DATA SECURITY

NightDragon Closes $750M Growth Fund as Part of Next-Generation Cybersecurity, Safety, Security and Privacy Platform

NightDragon | August 02, 2021

NightDragon today announced the close of NightDragon Growth I, a new $750 million venture capital fund to invest in and advise late-stage and growth companies in the cybersecurity, safety, security and privacy industry. The fund will aim to advance the industry and close the gap between offense and defense amidst today's aggressive threat landscape.

The NightDragon team is led by Founder and Managing Director Dave DeWalt, a long-time cybersecurity veteran and the former CEO of FireEye, McAfee and Documentum. He is joined by Managing Director Ken Gonzalez and Partner Morgan Kyauk, bringing together decades of experience leading and operating some of cybersecurity and technology's most significant companies.

The fund comes at a time when physical and cybersecurity threats are significantly damaging businesses and government organizations around the world. The team plans to use its significant industry expertise, extensive network and government connections to identify the most critical gaps causing these challenges and invest in the companies that can solve them. 

"NightDragon is committed to investing and advising companies that we believe can help advance the state of security from silicon to satellite," said Dave DeWalt, Founder and Managing Director, NightDragon. "I could not be prouder to announce this NightDragon fund and work alongside this team, our partners and the broader NightDragon Network to support this critical mission."

NightDragon Growth I is part of the broader NightDragon Platform, which includes partnerships, people and programs at every stage of the startup journey from incubation to IPO and exit. This includes affiliations with leading incubators, early-stage investment firms, NightDragon Advisory, private equity companies, IPO experts and M&A firms. Partners in this platform include DataTribe, AllegisCyber Capital, Team8, YL Ventures and Momentum Cyber.

These partnerships add to a set of programs available exclusively to NightDragon portfolio companies under the NightDragon Network, including ND Talent, ND Government Services and ND Go-to-Market. These programs help give NightDragon companies the edge and expertise to break into new markets, recruit new talent, grow internationally, align with leading technology, service provider and systems integrator partners and more. Partners include Carahsoft, Macnica, Cyber Future Foundation and the Athena Alliance.

"At NightDragon, we know that growing a successful company is much more than investing capital. We have assembled a team that has the operational and industry expertise to help our portfolio companies thrive, not only for successful investment outcomes but also to achieve our broader security mission," said Ken Gonzalez, Managing Director, NightDragon.

"From widespread ransomware to supply chain attacks, it is clear we need a next generation of cybersecurity, safety, security and privacy companies to secure our digital ecosystem. Having worked with Dave, Ken, Morgan and the rest of the NightDragon team for many years, I have seen first-hand their industry and operational expertise and am confident they can help shape this industry for the better," said Admiral Michael Rogers, former Director of the NSA.

"The operational and industry expertise of the NightDragon team has been unparalleled in helping our company grow to new levels of success. We are honored to partner with them as a portfolio company and look forward to seeing their impact increase under this new fund," said Paul Martini, CEO, iboss, a NightDragon portfolio company.

"By partnering with NightDragon, we know we are helping our customers align with some of the most innovative companies in the cybersecurity, safety, security and privacy industry. We are proud to be part of the NightDragon Platform and contribute to the mission of better securing our nation's organizations and governments," said Craig P. Abod, President, Carahsoft.

About NightDragon
NightDragon is an investment and advisory firm focused on growth and late-stage investments within the cybersecurity, safety, security and privacy industries. Its platform and vast industry network provide unparalleled threat insights, deal flow, market leverage and operating expertise to drive portfolio company growth and increase shareholder value. The NightDragon team has more than 25 years of operational and market expertise and was founded by Dave DeWalt and Ken Gonzalez, who served as senior executives leading technology companies such as Documentum, EMC, Siebel Systems (Oracle), McAfee, Mandiant, Avast and FireEye.

Spotlight

Zero Trust est une stratégie destinée à réajuster les pratiques et les outils de sécurité dans une architecture de sécurité moderne qui garantit un accès aux données et aux ressources basé sur le principe du moindre privilège, avec des décisions d’accès basées sur une validation d’identité rigoureuse et des politiques adaptées a

Spotlight

Zero Trust est une stratégie destinée à réajuster les pratiques et les outils de sécurité dans une architecture de sécurité moderne qui garantit un accès aux données et aux ressources basé sur le principe du moindre privilège, avec des décisions d’accès basées sur une validation d’identité rigoureuse et des politiques adaptées a

Related News

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Wiz Launches Free Cloud Framework to Drive Community-Backed Security

Wiz | December 15, 2022

Wiz, the leading cloud security platform that rapidly enables customers to find and remove critical cloud risks, today announced its newest project, The PEACH framework, a tenant isolation framework for cloud applications. This framework will enable industry-wide collaboration and provide cloud customers and cloud application developers with the necessary guidance to build cloud services securely and prevent critical risks in the implementation process. "Over the past year and a half, Wiz researchers and other members of the cloud security community discovered several cross-tenant vulnerabilities in various multi-tenant cloud applications. "Although these issues have been reported extensively and were dealt with appropriately by the relevant vendors, we've seen little public discussion on how to mitigate such vulnerabilities across the entire industry. This is where we see an opportunity to strengthen the collaboration between members of the security community." Wiz CEO Assaf Rappaport Beyond offering a guideline for organizations, PEACH is a starting point for empowering security teams to work together to establish standard transparency and common language when it comes to mitigating cloud threats. Serving as a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, PEACH manages the attack surface exposed by user interfaces and provides a clear standard for transparency on tenant isolation assurance. Wiz developed the following parameters based on lessons learned to address the rising cross-tenant vulnerabilities, lack of a standard for transparency, and missing common langue among vendors: Privilege hardening – ensure tenants and hosts have minimal permissions in the service environment. Encryption hardening – confirm the data belonging to each tenant is encrypted with a unique key, regardless of where the information is stored. Authentication hardening – validate that communication between each tenant and the control plane use authentication with a validated key unique to each tenant. Connectivity hardening – establish that all inter-host connectivity is blocked by default unless explicitly approved by the tenants involved. Hygiene – verify that unnecessary secrets, software and logs scattered throughout the environment are purged to avoid leaving clues or enabling quick wins for malicious actors. The second part of the security review process consists of remediation steps to manage the risk of cross-tenant vulnerabilities and improve isolation as necessary. These include reducing interface complexity, enhancing tenant separation, and increasing interface duplication -- all while accounting for operational context such as budget constraints, compliance requirements, and expected use-case characteristics of the service. This framework was reviewed and collaborated on with cloud security industry experts from AWS, Google, IBM, Netflix and Cisco. Instead of commercializing PEACH though, Wiz will be offering the framework for free. About Wiz Wiz secures everything organizations build and run in the cloud. Founded in 2020, Wiz is the fastest-growing software company in the world, scaling from $1M to $100M ARR in 18 months. Wiz enables hundreds of organizations worldwide, including 30 percent of the Fortune 100, to rapidly identify and remove critical risks in cloud environments. Its customers include Salesforce, Slack, Mars, BMW, Avery Dennison, Priceline, Cushman & Wakefield, DocuSign, Plaid, and Agoda, among others. Wiz is backed by Sequoia, Index Ventures, Insight Partners, Salesforce, Blackstone, Advent, Greenoaks and Aglaé.

Read More

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Swimlane Launches First Comprehensive Security Automation Ecosystem for OT Environments

Swimlane | November 15, 2022

Swimlane, the low-code security automation company, today announced the formation of the first operational technology (OT) security automation solution ecosystem tailored to meet the combined OT and IT security requirements within critical infrastructure environments. The Biden Administration designated November as Critical Infrastructure Security and Resilience Month, drawing attention to the need for “fortifying our information technology and cybersecurity across sectors.” As cyber threats grow in frequency and severity, security operations teams within industrial organizations are regularly targeted due to the importance of their systems and infrastructure. Given the limited resources at their disposal, security teams within these organizations are struggling to keep up with rapidly evolving threats. The cybersecurity skills gap poses a particularly difficult challenge for organizations with OT environments due to the unique skill set required to navigate the convergence of OT and IT technologies. This is where modern Security Orchestration, Automation and Response (SOAR) plays an instrumental role. “Our public utilities and critical infrastructure face unique cybersecurity challenges to detect and respond to the convergence of threats targeting their combined OT and IT environments, and cyber-physical systems. “Swimlane is bringing together the best of OT security with our extensible security automation platform to create a robust system of record and control for security operations teams to more quickly process large amounts of security telemetry without needing more resources to defend against breaches.” Cody Cornell Co-founder and Chief Strategy Officer of Swimlane Swimlane’s security automation ecosystem for OT environments currently includes the following: Nozomi Networks for OT and IoT Security: Swimlane and Nozomi Networks, the leader in OT and IoT security, also announced today a technology integration that combines low-code security automation with OT and Internet of Things (IoT) security. The combined solution makes it possible for industrial and critical infrastructure security operations to maintain continuous asset compliance and mitigate the risks of attacks from combined OT and IT entry points. Dataminr Tackles Physical Risk: Swimlane’s integration with Dataminr leverages automated processes to mitigate risks and warn at-risk employees as soon as possible to ensure their safety. The cyber-physical threat response solution saves organizations crucial minutes when connecting with staff members who might be affected by a natural disaster, accident, or social unrest, or other types of physical risk. 1898 & Co. for Managed Threat Detection: 1898 & Co., a preeminent industrial control system (ICS) cybersecurity solutions provider, has selected Swimlane as the core automation platform for their managed threat detection services. These services include the detection of both OT and IT-born threats, machine-speed threat validation and scoring, and rapid remediation of threats using OT response methods. “Security teams chartered with protecting OT environments are struggling to keep pace with emerging threats given their limited resources,” said Joshua Magady, Practice Technical Lead at 1898 & Co. “As cyberattacks on critical infrastructure continue to rise and the cybersecurity skills shortage prevails, we are excited to be working with Swimlane to provide automation solutions that give these important organizations the tools to defend against rising cyber threats effectively.” Working with each technology partner, Swimlane will develop a portfolio of pre-integrated solutions that customers can quickly deploy either through managed services or add to their existing environment. About Swimlane Swimlane is the leader in cloud-scale, low-code security automation. Swimlane unifies security operations in-and-beyond the SOC into a single system of record that helps overcome process and data fatigue, chronic staffing shortages, and quantifying business value. The Swimlane Turbine platform combines human and machine data into actionable intelligence for security leaders.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Dremio and Privacera Announce Their Latest Integration

Dremio | February 01, 2023

On January 31, 2023, Dremio, the leading simple and open data lakehouse, and Privacera, the only open-standards-based data governance and security solution provider, announced their latest integration, which expands advanced data governance and security capabilities for customers building modern data applications on top of data lakehouses. As data lakehouses become more popular, it is becoming increasingly essential to manage and organize safe data access while also adhering to complicated regulatory regulations across all data assets. The new integration now allows Joint clients to expedite secure and governed analytics by decreasing manual processes while automating stringent compliance for contemporary data cooperation, which is especially important in highly regulated industries like financial services. The enhanced integration proffers joint clients with the following capabilities: Ensuring scalability and performance By pushing down policies written in Privacera into Dremio, the native integration allows quick query performance and scalability. Enhanced data security and governance capabilities The connector enables enterprises to implement attribute-based access control (ABAC), discovery for tagging and data classification, data encryption, row-level filtering and masking, canned reports and centralized auditing. Applying Consistent policy administration across Dremio and the majority of hybrid and multi-cloud data sources Customers can now establish and enforce data access policies and classifications once and then deploy them anywhere. About Dremio Founded in 2015, Dremio is a simple, open data lakehouse that offers self-service analytics, data warehouse capability, and data lake flexibility across all data. It boosts agility with a novel data-as-code approach that enables Git-style data experimentation, version control, and governance. In addition, it removes data silos by allowing searches across data lakes, databases, and data warehouses, as well as easing ingestion into the lakehouse. Dremio is employed by hundreds of enterprises, including three of the Fortune 500, to offer mission-critical BI on the data lake. The company is the inventor of Apache Arrow and is on a quest to redefine SQL for data lakes and meet clients where they are on their cloud journey. About Privacera Founded in 2016, Privacera is the first company to offer a SaaS-based data governance and security solution that unifies privacy and compliance across various cloud services such as Azure, AWS, Databricks, GCP, Starburst and Snowflake. It assists businesses in making efficient and responsible use of data by guiding them through their data journey. Privacera, founded by the creators of Apache Ranger™ and Apache Atlas™, is often referred to as "Apache Ranger in the Cloud." Fortune 500 customers in the insurance, finance, life sciences, media, retail, and consumer industries, as well as government agencies, use the Privacera platform to mask sensitive data, automate sensitive data discovery, and manage high-fidelity policies at petabyte scale on-premises and in the cloud.

Read More