ThreatStream, a cybersecurity firm based in Redwood City, CA, announced $22M in Series B funding today to continue their efforts to help organizations fight cybersecurity threats. Today’s funding brings the company’s total raised to-date to $26.3M.
The current round is led by General Catalyst Partners with help from new investors Institutional Venture Partners and previous investors Google Ventures and Paladin Capital Group. Steve Herrod, who is a managing partner at General Catalyst and who is also former CTO at VMware, joins the company board of directors as part of the deal.
So what does ThreatStream do that’s so special that it warrants a $22M investment? It looks at security from a different angle, says CEO Hugh Njemanze. He knows the field pretty well, having helped found security information management (SIM) vendor ArcSight, which was bought by HP in 2010 for $1.5B. SIMs like ArcSight, McAfee NitroSecurity and even Splunk (when used as a SIM) capture streams of security data and it’s up to a human to figure out if the threat is real.
As Njemanze told me, SIM Tools collect security activity information in the form of event logs. As you can imagine with the number of attacks that happen on a regular basis these days, using human filters to figure out what’s real and what’s not is a difficult proposition. But that’s the way it’s been done up until now.
That’s where ThreatStream comes in. It applies some intelligence to the process by figuring out which threats are real and which ones are false positives and lets those security analysts concentrate on the actual threats, rather than spending their time chasing down issues that turn out to be nothing.
ThreatStream figures this out in a couple of ways using both humans and technology to help in a symbiotic relationship designed to help companies stay ahead of threats. First of all from the technology side, it uses a machine learning algorithm to reduce false positives, then from the human side, they take advantage of the community to share threat information.
Njemanze acknowledges that security is an ongoing battle and if you judge it by the massive breaches you read about in the press, you might think of it as a losing battle, but he says its tools like his company’s and many others that are taking on the bad actors in an ongoing battle. He believes if it weren’t for the defenses, the internet would have ceased to function as a place where you can conduct business, and that’s obviously not the case today.
As for the community element, he refers to that as “the safety of the herd.” One person gets attacked by a new threat and informs the rest of the community, who are then in a better position to defend against it.
Cybersecurity is a crowded field with many companies attacking the problem, but Njemanze believes his company is attacking it from a new and better angle and so far has 30 large enterprise customers as a starting point. With a proven track record as a successful startup founder and $22M in his pocket, he and his fellow employees now have the resources to prove it.