Sentinel Labs, an Israeli cyber-security firm, announced on Wednesday that it raised $12 million in Series A financing. The company has offices in Palo Alto and conducts research and development in Israel. Tiger Global led the round with full participation from existing investors Accel Partners, Data Collective (DCVC) and Granite Hill Capital Partners, alongside the Westly Group, a new investor.
Israel has produced as many as 200 new start-ups in the last year and a half, according to experts, but few of them have clients such Yahoo and Netflix praising them. Sentinel Labs’ technology protects those companies and dozens of other Fortune 500 firms using real-time technology that determines when a suspicious file or process is trying to access workstations, mobile devices and servers and stops the attack before it takes place. The method works even if the attack is a new one that is not yet known to “traditional” anti-virus programs.
“The age of the anti-virus is over. The endpoint world is ripe for disruption in light of the ineffectiveness of current anti-virus technology and limited visibility of network based products,” said Tomer Weingarten, CEO of Sentinel Labs. “We’ve championed the idea of endpoint being the last line of defense against threats; now we’re going to take that initial concept and tackle the anti-virus itself, an industry that hasn’t changed in ten years despite ever-growing threats.”
The anti-virus programs used by most home users, such as Norton and McAfee, generally use a definition file to determine what files and code to protect against. When a new threat is detected, the company updates the definition file, ensuring that the user is protected against new viruses and malware as they come out.
That system works out fine if the anti-virus definitions file is updated before the new threat affects your computer, but large enterprises can’t take the risk that they will be hit before the definitions file is updated. Large companies may also be the target of custom malware — a piece of code designed just for them by a hacker seeking to compromise their system. That kind of malware will never show up in a definitions file.
Enterprises would have their own advanced custom-made security solutions, but the method of defense — reacting to threats once they are discovered — would likely be similar.
To effectively defend against as-yet-unknown threats, Sentinel Labs’ provides technology that examines the behavior of a file to determine its “intentions.” Using their proprietary predictive execution modeling engine, Sentinel can stop attacks even if they are unknown or brand new by predicting the attack patterns, instead of relying on file signatures or static indicators of compromise.
Sentinel aims to deploy its technology on all platforms and devices. There are versions available for Windows, Mac OSX and Android, and in the coming weeks iOS and Linux versions will be released. Sentinel previously raised a $2.5 million seed round from investors including Accel Partners, Data Collective (DCVC), Dan Scheinman, Granite Hill Capital Partners and UpWest Labs. The new funding will be used to expand Sentinel’s offering and launch a complete Next Generation Endpoint Protection suite, built on Sentinel’s predictive execution modeling engines, to compete with the traditional anti-virus vendors by year’s end.
The company helped a number of Fortune 500 companies stop attacks that current network-based and host-based behavioral systems fail to catch. Alex Stamos, Yahoo’s chief security officer, said “I believe that Sentinel represents the future of APT [advanced persistent threat, a broad category of cyber-threat] detection. Targets of APTs that have deployed the leading centralized solutions are starting to deal with their serious downsides. Sentinel solves these problems by running on the targeted host and detecting successful compromise. I can strongly recommend that any company facing a nation-state and other advanced threats give Sentinel a shot.”
According to Mike Kai, vice president of information technology operations at Netflix, the company’s “unique, light-weight, agent-based solution, combined with the management console and global threat feed, is the solution that we’ve been waiting for.”