Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

11/19/2020
06:55 PM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Telos Goes Public

Nearly a month after McAfee made its second appearance on the public market, the Virginia-based provider of security services to government and commercial organizations makes its own debut.

Telos Corp., provider of IT services to federal government agencies, military, intelligence, and large commercial organizations, today made its debut in the public market with an initial public offering of 14.97 million shares priced at $17 a share of its common stock.

The Ashburn, Va.-based company, established in 1969, will use the proceeds from the IPO for general corporate purposes, to retire debt, and to repurchase a noncontrolling interest in its Telos identity management unit, among other things.

Related Content:

The Story of McAfee: How the Security Giant Arrived at a Second IPO

The Changing Face of Threat Intelligence

New on The Edge: ISP Security: Do We Expect Too Much?

With 2019 revenues of around $160 million, Telos is among a handful of security vendors that have gone public this year. The others include McAfee, which in October raised $740 million in what was actually its second IPO; Palantir, which went public in September with a valuation of around $22 billion; and Sumo Logic, which in September raised some $325 million via an IPO that valued the company at more than $2.15 billion.

In a conversation with Dark Reading Thursday, Telos CEO John Wood described the initial investor response to the IPO as overwhelmingly positive.

"The investment marketplace really, really like our story," Wood says. "We are hugely oversubscribed, and the quality of the investors that came in blew me away."

Wood believes much of the positive sentiment is tied to the fact that 85% of Telos' revenue is recurring and that nearly 100% of its customers are referenceable and repeat buyers.

Wood is bullish about the outlook for several of the company's core technologies. One of them is Telos Ghost, a new capability the company announced last year for helping organizations avoid attacks by essentially making them invisible to adversaries.

"It's a misattribution and obfuscation solution that operates under the principal that if we can make you disappear off the attack vector, you can't be hacked," Wood says. "What is unique about Telos Ghost is that we have a series of algorithms that we wrap around IP hopping activity."

That enables IP addresses to essentially shift and change in such a manner that makes it hard for attackers to draw a bead on an organization's Internet presence. 

"You hop around the world in random ways and literally disappear off the network," Wood says.

Customers of the technology include the US intelligence community, military, and law enforcement. Wood also points to a large education platform that is using Ghost to protect school kids working out of home as an example of the broadening use cases for the technology.

Risk Management and Compliance Story
Another technology that Wood says has broad appeal is Xacta, a risk management and compliance automation technology that numerous organizations — especially within the federal government — are using to monitor for compliance with security standards like FedRAMP, NIST CSF, GLBA, and HIPAA.

Telos counts the US Department of Homeland Security and the US intelligence community among the many users of the technology, which initially was designed for on-premises use but is now cloud-enabled. According to Wood, Xacta's main selling points include its ability to monitor multiple environments — cloud, on-premises, and hybrid — at the same time.

Identity management is another big focus area. The company recently secured two 10-year, multibillion-dollar contracts for technology that allows organizations to continuously monitor and vet users activity for potential suspicious behavior. One of the contracts is with the TSA, which will use Telos to enroll users for its PreCheck program. The other contract is with the US Centers for Medicare & Medicaid services.

Wood says the decision to go public at this time was prompted by a desire to bring in some long-term investors to the company.

"This is the first time we have ever taken long-term permanent capital. We have bootstrapped our growth so far," he says. "We are going to clean out the balance sheet, put plenty of juice into the tank, and get really moving from the standpoint of revenue acceleration."

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
NSA Appoints Rob Joyce as Cyber Director
Dark Reading Staff 1/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Hunny, I looked every where for the dorritos. 
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8567
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods.
CVE-2020-8568
PUBLISHED: 2021-01-21
Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that conta...
CVE-2020-8569
PUBLISHED: 2021-01-21
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim and the VolumeSnapshot did not reference any VolumeSnapshotClass. - The snapshot-controller crashes, ...
CVE-2020-8570
PUBLISHED: 2021-01-21
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of the process executi...
CVE-2020-8554
PUBLISHED: 2021-01-21
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typicall...