The market for Internet of Things (IoT) cyber-security technologies got a bit more crowded this week, with the launch on June 6 of startup Armis from stealth mode. The company has raised a total of $17 million in funding, from investors Sequoia Israel and Tenaya Capital.
The two co-founders of Armis, CEO Yevgeny Dibrov and CTO Nadir Izrael, are both former members of the elite Unit 8200 Israeli Army Cyber-Intelligence service, which is similar in many respects to the U.S. National Security Agency. The former commanding officer of Unit 8200, Nadav Zafrir, now operates the Team8 cyber-security accelerator, which also invests in new startups, though Team8 did not invest in Armis.
"Armis addresses the IoT blind-spot," Izrael, told eWEEK.
Izrael said that Armis discovers and identifies every device that exists in an environment after which Armis will profile the inventoried devices to make sure that devices are behaving as expected. Izrael said that a core element of the value that Armis bring to the market, is the company's extensive knowledge-base on device profiles and behaviors.
"Part of our 'secret-sauce' is the ability to integrate with an organization's infrastructure to gain visibility into traffic in a passive way," Izrael said. "We're able to identify what's on a network and profile the activities of the devices by observing what is actually going on in an environment."
Izrael said that a key goal for the company is to provide a frictionless approach that makes it easy for organizations to deploy the technology. He added that Armis provides a layered approach that supports an extensive array of infrastructure and doesn't need to be installed everywhere on a network to work.
"We can do our analysis of the traffic very well, so we only need to be deployed at the choke point, instead of needing to be on every device, router or switch," Izrael said.
The Armis technology makes use of both on-premises and cloud deployed technology. Inside an organization, either a virtual or physical appliance is deployed which then connects to the Armis cloud platform, which conducts the analysis.
Going beyond just detecting rogue IoT devices, Armis also offers the promise of being able to control and remediate threats as well. Among the remediation capabilities offered by Armis is the ability to disconnect malicious devices from a network. Armis is also able to integrate with common enterprise networking components, including firewalls and Software Defined Networking (SDN) segmentation tools to help orchestrate configuration to limit a potential attack surface.
The need to understand and control IoT devices has become increasingly obvious in the wake of several recent high-profile security attacks, including the Mirai botnet that first emerged at the end of 2016.
"The Mirai IoT botnet raised the awareness in organizations about the risks of unknown and unmanaged devices," Izrael said.
Now that Armis is officially out of stealth mode, the plan for the company is to grow sales and marketing efforts, as well expand the technology to deal with the evolving threat landscape. Though the company only officially launched this week, Izrael said that it already has paying customers.
"We are deployed right now in over 50 organizations in the U.S. and have 15 paying customers," Izrael said.