Trust No One: Edgewise Raises $11M to Segment and Secure Networks
[Updated 12:01 pm, 6/11/18. See below.] The retreat underway in cybersecurity from the ramparts of the outward-facing firewall has spurred a crop of tech startups promising answer for the threat of hackers that in many cases can no longer be denied entrance to networks.
This fallback stance has been the adoption of a “zero trust” philosophy for network security. If bad actors can no longer be kept out, the thinking goes, computer systems should assume everything could be malicious until it’s deemed otherwise. Big companies ranging from Cisco (NASDAQ: CSCO), Palo Alto Networks (NYSE: PANW), and VMware (NYSE: VMW) to startups such as Illumio, vArmour, and Guardicore are providing software tools to wall off portions of networks and establish authentication schemes to keep the seemingly inevitable intruder from getting too far once he’s inside the front door.
It’s little surprise then that the cash keeps rolling into this corner of the cybersecurity universe called “micro-segmentation.” Today, startup Edgewise Networks says it has raised $11 million in a venture funding round from a trio of early-stage investors in the Boston area: .406 Ventures, Accomplice, and Pillar.
Burlington, MA-based Edgewise was founded in 2016 by Peter Smith, a veteran of Endeca and Harvard Business School’s IT department, and Harry Sverdlove, former chief technology officer of Carbon Black. Edgewise raised $7 million in July 2017.
The money from the new funding round will be put to use by hiring more engineers and more sales and marketing professionals. Edgewise currently counts 35 employees—double its staff at the time of its last funding—with plans to reach 70 by mid-2020.
“We’ve put three years into perfecting this technology and from my vantage point the focus of this funding, it’s getting it in front of as many people as possible,” Smith tells Xconomy.
The company holds three patents relating to its machine learning-enabled system for micro-segmenting networks, with eight more patents pending approval, he says. One of the selling points, he says, is Edgewise has made advances in automating the process of micro-segmenting a network, which he claims could take months or years of heavily staffed work for other firms.
Humans “can literally land rockets on a barge in the middle of the Pacific Ocean. We can drive door to door without touching an accelerator or brakes. We can search 30 trillion webpages instantly. But it takes 12 to 18 months to micro-segment a network? That’s preposterous,” Smith says. Edgewise “can solve this problem without an army of consultants to do this by hand, by using big data analysis, graph theory, and other machine-learning techniques.”
Smith claims the Edgewise system can take about 72 hours to scan a network, and then seconds to establish policies for users and computing resources and put them into action. It’s done as much for Boston-based real estate law firm Goulston & Storrs and New Jersey-based cloud communications company Vonage (NYSE: VG), he says. It’s unclear whether other companies’ micro-segmenting tools can also work on a timeframe of hours and not days or months. [Clarified timeframe for Edgewise’s initial scanning of a network.]
Edgewise takes a different tack in how it keeps an eye on activity in the network. One way of approaching the task is watching which IP addresses are communicating with each other. But addresses aren’t the most secure or reliable way to keep tabs on what’s going on, Smith says. Instead, Edgewise creates a type of cryptographic fingerprint for applications to track their workloads on a network and give it a clear end-to-end picture of what’s going on in the system. Systems offered by vArmour and VMware promise similar application fingerprinting.
Startups in this corner of the cybersecurity industry are beginning to cluster in Boston. Last month, Israel-based Guardicore announced it would be moving its US headquarters to Boston from San Francisco, citing the availability of talent, the closer proximity to Israel, and the hiring of a Massachusetts-based sales executive.