Remediant:获融$15M 特权访问管理
【190822 SecurityWeek】San Francisco, CA-based privileged access management (PAM) solution provider Remediant has closed a $15 million Series A funding round co-led by Dell Technologies Capital and ForgePoint Capital. The money will be used to expand Remediant's marketing and field operations, product engineering, channel and customer success programs, following quintupled sales revenue between 2017 and 2018.
Remediant was founded in 2015 by two security practitioners, Paul Lanzi (now COO) and Tim Keeler (CEO). The two met while working at Roche. As practitioners they were faced with the problem found in all large corporations (Roche had about 120,000 global staff at the time): privileged account sprawl. With little control over privileged accounts it is difficult to stop and contain intruders' lateral traversal through a network.
In one previous position, Lanzi told SecurityWeek, "I had privileged access to 3,000 or 4,000 systems -- some of which I probably never logged into. But if my account were ever compromised, it would be game over for any or all of those systems."
The solution, they thought, would be some form of 'just-in-time' administrator account control (JIT PAM): accounts that are spun up where and when needed, and removed after the need, just as Palo Alto Networks had introduced just-in-time firewall exception rules. With nothing in the market, they decided to do it themselves, and developed a prototype between 2015 and 2016.
In 2016 they took the concept to a Lions' Den side conference at Black Hat. They did not win. But after the pitch, the deputy CISO from Lockheed Martin emerged from the audience. He told them that he had just asked his company to develop the same concept in-house, but that if Remediant had a working product, he would rather buy it than develop it.
Lanzi and Keeler were given 60 days to do a proof of concept at Lockheed Martin. They installed and performed the proof of concept in six days; had a fully signed deal within a couple of weeks, and had fully deployed the product within a few more weeks. "Remediant impressed us from day one with their ability to mobilize and quickly scale a PAM solution to secure more than 150,000 endpoints," said Lockheed Martin CISO, Mike Gordon.
The first part of Remediant's product is a continuous monitor that scans the network, locates existing administrator accounts and presents them on a dashboard. "It is almost always," said Lanzi, "far more than the customer expects," adding that existing customers had frequently been able to remove millions of old or unnecessary privileged accounts. He continued, "The second step is around locking down the remaining access, and then provisioning it back on a just-in-time basis."
The product removes privileged accesses, but keeps a record. When a user requires privileged access to one or more systems, it is obtained via two-factor authentication from the master record. The 2FA is required to prevent a malicious intruder with stolen credentials gaining access to the master record.
If the candidate is verified by the master record as having authority to access a specific, or multiple systems, privileged rights are bestowed on a just-in-time basis, and then removed again after a specified time period (the default is four hours). In Lanzi's own earlier example, he would move from having persistent rights to 3,000 to 4,000 systems, to having temporary, time-limited access to just one system, on demand. The same principle then applies to everyone within the organization.
This solves the privilege problem both on the network and at the endpoint. End users can be granted temporary rights to install apps on their own machines, or support desks can get just-in-time rights for installations on specific devices at specific times, rather than hold permanent rights over all devices. It also lends itself to the concepts of least privilege, zero trust and the evolution of microsegmentation.
"The concepts that underly zero trust access, and the principles of least privilege," Lanzi told SecurityWeek, "are exactly the principles that we're enacting around our access management. Our product is built on Docker, so we understand the benefits of a microsegmentation architecture and the move away from heavy workloads running on virtual machines towards running containers. Privileged access as it relates to containers and other microsegmented workloads is still an evolving field, so that's something we're exploring. In fact, doing R&D in that area is one of the areas where we're using the money raised."
Tom Kellerman, chief security officer at Carbon Black, joined the Remediant board as a strategic advisor in February 2019. He said at the time, "Authentication is the Achilles heel of cybersecurity. As cyber criminals continue to exploit trust relationships within corporations, privileged access management has become mission critical for cybersecurity and brand protection."
Kellerman believes that Remediant's SecureONE is a game-changer in the PAM market. "This round of fundraising is a testament to the foresight of Remediant's founders. The global cybercrime wave facing businesses can be mitigated by proactive privilege access management and Just-In-Time Administration," he said today.
网安团队找钱 / 投资人找网安项目
+微信 junshao
—— 全球网安投融事件 TimeLine ——
2019年8月
【数据安全】Securiti.ai:获融$31M 合规与隐私安全
【终端安全】Cybereason:获融$200M 大数据驱动终端防护
2019年7月
【业务安全】New Knowledge:获融$3M 在线商誉保护
【边界安全】Trinity Cyber:获融$23M 提前拦截外网威胁
【边界安全】Vectra:获融$100M 威胁监测与处置AI
【智能安防】WatchGuard:被Moto系统并购 强化视频安防
【业务安全】Digital Shadows:获融$10M 专注DRP
【整体并购】SkyFormation:被Exabeam并购 加码云安全
2019年6月
【安全测评】SecurityScorecard:获融$50M
【二级市场】CrowdStrike: IPO首日涨幅65% 估值超过$10B
【整体并购】Insight Partners:领投SentinelOne 并购Recorded Future
2019年5月
【威胁情报】BlueVoyant:获融$82.5M 安全托管及威胁情报
【整体并购】Appsulate:被Zscaler并购 布局浏览器安全
【整体并购】Verodin:被FireEye以$250M并购 布局安全测评
【安全管理】Exabeam:获融$75M AI驱动SIEM革新
【威胁情报】ID Agent:被Kaseya并购 布局暗网监控与威胁情报
2019年4月
【身份认证】Cambridge区块链:获融$3.5M 身份认证与合规管理
【整体并购】NetFort:被Rapid7并购 强化流量分析
2019年3月
【整体并购】Azuqua:被Okta以$52.5M并购 加强可视化与自动化
2019年2月
【身份认证】SpyCloud:获融$21M M12领投 ATO
【整体并购】Demisto:被平底锅$560M并购 提升应急自动化
【整体并购】Luminate:被赛门铁克$200M并购 加码云安全
【数据安全】Illumio:获融$65M JP摩根领投 自适应分片
【应用安全】Signal Sciences:获融$35M 加码Web应用安全
2019年1月
【身份认证】OneLogin:获融$100M 企业级身份认证
【网络安全】360企业安全:获融¥9亿 投后估值¥206.5亿
2018年12月
【金融风控】AccessFintech:获融$17.5M 金融网络风控
【整体并购】Arctic Wolf:并购RootSecure 布局网络风险测评
【系统安全】Tigera:获融$30M 致力K8s安全与合规
【企业安全】360企安:获融¥12.5亿 投后估值¥187.5亿
2018年11月
【云安全】Netskope:获融$168.7M 云安全领导者&顶级CASB
【IoT】Dust Identity:获融$2.3M 钻石防克隆安全标签
【整体并购】Bluefyre:Threat Stack将其并购 发力云安全
【业务安全】Shape Security:获融$26M 人工智能防黑客
2018年10月
【整体并购】Dome9:Check Point$175M将其并购 加码云安全
【反欺诈】Area 1:获融$32M 打造根据反钓鱼数量收费新模式
【云安全】Wallarm:获融$8M 提供基于AI的自适应云安全
【数据安全】CybelAngel:获融$12M 致力于DLP
【整体并购】Imperva:Thoma Bravo $2.1B将其并购 致力云安全
【安全管理】CloudKnox Raises:获融 $10.8M 防止权限管理失控
【整体并购】RedLock:平底锅$173M将其并购 布局云安全
【终端安全】Hysolate:获融$18M 混合架构兼顾终端安全与效率
【安全管理】Tanium:以投后$6.5B获融$200M 实时大规模终端安全管理
2018年9月
【网络安全】Darktrace:以投后$1.65B获融$50M 机器学习抵御网络威胁
【移动安全】Shape Security:获得E轮融资 致力于移动应用恶意攻击防护
【网络安全】Protocol 46:获融$1.1M 面向中小企业的军用级深度防御
【整体并购】Bitdefender:并购SMS eTech 加速拓展澳洲市场
【反欺诈】Ravelin:获融$8M 用机器学习对抗电商欺诈
【IoT】HawkEye 360:获融$5.3M 专注射频数据分析
【代码安全】Sonatype:获融$80M 专注开源安全检测