We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Blueshift Cybersecurity has raised a seed round of $6 million from investors WestWave Capital and CyberJunction. The company specializes in infrastructure and data security tools for small- to medium-sized businesses. The investment will allow Blueshift to grow its staff from 12 to about 30 by this year and advance its core offerings.
Cigent, a data protection vendor, incubated the company. Cigent CTO Greg Scasny designed the Blueshift architecture before the formation of Cigent. Existing Cigent customers began using the platform, and it was eventually spun out as a separate company. There are currently about 50 customers using the service to protect over 100,000 devices.
Automating the security response
Blueshift specializes in tools for extended detection and response (XDR). This is a relatively new field in cybersecurity. The term was coined by Palo Alto networks in 2018 and picked up steam when both Gartner and Forrester saw it as a convergence of security capabilities. Gartner predicts that the number of organizations using XDR could grow from 5% today to over 40% by 2027. XDR plays a vital role in helping enterprises secure a more extensive and varied infrastructure. As a result, various tools have evolved to protect networks, web traffic, email, cloud services and endpoints.
Starting around 2005, vendors introduced tools for aggregating threat intelligence from across these different tools, which came to be known as security information event management (SIEM). SIEM focused on simply improving the ability to detect security events, leaving it up to cybersecurity teams to respond via other channels.
In 2015 Gartner coined the term security operations, analytics and reporting (SOAR) for describing an emerging class of tools that helped coordinate a response. However, these tools tend to be a heavy lift, particularly for smaller enterprises. XDR tools are deployed as a cloud service, which simplifies deployment and ease of use compared to SIEM/SOAR, and it also can automate the response to attacks.
Blueshift values integration over migration
Over the last couple of years, major security vendors such as Microsoft, Check Point, Cisco, Trend Micro, McAfee, Rapid7 and Palo Alto Networks have begun extending their traditional endpoint, network and antivirus protection capabilities to support XDR. However, Gartner cautions that by 2023 at least 30% of endpoint detection and response (EDR) and SIEM vendors will claim to provide XDR despite lacking core XDR functionality. One point of contention is the extent to which these tools can collect data across multiple third-party tools rather than requiring users to migrate existing security services to a single platform.
Blueshift Chairman and CEO Brad Rowe told VentureBeat, “We are not a rip and replace solution. Unlike these competitors, we will work with whatever you have in your current security stack in addition to our platform. We work very hard to get data from as many sources as we can and use that data to detect and investigate anomalies in our customers’ environments.”
Another Blueshift innovation has been to integrate zero-trust data protection with its XDR platform. Zero-trust data protection can force the protection of files during a security incident so that only authorized users with proper multifactor authentication can access them. This helps reduce the risk that the data is exfiltrated or encrypted during an incident.
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.
Source: Read Full Article