Risk
8/13/2013
05:05 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Cyvera Raises $11M To Improve Technology To Eliminate Zero-Day Attacks

Enters U.S. market and partners with McAfee

San Francisco, CA and Tel Aviv – August 13, 2013 -- Cyvera Ltd, the company that provides cyber defense solutions to stop zero-day attacks, has raised $11M in venture capital funding. The funding was led by Battery Ventures. Serial entrepreneurs Prof. Ehud Weinstein and Dr. Ofir Shalvi, joined the round as well. The previous round was led by SF-based VC, Blumberg Capital.

"Cyber attacks that are not yet known pose the biggest threat to national, corporate and personal security. Cyvera's approach to preventing these attacks is truly innovative, born from the deep expertise of the founding team," said Itzik Parnafes, general partner at Battery Ventures. Cyvera's founders Uri Alter, Netanel Davidi and Moshe Ben Abu, and Chief Scientist Gal Badishi (Phd), have spent their careers in cyber security and computer forensics, including corporate security, master hacker research, and both proactive and defensive management roles within the Israeli Intelligence.

Cyvera is preventing yet-to-be-identified cyber threats uniquely by obstructing the path upon which the attack is being launched and not enabling the attacker to utilize his "toolbox". The system takes aim at the two most common (and severe) vectors of malware injection by blocking any attempt to exploit software vulnerabilities or any attempt to utilize social engineering tactics that prompt the user to run executable malicious files.

Cyvera's flagship product, the Cyvera TRAPS (Targeted Remote Attack Prevention System), is a client-based platform. It consists of endpoint agents and a centralized Management and Report Center. The agents lay traps and sets barriers across every conceivable path that an attack could take and conduct random action to deceive the attacker. In addition to stopping an attack and preventing any malicious activity before it occurs, Cyvera has also developed Reflector. Reflector is an isolated environment for post-prevention study and deep analysis of the obstructed attack, based on the forensics evidence collected in the process of prevention. Cyvera's cyber defense solutions currently work on all types of Windows-based end point and server systems and on top of any platform (whether physical or virtual machine, terminal sessions or thin clients). Additional operating system support is in development and will be released later this year.

"We don't know what the attack will look like, and we don't even try to, because we understand it is impossible to predict. But we do know every single technique a perpetrator must use to successfully launch an attack. Often these techniques are concealed in innocent looking files like documents, presentations, web links, images and more," explains Netanel Davidi, Co-CEO of Cyvera. "With this knowledge we are able to stop the attack in its tracks at a very early stage and by doing so can help our customers evade the effects of zero-day attacks or known attacks on unpatched computers."

The Cyvera TRAPS has been deployed, and has successfully prevented targeted attacks, primarily in finance, energy, chemicals, legal, hi-tech and other sectors that operate critical infrastructure or keep sensitive data. One of Cyvera's customers that agreed to reveal a sophisticated attack prevention is Haifa-Group, a multinational corporation and leader in chemicals, agricultural fertilizer and growing technologies. At Haifa Group, Cyvera obstructed a highly sophisticated attack before any damage occurred. The early prevention enabled a deep investigation of the attack which led to the identification of the "contractor" who engaged the attack against Haifa Group and several other similar companies.

Cyvera's new funding will be used to expand business and sales operations in the US and to further develop its cyber defense solutions. In particular, Cyvera will focus on the finance sector, as well as healthcare, critical infrastructure and the federal market. Cyvera was recently named a partner in McAfee's Security Innovation Alliance (SIA), a technology partnering program created to accelerate the development of interoperable security products and to simplify the integration of these products within complex customer environments. In addition, the company recently opened its San Francisco office.

"As our first US customers begin to deploy solutions, we are excited to be on the ground to work closely with them to integrate Cyvera's new layer of protection seamlessly into their current strategies," said Uri Alter, Co-CEO of Cyvera. "Being part of McAfee's Security Innovation Alliance enables us to speed integration in complicated environments that are McAfee-based and we are very pleased to be part of it."

According to the Ponemon Institute, a cybersecurity think tank, cyber-attacks increased by 42% in 2012. The surveyed companies experienced about two successful attacks per week; and, on average, cybercrime cost them $8.9 million a year, with information theft representing the highest external cost.

About Cyvera

Cyvera is winning the fight against cybercrime by stopping unknown, zero-day attacks before they can unleash malicious, harmful activity. It has prevented every zero-day attack since first launching its cyber defense platform in March 2012 and has been recognized as a Gartner Cool Vendor. Cyvera's mission is to develop cyber defense solutions that eliminate fear, enabling organizations to operate freely and securely. For more information visit www.cyvera.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web