In the old days, startups would pull together funding from a small group of early “angel” investors and rush to get a product – any product- to market as soon as possible. The idea was to prove viability in the hopes of attracting larger investments that would let you actually develop the product you really want to sell.
vArmour said its product is the first designed specifically to spot malicious activity within virtual data centers and stop so-called ‘lateral movement’ by malicious actors.
But that doesn’t work well for companies that want to solve really hard problem. Such projects, justifiably, need a longer runway that isn’t suited to vaporware or rapid product iteration.
vArmour Networks, a Mountain View-based startup that emerged from “stealth” mode yesterday, is a good example of that latter kind of start-up. The company has already raised $42 million in three rounds, dating back to January, 2013. It is offering technology to tackle a vexing product: how to secure the information flowing within and between the growing ranks of virtual data centers.
With venture backing, top-flight management and (to hear vArmour tell it) customers and sales teams around the world, the company’s launch on Tuesday was more an ‘uncloaking’ worthy of Star Trek than an ‘unveiling’ in the traditional sense.
“This is about answering the question of ‘what happens when security meets virtualization,’” vArmour CEO Tim Eades told The Security Ledger.
As Eades sees it: existing data center security products by the likes of Juniper, Cisco and others are “dead men walking”: hardware bound and ill-suited to the dynamic environment of virtual data centers.
“The traffic flows are different in a virtual datacenter. There’s a fine line between suspicious and malicious and you can have low profile incidents that can navigate to high-profile incidents very quickly,” he said.
Eades said vArmour’s technology defends what his company calls a “data defined perimeter.” It gives virtual data center operators a way to do visibility, control and remediation within virtual environments – stopping sophisticated attackers that might use access to a low-value asset to move laterally and take control of critical IT assets.
The company’s technology has been called a kind of “software defined security.” In a nutshell, it relies on a distributed network of sensors that can run in-line our out-of-band within virtual environments as well as hybrid environments that contain both virtual, multi-tenanted systems and physical, single tenanted devices.
vArmour’s sensors are topology and infrastructure agnostic and provide full sensing control and enforcement through Layer 7. The company’s ‘sensors’ sit next to virtual containers and systems that handle actual workload and monitor their activity, providing threat correlation and context for anything that’s happening within each container. In the case of traditional servers, vArmour’s software runs as a kind of ‘bare metal’ hypervisor directly on the host hardware, Vice President of Product Keith Stewart told The Security Ledger.
Eades said the vArmour model has real benefits for companies that need to scale threat detection across a large and fast growing virtual infrastructure. Its technology was designed with virtual data centers in mind, and can leverage that scale and data analytics to provide superior threat correlation. Also, the company’s platform offers customers the advantages of what Eades calls ‘cloud economics.’ Namely: utility style pricing that allowing customers to pay for just what they use.
Unlike ‘advanced threat detection’ competitors like FireEye, Eades said vArmour’s ability to work inline means the company can do remediation and control, not just identification. Integration with third-party products come by way of standard APIs.
vArmour was founded in 2011 by former senior NetScreen employees Roger Lian and Michael Shieh. CEO Tim Eades joined in 2013. Eades was formerly the CEO of Silver Tail Systems, a fraud detection firm that was acquired by RSA, the security division of EMC. The company received $6 million in A-round financing from Highland Capital Partners on top of $2 million in angel funding in January, 2013. That was followed by a $15 million B-round by Menlo Ventures in December, 2013 and a $21 million C-round in August with Work-Bench, Citi Ventures and Columbus Nova Technology Partners signing on.
Stewart said the company will be using its recent funding (vArmour announced a $21m series C on August 20) to further develop its analytics capabilities, with the goal of detecting and spotting suspicious and malicious activity within virtual environments that’s indicative of ‘lateral movement’ – attackers’ efforts to move from one compromised host to a target system within an environment.
“This is a pretty horizontal problem. The benefits today come down to those who build bigger and bigger data centers. There are just tons of business agility benefits and cost savings. But you need security controls,” he said.