Risk
8/2/2012
05:18 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Bit9 Receives $34.5 Million In VC Funding

VC round was led by Sequoia Capital

WALTHAM, Mass.—July 30, 2012—Bit9, the global leader in Advanced Threat Protection, today announced it recently closed $34.5 million in Series D funding, led by new investment partner Sequoia Capital. Existing investors Atlas Venture, Highland Capital Partners, Kleiner Perkins Caufield & Byers, and .406 Ventures also participated in the round. Bit9 will use this capital to fund new product development efforts and expand sales and marketing capabilities to address the market’s growing demand for trust-based endpoint and server security technology.

CLICK TO TWEET: #Cybersecurity Leader @Bit9 Announces $34.5 Million Funding Round Led by @Sequoia_Capital

Traditional security solutions are insufficient to protect organizations from next-generation targeted attacks, known as “advanced persistent threats” (APTs), according to recent research:

Flame, the latest publicized APT, evaded all traditional security solutions, including 43 different antivirus, host-based intrusion prevention system (HIPS) and detection/prevention solutions (Iran’s Computer Emergency Response Team) 59 percent of enterprise organizations are certain or fairly certain they’ve been the target of an advanced threat (Enterprise Strategy Group research report: U.S. Advanced Persistent Threat Analysis, November 1, 2011)

Bit9 is the only security company to announce that it successfully stopped the Flame malware and the RSA breach attack—both “zero-day” APT attacks—long before they were identified by traditional/legacy antivirus companies.

“Traditional malware protection systems are well past the peak of their effectiveness. …Malware threats continue to overwhelm traditional defensive techniques.” (Gartner, Endpoint Protection in the Age of Tablets and Cloud, Peter Firstbrook, February 1, 2012)

These attacks can cause dramatic and sometimes irreparable damage to organizations:

Median cost of cyber-crime in 2011 for 50 surveyed companies was $5.9 million—up 56 percent from 2010—with the highest being $36.4 million (Ponemon Institute, Second Annual Cost of Cyber Crime Study, August 2011) Major organizations victimized by cyber attacks in 2012 include Zappos, Sony, Hyundai, LinkedIn, eHarmony, Exxon Mobil, American Airlines, United Airlines and Yahoo! At least one company, Diginotar, discontinued operations recently because of the damage to its reputation from a cyber-security breach

Bit9 is leading the global transition to the next generation of security technology—trust-based application control and whitelisting:

Gartner recommends organizations use whitelisting “whenever possible” for protecting critical servers from powerful, targeted malware (Gartner, Focus on the How, Not the Who, of Advanced Targeted Threats Like Flame, John Pescatore, May 30, 2012). Gartner also stated that by 2015, more than 50 percent of enterprises will have instituted “default deny” policies that restrict the applications that users install (Gartner, Predicts 2012: Sophisticated Attacks, Complex IT Environments and Increased Risks Demand New Approaches to Infrastructure Protection, Ray Wagner, et al, November 29, 2011)

The intelligence agency of the Australia Department of Defence lists application whitelisting among the top four most effective strategies for defending cyber attacks According to market intelligence firm IDC, the endpoint security market is estimated to reach $10.6 billion by 2015

“The market has reached a clear inflection point where organizations of all sizes across all industries need a new approach to cyber security,” said Mickey Arabelovic, partner at Sequoia Capital. “Bit9 has emerged as a market leader with its trust-based security for endpoints and servers, and we’re excited to partner with them as they build an enduring business.”

Patrick Morley, president and CEO of Bit9, said: “This latest round of funding is the largest in the company’s history and underscores the support Bit9 has received from investors who understand the changing nature of the security market. It places a bet squarely on our vision and technology. It’s an exciting time as we are dramatically changing how organizations protect themselves from IP theft and advanced attacks by focusing on a trust-based approach.”

Bit9 has grown 100 percent year-over-year for the past two years. Currently, Bit9 protects more than 700 organizations across industry segments such as education, finance, government, healthcare, retail and utilities from the most sophisticated malware threats.

About Bit9

Bit9, the global leader in Advanced Threat Protection and Endpoint Security, protects the world’s intellectual property (IP) by providing innovative, trust-based security solutions to detect and prevent sophisticated malware and cyber threats. The world’s leading brands rely on Bit9’s award-winning Advanced Threat Protection Platform for endpoint protection and windows server security.

Bit9 stops advanced persistent threats by combining real-time sensors, cloud-based software reputation services, continuous monitoring and trust-based application control and whitelisting—eliminating the risk caused by malicious, illegal and unauthorized software. Bit9 also offers domain controller solutions to protect against modern cyber threats.

The company’s global customers come from a wide variety of industries, including e-commerce, financial services, government, healthcare, retail, technology and utilities. Bit9 was founded on a prestigious United States federal research grant from the National Institute of Standards and Technology – Advanced Technology Program (NIST ATP) to conduct the research that is now at the core of the company’s solutions.

Bit9 is privately held and based in Waltham, Mass. For more information, visit http://www.bit9.com, follow us on Twitter @Bit9, Facebook, Google+ read the Bit9 Blog, or call +1 617-393-7400.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.