Botnet-spotting Seculert lands $10m funding round

Summary:More funding for the cloud-focused Israeli threat detection startup.

how-it-works-step 2
A screenshot of Seculert's dashboard in action, showing which devices on a network have been compromised. Image: Seculert

Israeli security startup Seculert has landed a $10m Series B funding round.

The funding partnership, announced on Monday, involves Sequoia Capital with participation from existing investor, Norwest Venture Partners (NVP), and sees execs from both companies joining Seculert's board.

The company's business is detecting malware, botnets, and other online threats. For example, 18 months ago, Seculert was the first security company to discover a new strain of the infamous Flame virus, called Mahdi , apparently created by Iranian hackers to attack Israeli networks

"We found that the communication, and several of the server side components, included strings in Farsi as well as dates in the Persian calendar format," the company said in a blogpost. "We were able to track variants of the same malware back to December 2011."

Seculert was specifically designed for the cloud, said company CEO and co-founder Dudi Matot in a recent interview. "We can ferret out malware in anything that is on the network, whether it's PCs, laptops, iPads, printers, and so on. That includes anything that connects from outside the network, like from a vendor or an employee working at home, or from a remote office. Everything is done in the cloud, and there is no need to install anything."

The Seculert system gathers intelligence from multiple sources, analyses malicious content and activity, identifies cybercrime servers and detects corporate-specific attacks in real time, he added. It also checks live botnets, looking for IP addresses associated with them; if a customer's IP address is found, the company is informed immediately, and a thorough security analysis of the system is connected.

The assumption, Matot said, is if a device's IP address is part of a botnet, then it has already been compromised, even if everything "looks OK". Information about malware and botnets captured by Seculert is added to its defense database to inform its other customers — which include Fortune 500 companies, as well as global financial service providers, telcos, and multinational oil and gas companies.

Everything is done online. Customers log onto a secure dashboard, which will show them what problems they should be concerned about, and where they are on the network. Seculert will even analyse log files from existing security or monitoring systems (such as Blue Coat, Squid and so on) and add those results to the dashboard. All the customer has to do is provide Seculert with the IP addresses of the systems to be monitored, and the service does the rest, said Matot.

And things are just going to get riskier, Matot said. "Organisations are accepting that their existing layered approach to network security architecture cannot address today's advanced and sophisticated malware challenges.

"BYOD policies, mobile workers, remote offices and employees, and the integration of social media communication in the workplace are all making networks more open — and therefore, more vulnerable — than ever."

The company, which received its first big financing around a year ago , is well on the road to expanding its global reach, said Matot. It's just a matter of time before C round funding — or some other major fiscal event — hits Seculert.

Topics: Security, Malware

About

David Shamah has been writing about Israeli technology news for over a decade, both in print and on the web, and knows the Israeli tech scene and its start-ups inside out.

Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.