The cybersecurity industry has no shortage of technology to fight against network intruders, app corrupters, email hackers and other cyber criminals. Today a startup called Redacted is coming out of stealth with a different approach to tackling that malicious activity: It applies threat intelligence, and then proactively goes after the hackers to recover data loss and disrupt their activities. And along with its public launch, Redacted is announcing $35 million in funding to expand its business.
The Series B is being led by Ten Eleven Ventures, with participation from Valor Equity Partners and SVB Capital. (Ten Eleven is a VC specializing in cybersecurity that has backed a number of other startups.) It brings the total raised by Redacted — which it specifically styles “[redacted]”…with brackets — to $60 million, including a previous funding of $25 million.
It’s always interesting when a startup comes out of nowhere with a substantial round of VC backing, but it’s almost always because that startup has some interesting pedigree — and that is the case here. The company is led by Max Kelly, who was previously the chief security officer at Facebook and before that held roles at the National Security Agency and U.S. Cyber Command. His co-founder, John Hering, was the founder and CEO of cybersecurity firm Lookout. The startup is populated with a bigger team that the startup likes to say has “more than 300 years of combined experience” in cyber defense, with experience at Facebook, Amazon, NASA JPL, Symantec, Cisco, FBI, CIA, NSA, DIA, Army, Air Force, Navy, U.S. Marine Corps, U.S. Cyber Command and the U.K.’s GCHQ.
I’d actually heard about the company before — it works with another cyber startup I’ve covered called Cado, which provides cyber forensics tools to Redacted (among others). Redacted is not particularly forthcoming about its customers.
The core of what Redacted does comes out of direct experience that Kelly said he had while working at Facebook, where he both built in-house threat response tools but also worked with third-party vendors to secure the social networking giant’s systems, employees and users.
“A big focus of the industry in the last 10 years was preventing the breach,” Kelly said. “But that was always a lie. There is nothing you can do to prevent a breach. The point is not to prevent the breach but the damage from it. Make sure people can’t get data out, and if they do, make sure you can get it back.”
There was also the issue of the size of Facebook itself.
“We couldn’t buy any security tools that worked because of the scale of the company,” he said. “So we thought about it and decided that the best approach would be to ask who is doing this, get them to stop.”
In an environment where cybercrime has taken on the profile of some of the most advanced innovations in technology, with both bad actors and security apps and services leaning on artificial intelligence and automation to do their work, it sounds almost too human an approach. But from how Kelly describes it, it sounds like there is a very human face to cybercrime, and the mere fact of identifying bad actors can get them to retreat.
It’s also a highly technical operation: The startup has also built tools, with some of its own tech and leaning on tech built by others, to find patterns in the work that cybercriminals do and eventually track them to where they are.
“If they’re in a place where they can be touched by law enforcement, that can be used to get them to stop,” he said. “But if not, then it’s just the awareness that they’d been seen and that generally causes them to retreat.”
The mix of what Redacted has built to date, he says, is being aimed at smaller, mid-sized and slightly larger corporates, particularly those that are not capable of building tools like this themselves.
The name, meanwhile, in my opinion says something about the nimble, but also very focused, approach the startup is taking. It comes from a period when the company hadn’t yet come up with a name for itself but was already operating commercially while in stealth mode (which actually is very standard among cybersecurity startups, I’ve found, which don’t really want a lot of attention, for obvious reasons).
“We used it as a placeholder, but I realized, as I talked to people, that they were using the name “Redacted” when referring to us,” Kelly said. He looked up redacted.com and saw it was available. “It was the universe telling me to use the name,” he said with a little smile.
“With the industry’s most advanced pursuit capabilities, Redacted has the power to teach attackers that companies will hold them accountable for attacks,” said Alex Doll, founder and managing general partner at Ten Eleven Ventures, in a statement. “Redacted’s cloud-native security platform also enables them to protect and defend companies that run their operations within a modern cloud architecture. Together, these features enable [redacted] to offer the most holistic and proactive security solution for companies in today’s elevated threat environment.” Doll is joining the board with this round.
Updated to remove the mention of a company that is not a customer.