DATA SECURITY

NightDragon Closes $750M Growth Fund as Part of Next-Generation Cybersecurity, Safety, Security and Privacy Platform

NightDragon | August 02, 2021

NightDragon today announced the close of NightDragon Growth I, a new $750 million venture capital fund to invest in and advise late-stage and growth companies in the cybersecurity, safety, security and privacy industry. The fund will aim to advance the industry and close the gap between offense and defense amidst today's aggressive threat landscape.

The NightDragon team is led by Founder and Managing Director Dave DeWalt, a long-time cybersecurity veteran and the former CEO of FireEye, McAfee and Documentum. He is joined by Managing Director Ken Gonzalez and Partner Morgan Kyauk, bringing together decades of experience leading and operating some of cybersecurity and technology's most significant companies.

The fund comes at a time when physical and cybersecurity threats are significantly damaging businesses and government organizations around the world. The team plans to use its significant industry expertise, extensive network and government connections to identify the most critical gaps causing these challenges and invest in the companies that can solve them. 

"NightDragon is committed to investing and advising companies that we believe can help advance the state of security from silicon to satellite," said Dave DeWalt, Founder and Managing Director, NightDragon. "I could not be prouder to announce this NightDragon fund and work alongside this team, our partners and the broader NightDragon Network to support this critical mission."

NightDragon Growth I is part of the broader NightDragon Platform, which includes partnerships, people and programs at every stage of the startup journey from incubation to IPO and exit. This includes affiliations with leading incubators, early-stage investment firms, NightDragon Advisory, private equity companies, IPO experts and M&A firms. Partners in this platform include DataTribe, AllegisCyber Capital, Team8, YL Ventures and Momentum Cyber.

These partnerships add to a set of programs available exclusively to NightDragon portfolio companies under the NightDragon Network, including ND Talent, ND Government Services and ND Go-to-Market. These programs help give NightDragon companies the edge and expertise to break into new markets, recruit new talent, grow internationally, align with leading technology, service provider and systems integrator partners and more. Partners include Carahsoft, Macnica, Cyber Future Foundation and the Athena Alliance.

"At NightDragon, we know that growing a successful company is much more than investing capital. We have assembled a team that has the operational and industry expertise to help our portfolio companies thrive, not only for successful investment outcomes but also to achieve our broader security mission," said Ken Gonzalez, Managing Director, NightDragon.

"From widespread ransomware to supply chain attacks, it is clear we need a next generation of cybersecurity, safety, security and privacy companies to secure our digital ecosystem. Having worked with Dave, Ken, Morgan and the rest of the NightDragon team for many years, I have seen first-hand their industry and operational expertise and am confident they can help shape this industry for the better," said Admiral Michael Rogers, former Director of the NSA.

"The operational and industry expertise of the NightDragon team has been unparalleled in helping our company grow to new levels of success. We are honored to partner with them as a portfolio company and look forward to seeing their impact increase under this new fund," said Paul Martini, CEO, iboss, a NightDragon portfolio company.

"By partnering with NightDragon, we know we are helping our customers align with some of the most innovative companies in the cybersecurity, safety, security and privacy industry. We are proud to be part of the NightDragon Platform and contribute to the mission of better securing our nation's organizations and governments," said Craig P. Abod, President, Carahsoft.

About NightDragon
NightDragon is an investment and advisory firm focused on growth and late-stage investments within the cybersecurity, safety, security and privacy industries. Its platform and vast industry network provide unparalleled threat insights, deal flow, market leverage and operating expertise to drive portfolio company growth and increase shareholder value. The NightDragon team has more than 25 years of operational and market expertise and was founded by Dave DeWalt and Ken Gonzalez, who served as senior executives leading technology companies such as Documentum, EMC, Siebel Systems (Oracle), McAfee, Mandiant, Avast and FireEye.

Spotlight

Those high profile data breaches led to a swift response from the Government with the penalties for serious or repeated privacy breaches increased from $2.22 million to a minimum of $50 million at the end of December. Since then, the Government has released the Privacy Act Review Report and the 2023-2030 Australian Cyber Security Strategy that signpost a significant shift for Australia’s cyber landscape. Critical infrastructure; personal information; cyber security; dealing with ransomware attacks – all are likely to be shaken up.

Spotlight

Those high profile data breaches led to a swift response from the Government with the penalties for serious or repeated privacy breaches increased from $2.22 million to a minimum of $50 million at the end of December. Since then, the Government has released the Privacy Act Review Report and the 2023-2030 Australian Cyber Security Strategy that signpost a significant shift for Australia’s cyber landscape. Critical infrastructure; personal information; cyber security; dealing with ransomware attacks – all are likely to be shaken up.

Related News

DATA SECURITY, ENTERPRISE SECURITY, PLATFORM SECURITY

Keeper Security Introduces 24-Word Recovery Phrases to Enhance Account Security

Prnewswire | April 28, 2023

Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, privileged access, secrets and remote connections, is excited to announce the launch of its latest feature, the 24-word recovery phrase. This new and more secure method of account recovery is designed to provide Keeper users with the highest level of protection against emerging threats. The 24-word recovery phrase replaces the current user-customizable security question and answer recovery method. It serves as a break-glass method of recovering a Keeper Vault in the event that a user forgets their master password. The recovery phrase generates a unique 256-bit AES key that decrypts a copy of the user's 256-bit AES data key. The data key then decrypts each individual record key, which in turn decrypts each vault record. Keeper has implemented recovery phrases using the same BIP39 word list used to protect crypto wallets. The word list used in BIP39 is a set of 2,048 words used to generate an encryption key with 256 bits of entropy. This method of recovery is commonly used in popular bitcoin and cryptocurrency wallets. Each word in the BIP39 list is carefully selected to improve visibility and make the recovery process less error-prone. "We are thrilled to introduce this revolutionary new feature to our users," said Darren Guccione, CEO and co-founder of Keeper Security. "At Keeper, we are committed to providing our customers with the most advanced and secure password management solutions available. The 24-word recovery phrase is just one example of our ongoing investment in new and more robust technologies to counter emerging cyber threats." Users who have security questions enabled on their vaults will be prompted to replace their security answer with a strong 24-word recovery phrase. It is important for users to store this recovery phrase in a safe place such as a physical safe, and not on a computer, phone or other device. To recover the account and reset the master password, users must have the recovery phrase and also provide an email verification code. For users with 2FA enforced, they must additionally pass the two-factor authentication step. Keeper administrators for business and enterprise accounts have the option of disabling account recovery for their users in the role enforcement policy section of the Keeper Admin Console. Account recovery can be used with SSO-enabled accounts, if enforced by the Keeper administrator. It is important to note that if a user forgets their master password and loses their recovery phrase, they will not be able to access their Keeper vault. Due to Keeper's zero-knowledge architecture, the Keeper team cannot help recover a lost recovery phrase. To utilize this new capability, users are encouraged to ensure that all of their Keeper applications are up to date. For more information about Keeper's password management platform and the 24-word recovery phrase, please visit Keeper's Documentation Portal and Release Notes. About Keeper Security Keeper Security is transforming the way people and organizations around the world secure their passwords, secrets and confidential information. Keeper's easy-to-use cybersecurity platform is built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by millions of individuals and thousands of organizations globally, Keeper is the leader for best-in-class password management, secrets management, privileged access, secure remote access and encrypted messaging. Protect what matters at KeeperSecurity.com.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, WEB SECURITY TOOLS

Malwarebytes Launches WorldBytes for Real-Life Threat Assessments

Prnewswire | April 03, 2023

Malwarebytes, a global leader in real-time cyber protection, is taking the next great leap in security with the launch of WorldBytes, a best-in-class, first-of-its-kind, next-generation mobile security application that takes the malware scanning technologies that customers know and love and applies them to the first frontier of human evolution: real life interactions. Powered by Malwarebytes and next-level AI technology, users can use their mobile devices to scan the world around them and get real-time threat assessments of anything and everything – including questionable Tinder dates, the unlabeled sauce at the back of their fridge and their neighborhood cat. The responses, powered by ChatGPT, humorously explain the potential cyber risks lurking within. "We're proud of our powerful malware scanning engine and the peace of mind it gives users by stopping threats on their devices," said Mark Beare, General Manager of Consumer, Malwarebytes. "We took that same idea and brought it to the physical world with WorldBytes. Users can reveal the hidden cyber threats around them in a humorous way, helping to make cybersecurity accessible and relevant for all." Malwarebytes believes that cybersecurity can be effective, yet simple and intuitive for users. A recently launched campaign, "Protection You Can Trust," leverages humor again to make cybersecurity engaging and accessible for all. The campaign's first two films poke fun at some of the internet's most notorious troublemakers and illustrate how — with just a few clicks in Malwarebytes — you can scan, clean and protect your device, shutting down cyber threats and scams. Watch them on YouTube. While we can't give users real threat intelligence on everyday objects, we hope they enjoy playing with WorldBytes. Consumers ready to protect their devices from malware, ransomware, spyware and other cyberthreats can learn more at www.malwarebytes.com/for-home. About Malwarebytes Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, Malwarebytes' award-winning endpoint protection, privacy and threat prevention solutions and its world-class team of threat researchers protect millions of individuals and thousands of businesses across the globe. The effectiveness and ease-of-use of Malwarebytes solutions are consistently recognized by independent third parties including MITRE Engenuity, MRG Effitas, AVLAB, AV-TEST (consumer and business), Gartner Peer Insights, G2 Crowd and CNET. The company is headquartered in California with offices in Europe and Asia.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

Uptycs Integrates with Amazon Security Lake to Enable the Correlation of its CNAPP and XDR Security Telemetry with a Vast Ecosystem of Security Tools

Prnewswire | June 01, 2023

Uptycs, provider of the first unified CNAPP and XDR platform, today announced an integration with Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes security data from across AWS environments, leading SaaS providers, on-premises, and cloud sources into a purpose-built data lake. Amazon Security Lake manages data throughout its lifecycle with customizable data retention settings and converts and conforms incoming security data to the Open Cybersecurity Schema Framework (OCSF) open standard, making it easier to automatically collect, combine, and analyze security data from AWS, security partners, and analytics providers. The integration with Uptycs helps organizations speed up threat detection and incident response by correlating Uptycs telemetry and events with data from a vast number of other security tools. With the proliferation of technologies and environments, security teams need to spend time setting up one-to-one integrations between their tools to correlate threat activity. This is expensive and delays response to security threats. In contrast, a shift up approach to cybersecurity does not need complex integrations and intermediary systems to connect the dots. The premise involves getting the data in a standardized format right out of the gate, and streaming it up into a data lake so security teams can do cross-correlations that speed up threat detection and response. The OCSF project offers a consistent approach towards cybersecurity telemetry by providing a standard schema for common security events, defining versioning criteria to facilitate schema evolution, and including a self-governance process for security log producers and consumers. This enables organizations to easily bring together data from multiple security tools. "We are excited to bring the security telemetry from Uptycs into Amazon Security Lake," says Ganesh Pai, CEO and co-founder of Uptycs. "A key tenet of the shift up approach to cybersecurity is to stream normalized security telemetry into a data lake, moving security analytics processing power to the cloud. Uptycs and AWS customers can now enjoy enhanced protection and faster reaction time as they benefit from standardized OCSF-based telemetry across their on-prem and cloud workloads." Using the OCSF format, Uptycs and Amazon Security Lake allow organizations to have a consistent telemetry, enabling them to easily correlate data from a variety of security, SIEM, and SOAR tools. Uptycs, an AWS Security Competency Partner, will send a wealth of OCSF-formatted data from on-premises and cloud assets to Amazon Security Lake, including behavioral threat detections from endpoints and cloud workloads, anomaly detections, policy violations, risky policies, misconfigurations, and vulnerabilities. Uptycs prospects and customers can get started with the Amazon Security Lake integration by contacting Uptycs. About Uptycs Your developer's laptop is just a hop away from cloud infrastructure. Attackers don't think in silos, so why would you have siloed solutions protecting public cloud, private cloud, containers, laptops, and servers? Uptycs reduces risk by prioritizing your responses to threats, vulnerabilities, misconfigurations, sensitive data exposure, and compliance mandates across your modern attack surface—all from a single platform, UI, and data model. This includes the ability to tie together threat activity as it traverses on-prem and cloud boundaries, thus delivering a more cohesive enterprise-wide security posture.

Read More