Vectra raises $36M for its AI-based approach to cybersecurity intrusion detection

With the trend of growing cybercrime showing no indication of abating, a startup called Vectra that has built an artificial intelligence-based system called Cognito to detect cyberattacks and mobilise security systems to respond to them has raised $36 million to expand its R&D and business development.

This Series D comes on the back of a strong year for the startup, with 181 percent growth in customer subscriptions between 2016 and 2017, and Vectra’s CEO Hitesh Sheth said he expects the same this year. Typical customers are large enterprises (which is why you don’t see much about pricing on the site) and includes players in the financial, healthcare, government, tech and education sectors. The list the company disclosed to me includes LiveNation/Ticketmaster, Pinterest, Kronos, Tribune Media, Verifone, Agilent, Texas A&M University and DZ Bank in Germany.

This latest round is being led by Atlantic Bridge Capital, with participation from Ireland’s Strategic Investment Fund (ISIF) and Nissho Electronics Corp. Previous investors Khosla Ventures, Accel Partners, IA Ventures, AME Cloud Ventures, DAG Ventures and Wipro Ventures also participated. The company’s total raised to date is $123 million, and while it is not disclosing its valuation, its pre-money valuation of just under $344 million, according to PitchBook, based on its last funding round in March 2016, is likely getting a big boost after the growth it has seen. Also for context, one of its closer competitors, Darktrace, was last valued at $825 million.

Vectra’s growth — and the round that it has raised — underscores one of the bigger challenges in the market at the moment for enterprises and other organizations.

While there are a number of solutions out there for trying to block malicious hackers and their various techniques, and there are systems in place for stopping them when they are found, there is a gap in the market for the moments where cyber criminals evade the best blocks and then proceed to steal data, sometimes for months or more.

The Winter Olympics in Korea, as one recent example, suffered an attack that was only detected after the malicious hackers had already been sucking up data for 120 days.

“One of the issues for enterprises today is that it’s never been more hostile. The operating assumption is that you will get breached,” said Hitesh Sheth, president and CEO of Vectra. His company’s solution, he says, is not to try to change that currently immutable fact, but to drastically shrink the length of an otherwise months-long attack to minutes and hours.  “The only control you really have is what will you do once you are breached.”

Vectra does this using AI. The thinking here is that, if you are working with large enterprises, there are many places, services, apps and end points that need to be assessed for inconsistencies in how they are being queried and used in the network. Systems that are automated and use machine learning to essentially mimic the behavior of security specialists are the best at doing this kind of searching and identification.

Sheth claims that while there are a number of other intrusion and threat detection services out in the market — Darktrace, Cisco’s intrusion detection (built around a number of acquisitions) and RiskIQ being some of them — Vectra is the only one of these that is built on AI algorithms from the ground up. “AI is a bolt-on for most security players, but this is all we do.”

He also says that the other aspect of its service that helps it stand out is its focus on network, rather than end-point, traffic. “If devices are compromised, end point logs are compromised.”

Sheth describes this latest round as its “path to profitability,” where it could be the last one Vectra needs before it tips into the black itself — a big feat for an SaaS service that also has its sights on an IPO longer-term.

“What is a fad in the valley is to raise as much as possible and then some more,” he said. “Investors can win but I’m not sure employees do. You want to rase as much as possible but you need to see how to scale.” He said initially the company wanted to raise between $25 million and $30 million but “interest was super high and it was oversubscribed, so we accommodated investors that we thought would add value.”

The connection with the Irish strategic investment stems out of the fact that Vectra is going to build an R&D center in Dublin. This came first and the investment came second, Sheth said.

The company selected Dublin because it had considered London and Barcelona — there are already three centers in the US, in Austin, Cambridge San Jose — but backed away from the former because of uncertainties around Brexit, and the latter because of political upheaval. Ireland, he believes, will only grow in prominence for its position as the only English-speaking market still fully in the European Union.

“This is an exciting investment for ISIF, which promises significant economic impact for Ireland,” said Fergal McAleavey, head of private equity at ISIF, in a statement. “It is encouraging to see Ireland leverage its emerging expertise in artificial intelligence by attracting businesses such as Vectra that are on the leading edge of technology. With cybersecurity becoming such a critical issue for all organizations, we are confident that Vectra will deliver a strong economic return on our investment while creating high-value R&D employment here in Ireland.”

Meanwhile, company’s growth is what swayed the lead investor.

“We have been impressed by the remarkable growth of Vectra in this fast-moving cybersecurity market,” said Kevin Dillon, managing partner at Atlantic Bridge Capital, in a statement. “The increasing volume, creativity and effectiveness of cyberattacks means that enterprises must adopt AI to automate cybersecurity operations. We look forward to helping the company expand its global enterprise footprint.”