AttackIQ, the leader in the emerging market for continuous security validation, announced $17.6 million in Series B funding led by Khosla Ventures and existing investors including Index Ventures, Salesforce Ventures and Telstra Ventures. This brings AttackIQ’s total funding to approximately $35 million. The company will use the funds to continue development of its continuous security validation platform, increase hiring across all functional areas and further expand field operations. AttackIQ also announced that Brian Byun, partner of Khosla Ventures, has joined the company’s board of directors.
“Since our initial investment in AttackIQ, we have seen the company achieve clear leadership in operationalizing the MITRE ATT&CK™ framework,” states Shardul Shah, partner at Index Ventures and AttackIQ board member. “We are proud to support the management team of AttackIQ. The combination of an obsessive focus on customers, category leadership, and significant momentum will set us up for success in our next chapter of growth.”
The MITRE ATT&CK framework acts as a playbook for the cybersecurity industry, offering a vast knowledge base that allows organizations to clearly see the steps of complex attacks and what procedures are linked to a specific adversary behavior. This cybersecurity lexicon levels the playing field for security teams, letting analysts and purple teams see specific trends between attacks and adversary styles. It allows security executives to think systematically about the adversary environment in which they must establish a security program and to determine if security dollar spend is effective in preventing or detecting all known attacker behaviors. With the broadest implementation of the ATT&CK framework, AttackIQ provides enterprises of all sizes the ability to automate the assessment of their cyber readiness.
“AttackIQ’s unique approach fits our view that effective enterprise security programs require an objective, continuous, and machine-driven approach to pressure test and validate the sprawl of security products and controls,” states Brian Byun, partner of Khosla Ventures. “We believe this market opportunity is huge and that AttackIQ is well positioned to lead the market.”
“AttackIQ is on a mission to fix enterprise security,” states Brett Galloway, CEO of AttackIQ. “We believe that security matters very deeply. A successful cyber attack on critical infrastructure would be devastating. Yet the effectiveness of enterprise security controls is often poor. The missing ingredient is systematic feedback on effectiveness. The best way to deliver this feedback is to emulate attacker behavior and see what the security controls do or, all too frequently, what they don’t do. AttackIQ provides enterprises the information necessary to move from security guesswork to successfully managing the cybersecurity risks that they face, both today and into the future.”