“Protect it all: Stop Tomorrow’s Threat Today”

Founded: 2012 in Tel-Aviv, Isreal

Category: Cybersecurity

Primary office: Boston, MA

Core technical team: Tel-Aviv, Isreal

Status: Private

Employees: 690

Amount raised: $389 million  (5 rounds – last Aug 5, 2019)

OVERVIEW

  • Cloud-based endpoint detection and cybersecurity data analytics platform protecting millions of endpoints from advanced cyberattacks.
  • Partner program supports integration of Cybereason offerings with partner offerings

 

PERFORMANCE METRICS

  • Valuation – $1 billion (2019)
  • Revenue – $60 million/year (2018)

 

ACHIEVEMENTS

  • Developed an endpoint detection platform to empower security teams – handling millions of endpoints.
  • Platform finds a single component of an attack and connects it to other pieces of information to reveal an entire campaign and shut it down
  • Best performing MITRE ATT&CK coverage, correlation, and real-time alerts
  • Extensive and meaningful channels – e.g., World Wide Technology a $11 billion technology solution company

Sells

Platform (consisting of below products):

  • Endpoint detection and response (EDR)
    • Mitigate security threats before they cause harm
    • Actionable threat detection
    • Custom detection rules
    • Remediation options
  • Next-generation antivirus (NGAV)
    • Multi-layered approach  (stay ahead of continuously evolving threats)
    • Single, lightweight agent (one agent to run continuously in user space – eliminating the chance of system crashes while still providing analysts with full, unmatched visibility into all activities)
    • Fileless and ransomware prevention. (A fileless attack is a zero-footprint attack that does not depend upon malicious software, but finds and exploits existing vulnerabilities of a system)
  • Managed detection and response (MDR)
    • 24×7 monitoring (Active monitoring team)
    • Immediate response (Active response team)
    • Leading technology (most effective platform)
    • Worldwide security operations center, millions of global endpoints (with high automation and high fidelity)

 

Services

Cybereason services aim to better protect, detect, contain, and respond to security incidents. Cybereason’s global team augments client’s coverage, enhances client’s processes and capabilities, and improves the client’s security posture with 24/7 monitoring, dedicated support, proactive threat hunting, and swift response to incidents whether remote or onsite.

  • Active monitoring
  • Active hunting – advanced threat hunting capabilities to ensure a strong security posture
  • Active response – analyze, respond, and remediate security issues to minimize their impact on clients
  • Active assist – help line
  • Optimized incident response
  • Advanced analysis
  • Technical account management – account manager works closely with the client to ensure that the Cybereason platform is aligning with client’s security and overall business goals
  • Cyber posture assessment

Channels

  • World Wide Technology (WWT), a market-leading, $11 billion technology solution provider, and  Cybereason, partnered enhancing WWT’s suite of industry-leading security solutions. Benefit: The partnership enables the companies’ joint customers to automate  security by fusing multiple data sources, business context, machine learning and big data analytics to reduce cyber threats and protect their organizations
  • Partner program (100% sales channel) – focuses on partners that have the vision and expertise to help organizations migrate from legacy endpoint solutions of the past to the Cyber Defense Platform of the future. Benefits to partners: increased profitability150,000:1 on one platform and  See more, stop more
  • Partner program is tiered (entry, pioneer, game changer) –  training and certifications; partner portal and demo environment access; deal registration; services portfolio; Co-op funds; MDR-in-a-box; partner success manager; rebates and executive advisory board
  • Numerous events, some with key players/partners/investors

Competencies

  • Capable of stopping the world’s most advanced cyberattacks by exploiting their adversaries’ weaknesses
  • Many employees served in IDF (Israeli Defense Force) 8200 unit – elite group specializing in cyber security
  • Application of IDF’s perspective on cybersecurity to enterprise security
  • Cybereason Nocturnus team – identify advanced persistent threats (e.g., Operation Soft Cell), cutting edge security research, hunting, security operation centers (US, Japan, Israel), incident response
  • Unique combination of military training and years of experience in offensive security leads to the ability to offer products that can change how the world sees cybersecurity

Resources

Assets

  • Nocturnus team (first to discover vaccination for two of the largest cyberattacks in 2017)
  • Platform – 150,000:1 multiplier – improves analysts with automated prevention, detection, and hunting experience across a large set of endpoints
  • Vision – Autonomous security – By 2025, what are currently seen as separate technologies will be available to all as a service in an automated easy to use manner

Processes

  • Understanding the business of cybersecurity is a moving game, from the tactical level, where Cybereason defends companies and networks, to the strategic level of board rooms and partnerships, is the key to making a billion dollar company, that is changing what it means to do security. (https://www.cybereason.com/press/the-quick-and-the-dead)
  • Example process of hunting: initial full welcome hunts; ongoing proactive hunts; team Nocturnus consulting for critical incidents; quarterly reports

Priorities

  • Starting with endpoint detection and response but with a vision of protecting it all (wearables, cars, IoT). Return power to where it belongs – with the defenders
  • Ramp up of channels in Americas, Australia, Europe, Africa and Asia – focus on channel and strategic partnerships and will show they have the best rates of improvement in the business model

Assertions That Best Describe What the Company Did to Scale Early, Rapidly & Securely

  1. Increase value by using a compelling image of the desired future company to convince others to provide the funding and resources the company requires
  2. Increase demand of products and services by combining two or more resources in a way that the value created from them exceeds the sum of the value created from each resource separately
  3. Arrange and apply resources from different regions to increase profitability
  4. Develop and sell products that address a problem, job to be done or a need that is shared by a large and growing number of individuals and organizations in various regions to increase sales
  5. Increase market share by applying digital technology to brand, market, sell, and service customers more cost-effectively than competitors
  6. Increase demand by using scientific and technological advances to develop innovative products and services
  7. Increase profitability by applying processes that make products and services easier to understand, produce and deliver
  8. Increase the company’s value by continuously seeking and receiving funding to support the company’s plan to scale and improve its image in the marketplace