Respond Raises $20M to Advance Automated Response to Cyberattacks

In business sectors such as warehouse operations, automation may put a company’s current employees out of work in some cases. In the cybersecurity sector, automation can take up a multitude of tasks without displacing any staffers—because there aren’t enough qualified humans right now to fill all the jobs. That’s according to Bay Area cybersecurity company Respond Software, whose software is designed to trigger rapid, automated steps to thwart cyberattacks on businesses.

Mountain View, CA-based Respond says security teams at companies these days are overwhelmed with data that flags network breaches—from minor to severe—but there’s a shortage of skilled security analysts to cope with the attacks. Respond announced Tuesday it has raised $20 million to market its Robotic Decision Automation (RDA) software as virtual reinforcements for the human experts. ClearSky Security led the Series B funding round.

Respond says its “Decision-Bots” can speed up the process of identifying the serious cyber intrusions that require urgent attention, and of setting priorities for action. The system makes use of artificial intelligence software, including machine learning; probabilistic modeling; and computing architectures designed for rapid analysis at scale, the company says.

Incident response automation companies such as Respond are trying to help security teams handle the deluge of information provided by cybersecurity firms they’ve hired to hunt for cyberattacks by monitoring everything from their customers’ email and edge devices to the data streaming out of servers and other machines. But attacks are so common that the really threatening breaches can get overlooked amid the noise. Respond sorts through the findings of the other security companies working for its customers, says CEO Mike Armistead, who co-founded the company in 2016.

“Respond’s product is designed to collect ‘evidence’ and determine the likelihood of a situation being malicious and important,’’ Armistead writes in an email exchange with Xconomy. “So, yes, in a way, it’s all about watching alerts from other cybersecurity companies’ sensors. In fact, it makes products from vendors such as Palo Alto Networks, Cisco, Microsoft, and others even more valuable, because it helps separate the wheat from the chaff.’’

Armistead says Respond analyzes raw data as well in the search for hacker invasions.

The company says it provides customers with information that puts each security incident in context, such as the stage of the attack, the assets affected, and the possible vulnerabilities that made it possible.

Respond, with more than 50 employees, currently serves more than 25 paying customers, Armistead says. The company doesn’t disclose its revenue.

Its new capital will be used to advance the commercialization of its automation software. In addition to ClearSky Security, previous Respond investors CRV and Foundation Capital participated in the venture investment. That brings Respond’s fundraising total to $35 million. ClearSky Security managing director Jay Leek will join Respond’s board of directors.

The Bay Area company is competing in an incident response market that could be worth more than $33 billion by 2023, according to a report released last year by research firm MarketsandMarkets. Leaders in the sector include FireEye (NASDAQ: FEYE), CrowdStrike, Deloitte, Symantec (NASDAQ: SYMC), McAfee, and IBM (NYSE: IBM).

But Respond is also part of a subset of cybersecurity businesses that aim to enhance the effectiveness of fellow cybersecurity companies by sifting through the mass of evidence they generate and automating the countermeasures mounted by their joint customers’ defenses. The subset is defined by the term Security Orchestration, Automation, and Response (SOAR), and it includes Demisto, a unit of Palo Alto Networks (NYSE: PANW). The line between SOAR providers and core incident response companies such as FireEye and CrowdStrike is blurred. Just as response automation company Respond also analyzes raw data to detect threats, companies such as Exabeam—which monitors machine-generated data for signs of trouble—also offer SOAR services.

Trending on Xconomy