Deep Security Startup ShiftLeft Raises $20M Series B

SDxCentral | February 12, 2019

Deep Security Startup ShiftLeft Raises $20M Series B
Security vendor ShiftLeft said today that it raised $20 million in Series B funding, bringing the startup’s total to almost $30 million. Thomvest Ventures and SineWave led the Series B, with existing investors Bain Capital Ventures and Mayfield also participating. The new investment comes less than 18 months after the startup’s Series A, which raised $9.3 million. ShiftLeft CEO and co-founder Manish Gupta told SDxCentral that he expects more rounds in the future. The latest funding will be used to build adoption of the platform and the applications it covers. The company also will build its global sales and marketing initiatives. Along those lines, it hired Jim Sortino as vice president of worldwide sales. Sortino previously worked atTrend Micro and Dome9 Security. ShiftLeft launched in October 2017. A year later – last September — ShiftLeft’s technology scored a true positive rate of 100 percent, with 25 percent false positives in the Open Web Application Security Project (OWASP) Benchmark for Security Automation, Version 1.2 testing. That beat the commercial average by 45 percent, according to a company white paper.

Spotlight

More than ever before, the discussion of network security is intersecting with the interests of business, government, and popular media. The Transport Layer Security (TLS) protocol is perhaps the best modern example of this. There are stakeholders on all sides who demand both a secure end-to-end connection for clients, as well as the tools necessary to inspect and control the content of traffic in their private networks.

Related News

The Time Has Come to Bring in Ai, Machine Learning and Automation in Cybersecurity

Cisco | April 30, 2020

The cybersecurity skills shortage continues to plague organizations across regions, markets and sectors. The keys to making a unified platform work are AI and automation technologies. Government agencies are experiencing more cyberattacks than ever before, at a time when the nation is facing a 40% cybersecurity skills talent shortage.. The cybersecurity skills shortage continues to plague organizations across regions, markets and sectors, and the government sector is no exception. According to (ISC)2, there are only enough cybersecurity pros to fill about 60% of the jobs that are currently open -- which means the workforce will need to grow by roughly 145% to just meet the current global demand. The Government Accountability Office states that the federal government needs a qualified, well-trained cybersecurity workforce to protect vital IT systems, and one senior cybersecurity official at the Department of Homeland Security has described the talent gap as a national security issue. The scarcity of such workers is one reason why securing federal systems is on GAO’s High Risk list. Learn more: ARTIFICIAL INTELLIGENCE (AI) IN CYBER SECURITY MARKET NEXT BIG THING BAE SYSTEMS. Results of our survey, “Making Tough Choices: How CISOs Manage Escalating Threats and Limited Resources” show that CISOs currently devote 36% of their budgets to response and 33% to prevention. ~ CISCO However, as security needs change, many CISOs are looking to shift budget away from prevention without reducing its effectiveness. An optimal budget would reduce spend on prevention and increase spending on detection and response to 33% and 40% of the security budget, respectively. This shift would give security teams the speed and flexibility they need to react quickly in the face of a threat from cybercriminals who are outpacing agencies’ defensive capabilities. When breaches are inevitable, it is important to stop as many as possible at the point of intrusion, but it is even more important to detect and respond to them before they can do serious damage. AI-driven solutions frees security teams to work on more strategic problems, develop threat intelligence or focus on more difficult tasks such as detecting unknown threats. ~ IT teams Federal agencies deal with a number of challenges unique to the public sector, including the age and complexity of IT systems as well as the challenges of the government budget cycle. IT teams for government agencies aren’t just protecting intellectual property or credit card numbers; they are also tasked with protecting citizens’ sensitive data and national security secrets.. Charged with this duty but constrained by limited resources, IT leaders must weigh the risks of cyber threats against the daily demands of keeping networks up and running. This balancing act becomes more difficult as agencies migrate to the cloud, adopt internet-of-things devices and transition to software-defined networks that have no perimeter. These changes mean government networks are expanding their attack surface with no additional -- or even fewer—defensive resources. It’s part of the reason why the Verizon Data Breach Investigations Report found that government agencies were subjected to more security incidents and more breaches than any other sector last year. Learn more: CYBERSECURITY MUST BE EMBEDDED IN EVERY ASPECT OF GOVERNMENT TECHNOLOGY

Read More

DATA SECURITY

NPCore forms global partnership with Viet Cyber Security towards expansion into SE Asian IT security market

NPCore | November 26, 2021

NPCore, a joint venture member of Born2Global Centre, has its sights set on a greater share of the IT security market in Southeast Asia, recently joining forces with Vietnamese IT security service provider Viet Cyber Security. Together, the two companies set up NPCore Vietnam Joint Stock Company, a joint venture which will see them coordinate efforts in the IT security industry. NPCore is an AI-based new variant malware (APT) response solution provider offering optimal security solutions. NPCore has provided cyber security solutions and since 2021, it has participated in a project for supporting overseas expansion of D.N.A (Data, Network, AI) convergence products led by Born2Global Centre. The joint enterprise will see the two partners collaborate in technology and, more importantly, concerted sales and marketing activities in the Southeast Asian IT security market. The goal is to lay the foundation for a stable supply of IT security services in local markets to obtain market trust and continue expanding the business at an increasing pace. NPCore has confirmed that it is ready to aggressively engage Viet Cyber Security's local networks and customers towards expanding its market presence. NPCore's solution (Zombie Zero) can defend against any path through which malicious code can flow from the network to the endpoint. It currently holds 12 patents as well as the International Common Criteria (CC) certification for its proprietary security technologies and has more than 100 global references. "The local joint enterprise was established in Vietnam as it is a market with active investment taking place in national security, corporate IT security, and other fields. It will be a local platform for entry into the Southeast Asian markets Vietnam included and will put us on the map as an IT security service provider in the region." NPCore CEO Han Seung-cheol Furthermore, the joint venture between NPCore and Viet Cyber Security was established as part of the Born2Global Centre's partnership program. Through its support of DNA-convergence products and services, Born2Global Centre serves as a launchpad for innovative startups to enter global markets. Born2Global Centre provides startups with different levels of consulting services, from partnership exploration & creation to business establishment, operations, joint R&D projects, and market expansion.

Read More

DATA SECURITY

Smithers Announces the Launch of Information Security Services

Smithers | May 25, 2021

Smithers, a leading provider of testing, consulting, information, and compliance services, is pleased to announce the launch of its information security services department. This agency will provide auditing and certification services for NIST SP 800-171 and the Cybersecurity Maturity Model Certification (CMMC), as well as other customized information security offerings. Smithers Quality Assessments Division offers 25+ years of high-touch, value-added third-party auditing expertise to the CMMC program, including trained, professional auditors to perform CMMC assessments for organizations that are current suppliers to the United States (US) Department of Defense, as well as those looking to meet the requirements of being a supplier. Smithers' information security service offering ensures the security of clients' sensitive data by delivering reliable assessments on time and with a high level of touch. "Information security threats continue to intensify as a significant concern to organizations of all sizes," says Jeanette Preston, President of Smithers Quality Assessments Division. "As a matter of business continuity, many companies would be required to ensure sensitive data security as a requirement to do business with defense, governmental agencies, and highly regulated industries." The information security services department will be launched and led by Aaron Troschinetz, General Manager for Smithers Quality Assessments Division in North America. "During audits, we see that clients have a genuine need for these facilities," Troschinetz says. "Companies do not need multiple vendors because we provide information security in addition to our existing auditing and certification services. Smithers is now capable of serving as their full-service trusted partner." About Smithers Smithers is a multinational provider of testing, consulting, information, and compliance services that were founded in 1925 and is headquartered in Akron, Ohio. Smithers serves customers in the transportation, life science, packaging, fabrics, parts, consumer, and energy sectors through laboratories and operations in North America, Europe, and Asia. Smithers integrates science, technology, and business expertise to provide accurate data on time and with a high touch, allowing consumers to innovate with confidence.

Read More

Spotlight

More than ever before, the discussion of network security is intersecting with the interests of business, government, and popular media. The Transport Layer Security (TLS) protocol is perhaps the best modern example of this. There are stakeholders on all sides who demand both a secure end-to-end connection for clients, as well as the tools necessary to inspect and control the content of traffic in their private networks.