IoT
12/13/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Upstream Security Secures $9 Million Series A Funding Round

Focuses on ramping up its cloud-based cybersecurity for connected and autonomous car fleets.

HERZLIYA, Israel – Upstream Security, pioneer of the cloud-based cybersecurity platform for connected cars and autonomous vehicles, today announced the closing of $9 million in Series A funding, led by CRV (Charles River Ventures). The round included expanded investments from Israeli-based Glilot Capital Partners and Maniv Mobility. Following a $2 million seed funding round in June, the company will use the latest investment to expand its R&D program and continue building out its world-class engineering and security research teams, and open marketing and sales offices in the United States and Europe. The company is well-resourced to secure the 60 million connected cars on the road today that include commercial trucks, vans, buses and private vehicles, as well as take advantage of the imminent explosion in connected vehicles—Gartner expects there will be 250 million connected vehicles by 2020.

 "Connected and semi-autonomous cars are already a reality, so it’s a matter of ‘when’ not ‘if’ these self-driving technologies will be deployed at scale. Upstream’s engineers were the first to solve how to protect connected cars and autonomous vehicles using the cloud, crucial for near-term and future deployment of automotive cybersecurity at the fleet level," said Izhar Armony, general partner at CRV. "We believe in Upstream’s groundbreaking approach to secure connected and autonomous vehicles and in the abilities of cybersecurity veterans, Yoav Levy and Yonatan Appel, to build a rapidly growing business in this hot, emerging space."

As connected and autonomous driving technologies become mainstream, security attacks on vehicle fleets––groups of motor vehicles owned or leased by a business, government agency or other entity––are likely to increase drastically. Upstream’s cloud-based approach to automotive cybersecurity leverages artificial intelligence and machine learning that is applied to the tremendous data sets continuously produced by vehicles. This provides customers with data protection, anomaly detection and real-time analytics of cyber attacks and vehicle fleet health. By centralizing cybersecurity in the cloud instead of in-vehicle, threats are detected and prevented before they even reach a vehicle's network.

More cars are connected to the Internet today than ever before, driving hackers to develop new and more efficient ways to infiltrate and disrupt automotive software. Today’s automotive cybersecurity solutions are in-vehicle and suffer from slow production cycles, which impede their agility as well as their ability to protect against the most recent cybersecurity threats. Upstream’s unique solution offers non-intrusive protection, effectively securing cars that are already on the road today and upgradable to stand against new cybersecurity threats and vulnerabilities in the future.

“The automotive industry is going through a massive disruption. Consequently, security solutions for the car are undergoing rapid advances at an unprecedented rate. We’re using emerging technologies like AI and machine learning to carry out an evolutionary leap in cybersecurity for passenger and commercial vehicles,” said Upstream CEO and cofounder, Yoav Levy. “Riding the wave of momentum from our recent company launch and early customer wins, this new investment round further validates our technology and approach, and will fuel our commitment to be the leading force of innovation in security for connected and autonomous transportation.”

Upstream is planning to open offices in Silicon Valley in the coming months.

In addition to this news, Levy recently spoke at KPMG’s 8th annual automotive executive forum, the 2017 Los Angeles Auto Show, which announced new research in vehicle fleet security.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11311
PUBLISHED: 2018-05-20
A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials.
CVE-2018-11319
PUBLISHED: 2018-05-20
Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to ...
CVE-2018-11242
PUBLISHED: 2018-05-20
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally stored) are not encrypted and have cleartext that might lead to sensitive information disclosure, as demonstrated by data/com.makemytrip/databases and data/com.makemytrip/Cache SQLite database files.
CVE-2018-11315
PUBLISHED: 2018-05-20
The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a ho...
CVE-2018-11239
PUBLISHED: 2018-05-19
An integer overflow in the _transfer function of a smart contract implementation for Hexagon (HXG), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets by providing a _to argument in conjunction with a large _value argument, as exploited in the wild in ...