Analytics

8/25/2017
04:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Respond Software Powers Self-Driving SOC

Company receives $12 Million in Series A Funding from CRV and Foundation Capital.

MOUNTAIN VIEW, CA - Respond Software today announced the general availability of its initial product, The Respond Analyst™, and $12 million in Series A funding led by CRV and Foundation Capital. With cyber threats such as ransomware, sabotage and credit card theft continuing to escalate at an alarming rate, not only are existing security staff at most enterprises overwhelmed, there is also an extreme and growing shortage of skilled cybersecurity personnel. By emulating the decision-making ability and judgment of an expert security analyst, the Respond Software solution effectively adds personnel capacity to every enterprise Security Operation Center (SOC) and Managed Security Service Provider (MSSP) that services enterprises today.

Market demand for solutions like Respond Software's is high and expected to grow. Based on a recent study by (ISC)2, over the next five years, the number of unfilled cybersecurity jobs will rise to 1.8 million, a 20% increase from 2015 estimates. Additionally, according to Gartner, Inc., enterprise spending on information security will reach $90 billion in 2017, an increase of 7.6% over 2016, and will top $113 billion by 2020.

Central to safeguarding against cyber threats is a corporation's SOC. "Security operations require constant innovation to keep up with the businesses they protect and the threats against them, especially because skilled SOC analysts are so hard to find and retain," said Brett Wahlin, CISO, Staples. "Respond Software provides a unique way to scale and improve SOC capabilities by taking over decision-making in critical, but tough-to-staff, use cases."

The Respond Analyst product is a modern expert system that emulates the decision-making and judgment of a seasoned security analyst. Respond Software currently offers two analyst modules that address network intrusion and system compromise use cases. The product roadmap hosts a strategic mix of analyst modules to address the inherent challenges of today's corporate SOC. In a large customer environment, the Respond Analyst demonstrated workload capacity that is the full-time equivalent (FTE) of 26 SOC analysts, based on today's industry-average for analyst productivity of 75 events processed per hour.

"There could not be a more expert team to tackle transforming today's reactive SOCs to the next generation -- a true Security Response Center -- much like autonomous vehicles are generating an entirely new ecosystem of capability in transportation," said Max Gazor, general partner, CRV. Adds Paul Holland, general partner, Foundation Capital, "It's like having a million more trained analysts instantly at the ready. These days, every organization needs more security resources. With the Respond Software solution, they now have it in spades."

Respond Software was founded by Mike Armistead, Robert Hipps and Chris Calvert. Armistead is a veteran entrepreneur of four previous venture-backed start-ups, including Fortify, a company he co-founded in 2003 that was acquired by Hewlett-Packard, and Pure Software, which executed a successful IPO in 1995. Hipps is a seasoned engineering executive who managed numerous teams that built highly scalable enterprise products. Calvert spent the last 20 years deeply involved with all aspects of SOCs and incident response teams. He led the hiring, training, process definition, tooling and active management of eight Fortune 50 SOCs, including those of Vodafone, Walmart and Shell.

Respond Software has attracted veteran advisors to help guide the technical and business direction of the company including Gerhard Eschelbeck, VP security and privacy engineering, Google; Richard Seiersen, author, CISO and VP of trust at Twilio Inc.; and Izak Mutlu, former CISO, Salesforce.com.

More About the Respond Software Analyst Modules:

Like a veteran security analyst, the Respond product distills data from an organization's existing security technologies and contextual sources that are relevant to the potential incident. Its patent-pending Probabilistic Graphical Optimization (PGO™) technology then performs multi-dimensional analytical checks and probabilistic scenario simulations to determine the likelihood, extent, and severity of a potential incident and whether it should be escalated to incident response. The Respond Analyst continuously improves its decision-making capabilities through human feedback about those escalations and learning across its entire customer base.

Because the Respond Analyst is software, it performs every security check, every time, without fatigue or distraction, at a scale that works for even the largest enterprise or agency. Moreover, the Respond Analyst provides metrics about its performance and information for compliance audits; it also maintains a SOC's tribal security knowledge 24 hours a day, 365 days a year. Improving on current "black-box" machine-learning algorithms, the Respond Analyst can share what it learns with coworkers and managers to provide analytical transparency.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
Mueller Probe Yields Hacking Indictments for 12 Russian Military Officers
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/13/2018
10 Ways to Protect Protocols That Aren't DNS
Curtis Franklin Jr., Senior Editor at Dark Reading,  7/16/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-10727
PUBLISHED: 2018-07-20
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote attackers to obtain sensitive ...
CVE-2018-8018
PUBLISHED: 2018-07-20
Apache Ignite 2.5 and earlier serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a spe...
CVE-2018-14415
PUBLISHED: 2018-07-20
An issue was discovered in idreamsoft iCMS before 7.0.10. XSS exists via the fourth and fifth input elements on the admincp.php?app=prop&do=add screen.
CVE-2018-14418
PUBLISHED: 2018-07-20
In Msvod Cms v10, SQL Injection exists via an images/lists?cid= URI.
CVE-2018-14419
PUBLISHED: 2018-07-20
MetInfo 6.0.0 allows XSS via a modified name of the navigation bar on the home page.