Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

4/3/2018
01:25 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SpyCloud Secures $5 Million in Funding

The company solidifies plans for growth as account takeover prevention becomes an enterprise necessity.

AUSTIN, Texas – March 28, 2018 – SpyCloud, the leader in account takeover (ATO) prevention, announced today it has closed a $5 million Series A funding round from existing investors Silverton Partners and March Capital Partners.

SpyCloud prevents ATO from being perpetrated by the most sophisticated cybercriminals. SpyCloud’s platform proactively identifies exposed employee and customer accounts at the earliest possible juncture, empowering businesses to protect those accounts before criminals can act.

SpyCloud security researchers have used proprietary collection techniques to amass the industry’s largest and highest quality repository of exposed accounts, leaked passwords and personally identifiable information (PII), with more than 32 billion current assets and billions of new assets being added every month. Last year, Verizon reported that 81 percent of hacking-related breaches leveraged either stolen or weak passwords. And in July 2017, Forrester estimated that ATO would cause at least $6.5 billion to $7 billion in annual financial losses across industries.

Enterprises use SpyCloud’s data and fully-automated tools to detect exposures and remediateemployee accounts that have been impacted, by forcing password changes before those accounts can be used in nefarious ways and surfacing compromised devices that are infected with keyloggers or malware. Service providers take similar advantage of SpyCloud’s data repository to detect and prevent their online customer accounts from ATO and resulting fraud or PII theft, making use of SpyCloud’s developer-friendly API. Enterprise security teams also tap into SpyCloud’s data for fraud investigation purposes.

Through a unique approach to underground data collection and an exact match prevention solution, SpyCloud identifies exposed accounts that would typically fall through the cracks with other solutions and does so before accounts and passwords are posted on criminal forums and dark markets. Furthermore, SpyCloud provides protection of employees’ personal credentials, keeping them safe at home as well as at work.

“There isn’t a company in the world that doesn’t run the constant risk of having its employee or customer accounts exposed, and that leads to a host of other issues,” said Ted Ross, CEO and co-founder of SpyCloud. “The only chance businesses stand against these increasingly-proficient criminals is to know as soon as possible which accounts have been exposed and to take preventative measures well before credentials make it onto the dark web.”

Since emerging from stealth mode in June 2017, SpyCloud has already protected tens of millions of employee and customer accounts for notable companies across the finance, retail, healthcare and technology industries.

SpyCloud will use the new infusion of funding to rapidly grow by accelerating product development, conducting deeper security research, continuing to expand its database of assets, and hiring additional team members.

“The continued customer traction and growth SpyCloud has achieved is a testament to both the immediate demand for its technology and the unparalleled collective experience of the team,” said Kip McClanahan, general partner of Silverton Partners. “We look forward to helping them capitalize on those strengths to make ATO prevention universal table stakes in the enterprise.”

“SpyCloud’s arrival has filled a devastating gap in the enterprise security realm,” said Jim Armstrong, partner and co-founder of March Capital Partners. “When millions of accounts and billions of dollars are at risk and under attack daily, companies can’t afford to sit idle. They need to arm themselves with every piece of technology, expertise, and data that can keep their assets safe.”

Following its founding in 2016, SpyCloud raised a $2.5 million seed funding round from Silverton Partners and March Capital Partners. In 2017, the company won the NATO Communications and Information (NCI) Agency Defence Innovation Challenge and Best of Show at FinovateFall 2017.

For more information and to check your company’s ATO exposure, visit https://spycloud.com/.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
The Yellow Brick Road to Risk Management
Andrew Lowe, Senior Information Security Consultant, TalaTek,  11/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: He hits the gong anytime he sees someone click on an email link.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-29070
PUBLISHED: 2020-11-25
osCommerce 2.3.4.1 has XSS vulnerability via the authenticated user entering the XSS payload into the title section of newsletters.
CVE-2020-26212
PUBLISHED: 2020-11-25
GLPI stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.3, any authenticated user has read-only permissions to the planning of ever...
CVE-2020-26243
PUBLISHED: 2020-11-25
Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being decoded...
CVE-2020-25650
PUBLISHED: 2020-11-25
A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path `/run/spice-vdagentd/spice-vdagent-sock` could use this flaw to perform a memory denial of service fo...
CVE-2020-29071
PUBLISHED: 2020-11-25
An XSS issue was found in the Shares feature of LiquidFiles before 3.3.19. The issue arises from the insecure rendering of HTML files uploaded to the platform as attachments, when the -htmlview URL is directly accessed. The impact ranges from executing commands as root on the server to retrieving se...