The malware and endpoint protection markets are heating up as companies look to dump oldschool antivirus software
Palo Alto-headquartered malware and cyber security SentinelOne announced on Wednesday the close of their Series C funding round, locking down $70 million in new fund. The round was led by Redpoint Ventures and included follow-on funding from previous investor and celebrity angel Ashton Kutcher’s Sound Ventures.
SentinelOne offers its customers their lightweight enterprise level endpoint protection platform (EPP), promising to replace the need for anti-virus alternatives. Sitting on the actual devices, ie. desktops and mobile, the company aims to provide their clients with real security against malware, a feat that they say traditional products are incapable of providing at this point.
Previous investors Third Point Ventures, Data Collective, Granite Hill Capital Partners, Westly Group, and SineWave Ventures are also reported to have taken part in the funding. UpWest Labs’ Shully Galili and Gil Ben Artzi also took part in SentinelOne’s early stage funding after taking part in UpWest’s accelerator project. Kutcher’s partner Guy Oseary also participated.
SentinelOne was co-founded in 2013 by CEO Tomer Weingarten, CTO Almog Cohen, and CSO Ehud Shamir. They maintain R&D offices in Tel Aviv.
In October 2015, the company came out with their Series B that pulled in $25 million, which was led by Third Point Ventures. This most recent investment brings the company up to a reported total raised of $110 million.
CTO Cohen describes their solution as a dynamic behavioral engine. Using a hybrid approach of rules set by the researchers, they use machine learning to monitor the system and understand when a malicious event may be underway. It does this by building a system state model of how the system is supposed to be, studying its entities, relationships, and processes.
They use their proprietary algorithms that Cohen explains as meta features to determine what behavior constitutes a potentially harmful event. If an attack is detected, the product can then automatically remediate the issue. Tracing back to the source, it fixes the damage based on the model of how the system looked like before the incident. One happy side effect here is that it provides forensics in what Cohen calls a byproduct of its basic functions.
“The threat landscape is very dynamic, demanding that the solution be flexible,” he adds, explaining that they can also provide alerts and remediation in the event of an exploit event.
The advantage of their technology says Cohen is that it is agnostic and can react quickly to new vectors. If there is a malware operating from a script or another vector, the system will still detect it in the same way, making it far more flexible than the traditional AV (anti virus) products out there that only cover a more narrow scope of file inspection.
Ready for growth
In their statement to the press, the company says that they will use the funding to reach audacious growth rates, aiming for a 400% increase in their global sales over the coming year. Looking back at the past year, Cohen says that their R&D team alone tripled in size. In 2017, he says that they will ramp up their sales and marketing teams as well as their development.
Attaining 400% growth over the course of a year feels ambitious, even for a company that has done well over the past year. Cohen tells Geektime that there is a revolution going on in the endpoint protection space as enterprise customers are poised to dump their AV products in favor of the next generation of solutions.
“I think that it took some time, but they acknowledge that these solutions don’t work,” says Cohen of the AV products, which he says “used to claim 100% protection for years which was not true. Now there are these more advanced and flexible solutions all in one product.”
“Our goal is to complete the endpoint suite,” he adds, noting that they want to “make the traditional AVs completely redundant.”
They are facing off against some stiff competition, both directly and indirectly.
With their binary analysis, Crowdstrike is probably the closest to SentinelOne in this space, but there are others like Palo Alto Traps, Cylance, and Carbon Black that also offer a variety of solutions. These range from whitelisting, static analysis, and other methods that aim to stop malware on the endpoint.
However Cohen and his team say that they “see an opportunity and want to seize it.” With this latest round from backers like Redpoint, who Cohen says had previously wanted to invest in their seed round but is now joining with one of their later stage funds, they now feel that they have the capacity to take on this market and win.
“The product is now mature and we are ready to scale.”
While much of the focus of the past few years has been on network solutions, protecting the whole from risks brought in from the users, this company brings the focus back to the endpoints where many of the threats originate.
Now with $70 million worth of new capital in the bank, SentinelOne seems like they are ready to make the grab for what appears to be a very promising market opportunity.