Using an age-old trick in infrastructure security, the company finds itself on a growing list of deception security solutions
If you’ve ever been casually hacking a major corporation’s server and trying to interfere with its manufacturing or break into its email, you may have been surprised at how easily you got into the company’s infrastructure. You might have been less satisfied with what you were able to accomplish with your hack. Well, you might have been a victim of decoy server technology.
Cymmetria, an innovative and tactical Israeli startup that not only catches hackers but also uses a sort of digital feint to snare hackers, scored $9 million in Series A led by Sherpa Ventures, bringing the company’s total haul now to $10.5 million. Past funding has come from the YC Combinator, Seedcamp, and Felicis.
The company already has a few beta users, but they are private about their perspective or possibly contracted customers.
The startup has developed what it calls a unique “deception stack” of software capabilities, including its own Maze Runner admin program. Still, they claim their system is adaptive and requires minimal IT attention. Their solution utilizes decoy servers called “honeypots” (a la the term used for seductive female spies) to distract would-be attackers away from their true targets. By leaving behind a series of digital “breadcrumbs” to mislead attackers toward these decoy servers, they can keep the enemy preoccupied.
The concept of a honeypot server is not a new one and has been employed to learn the habits of hackers and to gather digital forensics on them. Their original intent is to be used in conjunction with other security that allows multiple layers of firewall and system logs, according to cyber security firm SANS.
Deception on the rise
Market research company Gartner, Inc (NYSE: IT) anticipates that 10% of enterprises will use deceptive solutions by 2018. Several other Israeli companies using similar solutions also scored major funding rounds this year, including illusive networks reeling in $22 million in October and TrapX also landing $9 million in July for its solution DeceptionGrid. Other companies Gartner names in the deception security industry include Allure Security Technology, Attivo Networks, CyberTrap, ForeScout, Hexis Cyber Solutions, LogRhythm, Percipient Networks, Rapid7, Shape Security, Specter, and TopSpin Security.
The company was founded in 2014 by IDF 8200 technology unit veteran Gadi Evron, Dean Sysman, Ran Harel and Imri Goldberg. They employ 16 people between Tel Aviv and San Francisco and recently participated in the Y Combinator accelerator program.