Votiro aims to discover threats by analyzing every object in a file. Votiro's core technology is focused on zero-day exploit discovery in document formats.
Votiro isn't the typical type of security vendor to announce a Series A round of funding. The Israeli security vendor announced on May 25 that it raised $4 million in Series A financing led by Redfield Asset Management.
What makes Votiro somewhat different than a typical Series A candidate is the fact that the company has been in business since 2010 and is already profitable. Typically, a security startup will engage venture funding earlier in its lifecycle than Votiro, which already has products and customers.
"We've been operational and working without external funding, bootstrapping the company," Itay Glick, CEO and co-founder of Votiro, told eWEEK
. "We have achieved a lot, but we want to do more at the global level."
It's hard to grow globally without external funding, Glick said, and that is why he decided to raise a Series A now. Since Votiro has been operational for more than five years and already has revenue, many venture capitalists that he approached didn't know how to handle an investment in the company, Glick said.
The usual cycle for external funding starts with seed funding and a Series A, and a large amount of equity in a company is on the table, Glick explained.
Australia-based Redfield Asset Management was able to figure out how invest in Votiro, even though the company is more mature than a typical Series A candidate, he said. "We have very good market traction in the Asia-Pacific area, which is why it made sense for us to find a VC in that region."
Votiro's core technology is all about zero-day exploit discovery in document formats. The company today has a secure email gateway that helps protect enterprises from threats as well as an API that can extend the technology further.
"The idea is that we know how to dissect a document and remove the active malware content from it," Glick said. "The technology works really fast, at less than one second per file."
From a deployment perspective Votiro has both a cloud version as well as an on-premises appliance of its technology. Email flows through the Votiro appliance, which analyzes in-bound messages and documents for potential risks.
There are multiple approaches in the market today for email and Web-based security, including the use of a sandbox, which aims to isolate running processes from representing a risk to an organization. Glick emphasized that the Votiro approach doesn't use a sandbox approach.
"We're parsing the files, and we analyze each and every object in a file," Glick said. "We don't look just at metadata, as that doesn't provide enough information."
In terms of common document formats like Microsoft Office and Adobe PDF, there are many known exploits that have already been patched by the upstream vendors, but not users. Glick noted that while known exploits are common and Votiro will block those, so too are zero-day exploits. Votiro is always researching different types of new exploit vector to help improve the system, he added.
Votiro is working on a dashboard capability for providing enhanced reporting features.
"We haven't invested much in the past on reporting but we're now headed in that direction," Glick said. "We want to provide more information to organizations about attacks and what users are facing."
Sean Michael Kerner is a senior editor at
InternetNews.com. Follow him on Twitter @TechJournalist