Cylance Raises $42 Million to Protect Enterprises

Total funding now tops $77 million as Cylance aims to answer the question of how to protect organizations against attacks.

enterprise security

The number 42 has a special significance in Geek culture as the answer to the question of the meaning of life, the universe and everything. For security firm Cylance, $42 million also has special meaning as the dollar amount raised in a new Series C round of funding announced today, with investment from DFJ Growth, KKR, Dell Ventures, CapitalOne Ventures and TenEleven Ventures. This brings total funding to date for Cylance to $77 million.

"What the new money does for us is it will help us to expand on a lot of what we're already doing," Stuart McClure, CEO, president and founder of Cylance, told eWEEK. "Just over a year ago we released our flagship product with Cylance Protect, so now is the time to really hit the gas on sales, marketing and support to really scale up the business."

As to why Cylance raised $42 million and not some other amount, McClure noted that it wasn't just a desire to use the number "42" in a press release. Cylance could have raised $50 million or more, he said, since it has solid products and services and is profitable at this point. However, he emphasized, his primary desire is to accelerate the company's growth as rapidly as possible.

Cylance's core product, Cylance Protect, is a next-generation endpoint security technology. Cylance Protect uses predictive modeling to help organizations identify and protect against risks, according to McClure.

Prior to founding Cylance in 2012, McClure had been at McAfee, which acquired his company Foundstone in 2005. "In my old McAfee days, we would do daily signature updates, as the argument was that attackers are highly advanced and change their tactics every day," he said. "That's basically a bunch of hooey. There is nothing new, and all these cyber-attacks are basically the same. It's just that signature-based detection products can never predict an attack."

Cylance Protect uses a predictive algorithmic approach to endpoint security. The product is trained to understand what is good and what is bad according to McClure.

"We have trained our math model to understand what is bad based on all the past malware samples that have been released, privately or publicly," he said.

In contrast with other vendors' products in the marketplace, Cylance Protect is not using a post-execution engine, McClure said. With a post-execution engine, an attack has to run first, in a sandbox or otherwise, for it to be detected. The Cylance Protect technology uses a pre-execution engine, meaning that the attack never actually runs.

"It really is predicative and looks at the binary before it ever opens and runs and determines if it is malicious," McClure said.

Cylance also has a services business, which includes penetration testing and incident response offerings. McClure noted that his experience building Foundstone taught him that having services is important in the establishment of strategic business relationships with customers. He added that the services side of Cylance will likely grow revenue in the 10 to 20 percent range annually.

"We'll continue to invest and grow our services business, but services are not required to deploy the Cylance Protect product," McClure said.

Looking forward, Cylance will continue to expand its product roadmap with expanded reach and platform support. An Apple Mac OS X client is set to be released in the next few weeks, McClure said.

"The mathematics behind Cylance Protect can also be applied to the Internet of things," he said. "That's probably an area we'll push toward, porting our technology to the tiny world of embedded products."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.