Israeli startup Sternum, which provides cyber-security for IoT devices, announced a $6.5 million Series A funding round. The investment was led by Square Peg Capital, with BTOV Partners, and Angel investors, including CyberArk CEO Udi Mokady, also getting in on the action.

Securing IoT at the code level

Sternum’s security solution provides comprehensive protection of your Internet-of-Things products by utilizing an Embedded Integrity Verification (EIV) system, which is embedded into the IoT’s integrated code, alerting to any foreign malicious changes to the device managing application.

The system can also identify vulnerabilities in the code used to operate the IoT devices as a precaution against future attacks, which can take advantage of the weak code to breach the connected machinery. In addition, the company provides real-time threat detection capabilities, enabling organizations the power to act on those threats immediately. Earlier this year, Sternum was the first to fix a wave of vulnerabilities in millions of IoT devices, which was later dubbed the name Ripple20. The vulnerabilities, which were found and fixed by Sternum, could have led to millions of IoT devices being hacked remotely.

Sternum was founded in 2018 by CEO Natali Tshuva, previously of Cellebrite and NSO, Head of Research Arik Farber, VP R&D Lian Granot, and CBO Boaz Shedletsky. The company has raised a total of $10 million to-date.

Once the round closed Tshuva noted that “unlike other products, we don’t aim to fix every vulnerability in the device. We focus strictly on the moment of vulnerability breach when the hacker sets the attack in motion through that same vulnerability.”

In an interview with Geektime back in 2019, Tshuva said, when asked about the challenge of finding paying customers, that “it’s a real challenge. However, on the other side, manufacturers need to secure their machines, and once we show them that our solution equals money, increases security, and most importantly doesn’t interfere with operation of the machine, then it’s an easy pitch. It takes time with major conglomerates, medium sized organizations are a bit easier.”