Aorato offers a solution that monitors, analyzes and blocks suspicious behavior in organizations. Now they’re launching their solution and announcing the completion of a $10M round
Israeli startup Aorato, specializing in information security, launched its new security solution for organizations that detects attacks through the study of various corporate entities and their behaviors. Accompanying the product launch, Aorato announced the completion of a financing round valued at $10M and led by Accel Partners along with Mickey Boodaei (co-founder of Imperva and Trusteer), Rakesh Loonkar (co-founder of Trusteer), Innovation Endeavors -VC funded by Eric Schmidt – and Glilot Capital Partners.
Work for organizations
Aorato was founded in 2011 by Idan Plotnik, Michael Dolinsky and Ohad Plotnik. the three all bring with them over a decade’s worth of experience in the field of cybersec has now developed a technology that offers multi-layered protection for organizations based on behavioral contexts. The solution, which is launching today, is called Directory services Application Firewall (or DAF for short) and is able to analyze the behavior of the various entities within an organization, such as internal and external users, computers, servers, mobile devices connected to the corporate network, etc.
Behind the scenes, the company’s technology actually learns from the behavior of the various devices that connect to the corporate network, applications running in the background and of course, the behavior of user employees themselves. By analyzing these data points based on contextual ads and various interactions, the system is able to make decisions in real time to monitor and block access where appropriate.
Aorato currently employees ten people operating out of the company’s Herzliya offices and working on a defensive solution for organizations working off of Microsoft’s Active Directory, considered one of the more common platforms of this nature the world over. Alongside analysis of entities, the system creates profiles and builds various entity graph interactions in order to detect anomalies in activity that may indicate an attack or breach in security policy.
For example, when one of the employees at a customer service company who generally operates within a specific area of the network, is found in an area that is atypical to their behavioral graph and their job task, the system will alert the appropriate overseers while automatically blocking their access. Another example might be when a mobile device tries to connect to an unidentified corporate network and access sensitive information, even if using a username and password authorized by the system, the user will be blocked and relevant parties will be informed.
Connect the dots
Idan Plotnik, Co-Founder and CEO at Aorato explained that the DAF compares real-time data, announces suspicious activity and assigns these activities a timeline. “By assigning a timeline, the security people in the organization can connect the dots between different events that allegedly seem insignificant, but together accumulate to form a telling story of aggression levied against the organization.”
According Plotnik, the timing of the product launch was perfect following 2013’s record of broad business damage caused by targeted attacks, with Active Directory being a major part of them. “The past year has shown the consequences of access to sensitive internal factors within the organization, such as the NSA case. These threats have proven that there is a need for our company’s unique technology in order to update the nature of corporate security.”