce; Shift Payments, a card issuer that allows users to spend both fiat and digital/cryptocurrencies anywhere major credit cards are accepted; Deserve, an analytics-based financial technology company that connects customers to fair credit products; and LendUp, a fintech company providing loans and credit products as well as financial education in pursuit of better financial health and empowerment for its customers.

“We appreciate VGS’ approach to compliance and security, as it aligns well with our philosophy of protecting cardholder data,” Venkat Udayasankar, architect for LendUp Card Services, said. “Together, we’ve been able to quickly craft a PCI Level 1 solution that fits our business needs. VGS integrations were seamless, fast and easy, allowing us to focus on LendUp's core business.”

By removing the complex constraints posed by digital security and compliance, VGS allows customers to scale rapidly without having to worry about data breaches, regulatory issues, or service provider security requirements that could significantly slow a company’s growth. This latest round of funding will allow VGS to scale its own operations as it works to vastly simplify data security for a growing number of companies.

"VGS ensures that businesses and services requiring identification 'keys'—e.g. credit card or Social Security numbers—for their customers will not have to worry about compliance around the storing of confidential or private data, and frees them from vendor lock-in," said Alex Rampell, general partner at Andreessen Horowitz. "We are incredibly excited to partner with Mahmoud and team to build a category-defining enterprise platform."

About Very Good Security

Very Good Security (VGS) is a data security company providing a fast and simple end-to-end security solution to companies that need to collect and access sensitive data. By securing data collection, processing, and storage as well as enabling rapid achievement of security compliance for its customers, VGS helps companies grow quickly without being constrained by digital security or compliance issues. Founded in 2016 by Mahmoud Abdelkader and Marshall Jones, the company is headquartered in San Francisco, Calif. and has raised $9.9 million in total funding to date. For more information, visit www.verygoodsecurity.com/.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
New Bluetooth Hack Affects Millions of Vehicles
Dark Reading Staff 11/16/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19406
PUBLISHED: 2018-11-21
kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where the apic map is uninitialized.
CVE-2018-19407
PUBLISHED: 2018-11-21
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
CVE-2018-19404
PUBLISHED: 2018-11-21
In YXcms 1.4.7, protected/apps/appmanage/controller/indexController.php allow remote authenticated Administrators to execute any PHP code by creating a ZIP archive containing a config.php file, hosting the .zip file at an external URL, and visiting index.php?r=appmanage/index/onlineinstall&url= ...
CVE-2018-19387
PUBLISHED: 2018-11-20
format_cb_pane_tabs in format.c in tmux 2.7 through 2.8 might allow attackers to cause a denial of service (NULL Pointer Dereference and application crash) by arranging for a malloc failure.
CVE-2018-19388
PUBLISHED: 2018-11-20
FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read, access violation, and application crash) via TIFF data because of a ConvertToPDF_x86!ReleaseFXURLToHtml issue.