Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    BitSight Raises $40M to Grow Its Security Ratings Service

    By
    SEAN MICHAEL KERNER
    -
    September 15, 2016
    Share
    Facebook
    Twitter
    Linkedin
      BitSight

      Security ratings company BitSight Technologies announced on Sept. 15 that it has raised $40 million in a Series C round of funding, bringing total funding to date to $95 million.

      The new funding, which was led by GGV Capital and included the participation of Flybridge Capital Partners, Globespan Capital Partners, Menlo Ventures, Comcast Ventures, Liberty Global Ventures and Singtel Innov8, will be used to help BitSight with its global engineering, marketing and sales efforts.

      “It was a very over-subscribed round, and we could have raised a lot more,” Tom Turner, president and COO of BitSight, told eWEEK. “But we didn’t want to raise more as we have plenty of cash in the bank and we’re not going to start lighting Cuban cigars with $100 bills.”

      Turner said he always wants to make sure that money being raised is being put to effective use. BitSight’s core product is a software-as-a-service (SaaS) security ratings service. BitSight’s customers make use of the ratings to better understand the security of partners and vendors in a quantitative manner.

      The BitSight platform enables a continuous monitoring of security posture that can help reveal potential areas of risk. Turner explained that the data gathered by BitSight doesn’t involve an invasive scan of the company being rated. The collected data includes sources of information about whether an organization has compromised systems as well as overall security hygiene. Security hygiene elements include the status of security certificates and whether an organization’s staff is participating in risky behaviors, including the usage of public file sharing services.

      In terms of data collection, Nagarjuna Venna, founder and chief product officer of BitSight, said his company’s platform doesn’t do any active scanning of specific organizations. Rather, he said, at least 60 percent of the data collected by BitSight comes from the company’s ability to identify compromised systems within an organization without ever actually being inside the compromised organization’s network.

      “We use various techniques to identify malware compromises and botnet infections inside of a company,” Venna told eWEEK. “Basically, we use sinkholes to identify malware, and we can also identify what machines have been compromised by the malware.”

      A security sinkhole is a legitimate-looking server set up by researchers to attract malicious botnet traffic. Venna said that many companies assume that if they implement security best practices, including network and endpoint security technologies, they will have good security outcomes.

      “What we’re actually trying to do at BitSight is to verify if the organization really is getting a good security outcome,” he said. “So a lot of the data that we collect will show if the people, technologies, policies and procedures used by a company are actually working.”

      The fact that a given company has been compromised isn’t the only important metric that BitSight measures. Venna said that BitSight also looks to discover how long it takes an organization to recover from a compromise.

      BitSight has sensors distributed across the internet. The back-end infrastructure stack includes a Hadoop cluster and makes use of Apache Spark for big data processing. The back-end server infrastructure runs mostly on Amazon’s cloud, Venna noted.

      While BitSight rates other companies’ relative security posture, it doesn’t shy away from rating itself.

      “We have an interesting rating for ourselves, since one of the things we do at BitSight is malware research,” Venna said. “So some of the people in our research teams are visiting malware sites so they can download samples, and some of that gets caught up in our sinkhole and it impacts our rating.”

      Looking forward, Venna said that the focus is to help organizations make use of BitSight ratings as part of day-to-day operations and processes.

      With the Series C round of funding in hand, Turner said he plans on hiring another 90 to 120 people in the next 12 months to help grow the company.

      “Our vision is to be the standard in the industry for security ratings,” Turner said.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×