Analytics

8/25/2017
04:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Respond Software Powers Self-Driving SOC

Company receives $12 Million in Series A Funding from CRV and Foundation Capital.

MOUNTAIN VIEW, CA - Respond Software today announced the general availability of its initial product, The Respond Analyst™, and $12 million in Series A funding led by CRV and Foundation Capital. With cyber threats such as ransomware, sabotage and credit card theft continuing to escalate at an alarming rate, not only are existing security staff at most enterprises overwhelmed, there is also an extreme and growing shortage of skilled cybersecurity personnel. By emulating the decision-making ability and judgment of an expert security analyst, the Respond Software solution effectively adds personnel capacity to every enterprise Security Operation Center (SOC) and Managed Security Service Provider (MSSP) that services enterprises today.

Market demand for solutions like Respond Software's is high and expected to grow. Based on a recent study by (ISC)2, over the next five years, the number of unfilled cybersecurity jobs will rise to 1.8 million, a 20% increase from 2015 estimates. Additionally, according to Gartner, Inc., enterprise spending on information security will reach $90 billion in 2017, an increase of 7.6% over 2016, and will top $113 billion by 2020.

Central to safeguarding against cyber threats is a corporation's SOC. "Security operations require constant innovation to keep up with the businesses they protect and the threats against them, especially because skilled SOC analysts are so hard to find and retain," said Brett Wahlin, CISO, Staples. "Respond Software provides a unique way to scale and improve SOC capabilities by taking over decision-making in critical, but tough-to-staff, use cases."

The Respond Analyst product is a modern expert system that emulates the decision-making and judgment of a seasoned security analyst. Respond Software currently offers two analyst modules that address network intrusion and system compromise use cases. The product roadmap hosts a strategic mix of analyst modules to address the inherent challenges of today's corporate SOC. In a large customer environment, the Respond Analyst demonstrated workload capacity that is the full-time equivalent (FTE) of 26 SOC analysts, based on today's industry-average for analyst productivity of 75 events processed per hour.

"There could not be a more expert team to tackle transforming today's reactive SOCs to the next generation -- a true Security Response Center -- much like autonomous vehicles are generating an entirely new ecosystem of capability in transportation," said Max Gazor, general partner, CRV. Adds Paul Holland, general partner, Foundation Capital, "It's like having a million more trained analysts instantly at the ready. These days, every organization needs more security resources. With the Respond Software solution, they now have it in spades."

Respond Software was founded by Mike Armistead, Robert Hipps and Chris Calvert. Armistead is a veteran entrepreneur of four previous venture-backed start-ups, including Fortify, a company he co-founded in 2003 that was acquired by Hewlett-Packard, and Pure Software, which executed a successful IPO in 1995. Hipps is a seasoned engineering executive who managed numerous teams that built highly scalable enterprise products. Calvert spent the last 20 years deeply involved with all aspects of SOCs and incident response teams. He led the hiring, training, process definition, tooling and active management of eight Fortune 50 SOCs, including those of Vodafone, Walmart and Shell.

Respond Software has attracted veteran advisors to help guide the technical and business direction of the company including Gerhard Eschelbeck, VP security and privacy engineering, Google; Richard Seiersen, author, CISO and VP of trust at Twilio Inc.; and Izak Mutlu, former CISO, Salesforce.com.

More About the Respond Software Analyst Modules:

Like a veteran security analyst, the Respond product distills data from an organization's existing security technologies and contextual sources that are relevant to the potential incident. Its patent-pending Probabilistic Graphical Optimization (PGO™) technology then performs multi-dimensional analytical checks and probabilistic scenario simulations to determine the likelihood, extent, and severity of a potential incident and whether it should be escalated to incident response. The Respond Analyst continuously improves its decision-making capabilities through human feedback about those escalations and learning across its entire customer base.

Because the Respond Analyst is software, it performs every security check, every time, without fatigue or distraction, at a scale that works for even the largest enterprise or agency. Moreover, the Respond Analyst provides metrics about its performance and information for compliance audits; it also maintains a SOC's tribal security knowledge 24 hours a day, 365 days a year. Improving on current "black-box" machine-learning algorithms, the Respond Analyst can share what it learns with coworkers and managers to provide analytical transparency.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20161
PUBLISHED: 2018-12-15
A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not saved if the attacker's traffic (such as Dot11Deauth) successfully disconnects the Sync Module from the...
CVE-2018-20159
PUBLISHED: 2018-12-15
i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file within a "...
CVE-2018-20157
PUBLISHED: 2018-12-15
The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.
CVE-2018-20154
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses.
CVE-2018-20155
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.