Categories
Security

Google now owns Mandiant, the firm that found SolarWinds

Google has completed its acquisition of Mandiant, bringing a major name in cybersecurity under the tech giant’s ever-growing umbrella.

The $5.4 billion acquisition, announced in March, was completed on Monday, according to a Google press release. Per details in the release, Mandiant will keep its own brand while operating under the Google Cloud branch of its new parent company. Google Cloud is the cloud computing platform offered by Google and provides cloud computing and data storage infrastructure for other companies to build products on top of.

Mandiant is best known for uncovering the SolarWinds hack, a massive Russia-linked breach that compromised US government agencies including the departments of Homeland Security, State, Defense, and Commerce.

In a blog post, Google Cloud CEO Thomas Kurian highlighted Mandiant’s threat intelligence expertise and said that Google intends to combine that with its enormous data processing and machine learning capabilities to protect customers from cyber threats.

“Our goal is to democratize security operations with access to the best threat intelligence and built-in threat detections and responses,” Kurian wrote. “Ultimately, we hope to shift the industry to a more proactive approach focused on modernizing Security Operations workflows, personnel, and underlying technologies to achieve an autonomic state of existence – where threat management functions can scale as customers’ needs change and as threats evolve.”

Google already has significant threat intelligence capabilities, with perhaps the best known among them being the Threat Analysis Group (TAG) — a team that tracks and counters state-backed hacking attempts. But the Mandiant acquisition will add hundreds more expert threat analysts to Google’s ranks, lending even more security proficiency to shore up Google’s cloud offerings.

Microsoft was also rumored to be considering an acquisition deal to buy Mandiant earlier this year but was beaten to the punch by Google in a sign of the growing importance of the cloud security market.

Kevin Mandia, CEO of Mandiant, wrote in a blog post that, in a threat landscape where “criminals, nation states, and plain bad actors bring harm to good people,” the acquisition would improve his company’s ability to respond.

“By combining our expertise and intelligence with the scale and resources of Google Cloud, we can make a far greater difference in preventing and countering cyber attacks, while pinpointing new ways to hold adversaries accountable,” Mandia said.

Repost: Original Source and Author Link

Categories
AI

Legal chatbot firm DoNotPay adds anti-facial recognition filters to its suite of handy tools

Legal services startup DoNotPay is best known for its army of “robot lawyers” — automated bots that tackle tedious online tasks like canceling TV subscriptions and requesting refunds from airlines. Now, the company has unveiled a new tool it says will help shield users’ photos from reverse image searches and facial recognition AI.

It’s called Photo Ninja and it’s one of dozens of DoNotPay widgets that subscribers can access for $36 a year. Photo Ninja operates like any image filter. Upload a picture you want to shield, and the software adds a layer of pixel-level perturbations that are barely noticeable to humans, but dramatically alter the image in the eyes of roving machines.

The end result, DoNotPay CEO Joshua Browder tells The Verge, is that any image shielded with Photo Ninja yields zero results when run through search tools like Google image search or TinEye. You can see this in the example below using pictures of Joe Biden:

Before Photo Ninja, you get plenty of results from Google Image Search (top) and TinEye (below).
Image: DoNotPay

After Photo Ninja, the image yields no results in reverse image searches.
Image: DoNotPay

The tool also fools popular facial recognition software from Microsoft and Amazon with a 99 percent success rate. This, combined with the anti-reverse-image search function, makes Photo Ninja handy in a range of scenarios. You might be uploading a selfie to social media, for example, or a dating app. Running the image through Photo Ninja first will prevent people from connecting this image to other information about you on the web.

Browder is careful to stress, though, that Photo Ninja isn’t guaranteed to beat every facial recognition tool out there. When it comes to Clearview AI, for example, a controversial facial recognition service that is widely used by US law enforcement, Browder says the company “anticipates” Photo Ninja will fool the company’s software but can’t guarantee it.

In part, this is because Clearview AI probably already has a picture of you in its databases, scraped from public sources long ago. As the company’s CEO Hoan Ton-That said in an interview with The New York Times last year: “There are billions of unmodified photos on the internet, all on different domain names. In practice, it’s almost certainly too late to perfect a technology [that hides you from facial recognition search] and deploy it at scale.”

Browder agrees: “In a perfect world, all images released to the public from Day 1 would be altered. As that is clearly not the case for most people, we recognize this as a significant limitation to the efficacy of our pixel-level changes. Hence, the focal point and intended use case of our tool was to avoid detection from Google Reverse Image Search and TinEye.”

DoNotPay isn’t the first to build this sort of tool. In August 2020, researchers from the University of Chicago’s SAND Lab created an open-source program named Fawkes that performs the same task. Indeed, Browder says DoNotPay’s engineers referenced this work in their own research. But while Fawkes is a low-profile piece of software, very unlikely to be used by the average internet consumer, DoNotPay has a slightly larger reach, albeit one that is still limited to tech-savvy users who are happy to let bots litigate on their behalf.

Tools like this don’t provide a silver bullet to modern privacy intrusions, but as facial recognition and reverse image search tools become more commonly used, it makes sense to deploy at least some protections. Photo Ninja won’t hide you from law enforcement or an authoritarian state government, but it might fool an opportune stalker or two.

Repost: Original Source and Author Link

Categories
AI

Microsoft acquires cybersecurity firm RiskIQ for $500M

Join executive leaders at the Data, Analytics, & Intelligent Automation Summit, presented by Accenture. Watch now!


Microsoft has reached a deal to acquire RiskIQ, a San Francisco-based provider of cybersecurity services, including malware and spyware monitoring and mobile app security.

“Today, Microsoft is announcing that we have entered into a definitive agreement to acquire RiskIQ, a leader in global threat intelligence and attack surface management, to help our shared customers build a more comprehensive view of the global threats to their businesses, better understand vulnerable internet-facing assets, and build world-class threat intelligence,” Microsoft VP for cloud security Eric Doerr said in a blog post announcing the deal on Monday.

RiskIQ’s services and solutions will join Microsoft’s suite of cloud-native security products, including Microsoft 365 Defender, Microsoft Azure Defender, and Microsoft Azure Sentinel, Doerr said. RiskIQ’s services include global threat intelligence crowdsourced through the company’s PassiveTotal community of security researchers. RiskIQ uses machine learning applications to analyze threats and “gain context into the source of attacks, tools and systems, and indicators of compromise to detect and neutralize attacks quickly,” Doerr said.

Microsoft did not reveal terms of the deal, but Bloomberg reported that the company will pay “more than $500 million in cash” for RiskIQ, according to unnamed sources.

Better protection in the cloud

Doerr said the acquisition would help Microsoft provide better protection to organizations running applications and infrastructure across multiple clouds and hybrid cloud environments. He said RiskIQ “helps customers discover and assess the security of their entire enterprise attack surface — in Microsoft cloud, AWS, other clouds, on-premises, and from their supply chain.”

RiskIQ was founded in 2009 and is a member of the Cloud Security Alliance (CSA). The company lists CrowdStrike, ElastiFlow, Splunk, ServiceNow, and Palo Alto Networks among its partners and has a solution provider partner channel that includes a managed security service provider (MSSP) program.

Microsoft will “continue to support, nurture, and grow” RiskIQ’s partner channel and customer base after the deal closes, Doerr said.

RiskIQ cofounder and CEO Elias Manousos said in a statement that he was “thrilled to add RiskIQ’s Attack Surface and Threat Intelligence solutions to the Microsoft Security portfolio, extending and accelerating our impact.”

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Repost: Original Source and Author Link

Categories
AI

API vulnerability detection firm Salt Security raises $70M

Elevate your enterprise data technology and strategy at Transform 2021.


API discovery and vulnerability detection platform Salt Security today raised $70 million in a series C funding round led by Advent International. The Palo Alto, California-based startup says it plans to use the capital to expand its global operations across R&D, sales and marketing, and customer success.

Application programming languages (APIs) dictate the interactions between software programs. They define the kinds of calls or requests that can be made, how they’re made, the data formats that should be used, and the conventions to follow. As over 80% of web traffic becomes API traffic, APIs are coming under increasing threat. Gartner predicts that by 2022, API abuses will move from an infrequent to the most frequent attack vector, resulting in data breaches for enterprise web apps.

Salt’s platform aims to prevent these attacks with a combination of AI and machine learning technologies. It analyzes a copy of the traffic from web, software-as-a-service, mobile, microservice, and internet of things app APIs and uses this process to gain an understanding of each API and create a baseline of normal behavior. From these baselines, Salt identifies anomalies that might be indicators of an attack during reconnaissance, eliminating the need for things like signatures and configurations.

“I’m a former elite cybersecurity unit veteran that led development of high-end security systems to protect the largest network in Israel of the Israel Defense Forces and the government,” cofounder and CEO Roey Eliyahu told VentureBeat via email. “During my service and afterwards in different roles, I consistently found that APIs were surprisingly simple to hack and that existing security technologies could not identify API attacks. I joined forces with my cofounder and COO, Michael Nicosia, to build Salt Security on the premise that we needed to take a fundamentally different approach — to use big data and AI to solve the problem of securing APIs, a problem traditional security tools cannot solve because of their legacy architectures.”

Salt Security

Above: The web dashboard for the Salt Security platform.

Image Credit: Salt Security

Salt leverages dozens of behavioral features to identify anomalies. Its machine learning models are trained to detect when an attacker is probing an API, for instance, because this deviates from typical usage. They analyze the “full communication,” taking into consideration factors like how an API responds to malicious calls. And they correlate attacker activity, enabling Salt to connect probing attempts performed over time to a single attacker, even if the perpetrator attempts to conceal their identity by rotating devices, API tokens, IP addresses, and more.

Confirmed anomalies trigger a single alert to security teams with a timeline of attacker activity.

“APIs connect all of today’s vital data and services. Organizations rely on the Salt Security API Protection Platform to identify API security vulnerabilities ahead of launching them in production,” Eliyahu said. “These remediation insights enable companies to move fast in their application development while still reducing risk by finding security gaps before they can be exploited. The Salt platform provides runtime protection, blocking attacks such as credential stuffing, data exfiltration, account misuse, and fraud. Salt also helps companies meet compliance needs, providing documentation of all APIs as well as where they expose sensitive data.”

Upward trajectory

Salt takes an approach similar — but not identical — to that of Elastic Beam, an API cybersecurity startup that was acquired by Denver, Colorado-based Ping Identity in June 2018. Other rivals include Spherical Defense, which adopts a machine learning-based approach to web application firewalls, and Wallarm, which provides an AI-powered security platform for APIs, as well as websites and microservices.

But Salt is doing brisk business, with customers like Equinix, Finastra, TripActions, Armis, and DeinDeal. The company, which was founded in 2016, claims to have driven 400% growth in revenue, 160% growth in employees (to more than 65), and 380% growth in the API traffic it secures.

“We have high double-digit numbers of enterprise customers in financial, fintech, insurance, retail, software-as-a-service, ecommerce, and other verticals … For most Salt customers, the pandemic accelerated their digital transformation and cloud migration journeys. Digital transformation depends heavily on APIs, so most of our customers were writing APIs at a much more rapid rate,” Eliyahu said. “Our customer, Armis, for example, had to integrate with many more device types in its internet of things security offering to serve its customers, whose employees were now working from home. Instead of having dozens of APIs to write and protect, the company suddenly had hundreds, and manual testing and documentation efforts simply could not scale, so they needed to deploy Salt earlier and more broadly than originally expected. Several Salt customers experienced a similar acceleration, and our revenue grew faster as a result.”

This latest financing round had participation from Alkeon Capital and DFJ Growth along with investors Sequoia Capital, Tenaya Capital, S Capital VC, and Y Combinator. It brings Salt’s total raised to $131 million to date following a $30 million round in December 2020.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Repost: Original Source and Author Link

Categories
AI

Cybersecurity firm started by ex-spies surges on London market debut

Join Transform 2021 this July 12-16. Register for the AI event of the year.


(Reuters) — Darktrace, a cybersecurity company advised by former MI5 and CIA spymasters, leapt more than 40% on its market debut on Friday, delivering a boost to the London market after the spectacular flop of Deliveroo last month.

The company was priced at 250 pence in the initial public offering, giving it a valuation of just over half the original aim of $4 billion. But it rocketed to 352 pence when trading started, well above the 220-280 pence range set by its bankers when its roadshow began on Monday.

Darktrace uses AI to understand IT networks and then detect attacks by identifying unusual behaviour from within. Its advisory board includes a former director general of the British security service, Jonathan Evans, an ex-CIA chief information officer, Alan Wade, and former UK interior minister Amber Rudd.

“Today is just the beginning,” Chief Executive Poppy Gustafsson said.

The loss-making company, which says it’s presently focused on growth rather than profits, was founded in the English university city of Cambridge in 2013. It is backed by entrepreneur Michael Lynch, who was on its board until 2018 and is still an adviser. He and his wife own stakes worth a total of 440 million pounds after the share debut.

Lynch is fighting a U.S. extradition request to face fraud charges related to the sale of Autonomy, a software company he founded and led, to American tech firm Hewlett-Packard.

He is also waiting for the verdict of a multi-billion dollar civil claim by HP at London’s High Court.

Darktrace detailed the risks related to Lynch in its registration documents, including potential liability in relation to allegations of money laundering made by U.S. prosecutors, although the company said the risk of the latter was low.

Lynch denies all the allegations in the cases. He declined to comment on Darktrace.

Lynch connection

Darktrace’s Gustafsson, who like many of the senior management team previously worked at Autonomy, said investor sentiment was not affected by the Lynch association.

“Ultimately whilst Mike is a visionary technologists and was an early investor in Darktrace, he’s not involved in the day to day running of the business,” she told Reuters this month.

The Lynch connection was, though, enough to deter top-tier U.S. banks from pitching for roles on the IPO, sources have previously told Reuters. UBS was originally appointed as a global coordinator but then stepped down over compliance concerns related to the Autonomy saga, another separate source confirmed to Reuters.

UBS did not respond to a request for comment, while Gustafsson said UBS had their own issues, without elaborating.

Such big bank reticence opened the field for lesser-known names.

Jefferies, Berenberg and KKR Capital Markets, none of which has ever topped equity capital markets (ECM) league tables, were joint-global coordinators.

Jefferies placed ninth in Refinitiv’s first-quarter ECM league tables while Berenberg and KKR Capital Markets didn’t make it into the top 15.

Yet, they succeeded in winning over investors and restoring confidence in London after Deliveroo’s flop in an IPO that involved bulge bracket banks such as Goldman Sachs.

Spooked by Deliveroo

CMC Markets chief market analyst Michael Hewson said Darktrace’s launch was a welcome boost for the London market.

“Given the sharp boost in initial trading there will inevitably be some criticism that the listing was priced too low,” he said. “However given what happened with Deliveroo maybe expectations were adjusted lower by a little too much.”

Darktrace’s advanced technology is used by more than 4,700 companies and organisations, including intelligence services.

The tech company, whose revenue rose from $79.4 million to $199.1 million between 2018 and 2020 but is yet to make a profit, offered 66 million shares in the IPO, valued at 165 million pounds and representing 9.6% of the capital.

It raised gross proceeds of about 143.4 million pounds by selling new shares, excluding any over-allotment option, to accelerate product development and strengthen its balance sheet.

Other investors in the company included Talis Capital, Hoxton Ventures, Summit Partners, KKR, TenEleven Ventures, Insight Partners, Vitruvian and Balderton Capital.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Repost: Original Source and Author Link

Categories
AI

Big data analytics firm Dataminr raises $475M to fund platform expansion

Join Transform 2021 for the most important themes in enterprise AI & Data. Learn more.


Dataminr, a New York-based company specializing in AI that provides real-time information to customers, today announced it has raised $475 million at a post-money valuation of $4.1 billion. The company says the capital will be used to accelerate the growth of its corporate business line, which spans physical safety and security, reputation risk and crisis management, business intelligence, and cyber threat detection. Dataminr also plans to make investments in internationalization, expanding its private and public sector sales footprint across the Europe and Asia Pacific regions.

Data analytics is the science of analyzing raw data to extract meaningful insights. Market Research Future predicts that the global data analytics market will be valued at over $132 billion by 2026. A range of organizations can use data to boost their marketing strategies, increase their bottom line, personalize their content, and better understand their customers. Businesses that use big data increase their profits by an average of 8%, according to a survey conducted by BARC research.

Dataminr, which was founded in 2009 by Yale graduates Ted Bailey, Sam Hendel, and Jeff Kinsey, offers an information discovery platform that detects patterns of emerging events and information from public data signals. While in college, Bailey studied the impact of real-time data on society and was specifically interested in how technologies change the way humans become aware of world events. In 2008, Bailey became fascinated by the new wave of platforms like YouTube and Twitter and realized these tools gave people the ability to capture events as they’re happening. Bailey also realized these platforms might be able to fill in information gaps during events if scaled.

Today Dataminr claims to perform trillions of daily computations across billions of public data inputs in more than 150 languages, drawing on text, images, videos, logs from sensors, and multimodal combinations of these formats from over 100,000 sources, spanning blogs, global and regional social media sites, web forums, local digital media, radio and audio transmissions, the deep and dark web, cyber signals, and internet of things devices.

Dataminr

Dataminr develops products targeting businesses, the public sector, and newsrooms, all of which use a combination of AI to parse the public data it regularly analyzes. Among the techniques the company employs are natural language processing, computer vision, audio processing and classification, and anomaly detection, all of which help surface “high-impact” events and emerging risks in real time. For example, one of the world’s largest airlines uses the platform to detect events that require adjustments in flight schedules, Dataminr says.

“Dataminr has invested highly in deep learning in the last few years, which has enabled the company to pioneer new AI signal detection fields, like multimodal fusion AI, which synthesizes real-time inputs in different data formats into multi-variable event detection models,” a spokesperson told VentureBeat via email. “Dataminr can take advantage of its now over 11-year proprietary data archive, which holds the patterns of how all events were recorded in digital data and serves as the essential foundation upon which Dataminr can continue to train and update its AI models. On average, Dataminr signals on breaking events are delivered to our clients nearly four hours ahead of a wire service like the Associated Press.”

Dataminr first came into the public eye in 2011, when it issued an alert that Osama bin Laden had been killed 23 minutes faster than major news organizations. In 2019, Dataminr claimed to have detected the first signs of the COVID-19 outbreak in Wuhan on local Chinese social media platforms like Weibo and went to identify clusters indicating future spikes in 14 different U.S. states.

But Dataminr has often flirted with controversy. In 2020, the Intercept released a report showing that police departments used the company’s services for surveillance during the George Floyd protests, including accessing social media posts about protest locations and actions. The piece noted that the monitoring seemed at odds with claims from Dataminr that the company would neither engage in nor facilitate surveillance. This followed a string of bad press in 2016, when Twitter cut off geospatial data access for police intelligence centers.

Dataminr

Dataminr’s public image problems haven’t impacted business, though, with the roughly 650-person company reporting a doubling in revenue three years in a row from its corporate enterprise business line. The company’s clients include CNN, USA Today, the United Nations, Airbus, Shell, and the New York City Office of Emergency Management, among others.

“Large corporate clients are always discovering new use cases for our signals as they adopt Dataminr’s platform more broadly across their organization,” Bailey told VentureBeat via email. “As you can imagine, knowing about what is happening in the world faster than ever before possible, and at a scope unparalleled in human history, has a wide range of multi-dimensional use cases for corporate enterprises.”

Existing investors Valor Equity Partners, Morgan Stanley Tactical Value Fund, MSD Capital, The Pritzker Organization, DNS Capital, and Moore Capital Management participated in Dataminr’s latest funding round. It brings the company’s total raised to date to over $1.05 billion, following a $391.6 million series E round in June 2018.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Repost: Original Source and Author Link