Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

10/26/2020
04:50 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

4iQ Raises $30 Million in Series C Funding, Names Kailash Ambwani as CEO

Cybersecurity startup helps enterprises to understand their digital risk and exposure.

LOS ALTOS, Calif. (October 20, 2020) – 4iQ, a leader in Cyber Intelligence, today announced $30 million in Series C funding, led by ForgePoint Capital and Benhamou Global Ventures, with participation by C5 Capital, Adara Ventures and the addition of TheVentureCity, which brings a new venture and acceleration model that helps diverse founders achieve global impact. In addition to this new investment, 4iQ is announcing it has appointed Kailash Ambwani as Chief Executive Officer. With Ambwani at the helm, 4iQ will ramp investments in go-to-market activities and accelerate innovation to help customers better anticipate and respond to emerging digital risks.

“As our lives become increasingly digital, the need for cyber intelligence becomes even more critical,” said Alberto Yepez, 4iQ Board chair and co-founder and managing director of ForgePoint Capital. “4iQ enables enterprises to understand their digital risk and exposure – and to take a more proactive approach to identifying threat actors. Under Kailash's strategic guidance, 4iQ is well-positioned to become a leader in the Digital Risk Protection market.”

Ambwani brings a proven track record of scaling businesses with more than 20 years of leadership experience, most recently as CEO of Waterline Data, a global leader in data cataloging solutions and applications. Prior to that, Ambwani was President and CEO of Actiance, a leading provider of compliance, security, archiving and eDiscovery for all critical business communications.

“4iQ is at the forefront of understanding modern digital risk and I'm elated to lead the company toward its vision to help every company operationalize that understanding, stop fraud and crime, and make people safer,” said Ambwani. “It's no longer enough to keep your own house in order. Exposed credentials continue to proliferate in underground communities, especially in the wake of COVID-19, and so, now more than ever, we must empower investigators to uncover the real identities behind criminal activities and thwart future attacks.”

Founded in 2016, with offices in North America and Europe, 4iQ is an adversary intelligence company on a mission to empower intel analysts, security researchers, and criminal investigators with capabilities to discover, uncover, and disrupt adversaries.

4iQ’s IDLake™ archives more than 25 billion identity records collected from open sources on the deep and dark web and powers two solutions:

  • IDTheft™ provides real-time alerts of stolen, leaked, or lost credentials and personally identifiable information to power privacy protection, fraud prevention, and identity verification solutions for businesses and consumers.
  • IDHunt™ enables investigators to analyze monikers or pseudonyms, enrich information with other datasets, and unmask bad actors and expedite the fraud and cybercrime investigation process.


Learn more about 4iQ by visiting www.4iQ.com.

About 4iQ
4iQ provides adversary intelligence that helps organizations measure, monitor and manage digital risk. The 4iQ IDLake™ archives more than 25 billion identity records collected from data breaches and leaks found in open sources, on the surface, social and deep and dark web. It powers 4iQ IDHunt™, a pioneering identity intelligence and attribution analysis solution used by Fraud Investigation Units, Anti-Money Laundering and Financial Crime Intel Units, and advanced Security Operations Centers. The 4iQ IDLake™ also powers 4iQ IDTheft™, used by some of the largest Identity Theft Protection service providers, security vendors and Enterprises to alert millions of consumers of exposed personal information, prevent account takeover and identity theft.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: What Virtual Reality phishing attacks will look like in 2030.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21652
PUBLISHED: 2021-05-11
A cross-site request forgery (CSRF) vulnerability in Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2021-21653
PUBLISHED: 2021-05-11
Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier does not perform a permission check in an HTTP endpoint, allowing with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
CVE-2021-21654
PUBLISHED: 2021-05-11
Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password.
CVE-2021-21655
PUBLISHED: 2021-05-11
A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password.
CVE-2021-21656
PUBLISHED: 2021-05-11
Jenkins Xcode integration Plugin 2.0.14 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.