Security startup ZeroFox today announced that it has raised $40 million in a Series C round of funding that will help the company grow its social media security technology and go-to-market efforts.
The new funding round was led by Redline Capital Management and Silver Lake Waterman, bringing total funding to date for ZeroFox to $88 million.
ZeroFox’s technology aims to help users and organizations secure their social media accounts from various forms of cyber-attacks. ZeroFox was founded in 2013 and, according to CEO James Foster, has remained true to its core founding vision ever since.
“While our business plan has adapted a little to the market, I feel really good about the fact that we haven’t pivoted from our core vision since day one,” Foster told eWEEK.
In 2013, the company began as a social media security company—a new idea at that time that has become increasingly relevant over the last several years, according to Foster. In 2013, there wasn’t a market for social media security, but in 2015 attacks against social media ramped up. The early adopters of ZeroFox’s security platform were financial services and media firms; since then, adoption has moved into the mainstream across all verticals, he said.
“2015 was a pivotal year for us, when social media attacks really started to happen, and since then attacks, risks and every scam you can imagine has shown up on social media,” Foster said.
Securing social media accounts is a multifaceted challenge for both users and organizations. At the most basic level, a best practice recommended by security experts is to use two-factor authentication (2FA) to help protect access, though according to Foster, that’s not enough to protect against all modern social media threats.
“Saying two-factor authentication is all you need to secure social media is like saying if you just have antivirus on your laptop, you’re good to go,” Foster said. “I think social media represents one of the bigger challenges in IT security right now.”
The use of two-factor authentication can help lock down an individual social media alias from account compromise, but that’s the only risk that it will mitigate, Foster said. The broader threats that are present in social media are fake and spoofed accounts as well as more sophisticated multilevel attacks.
“Just like someone can send you a malicious link via email, an attacker can do the same thing via social media,” Foster said.
A key element of the ZeroFox technology platform is the company’s FoxScript programming language. FoxScript is a JavaScript-based programming language that enables security analysts to write custom rules and policies.
“Not only can we use FoxScript to customize rules based on a very specific customer need, but we have also democratized the process,” Foster said. “So customers can write their own security rules and policies.”
The ZeroFox platform also makes use of advanced machine learning and artificial intelligence capabilities to help protect customers from social media risks. There are multiple machine learning technologies that enable the ZeroFox platform that are exposed via the FoxScript language, according to Foster.
Looking forward, Foster said ZeroFox will continue to add new features and social media risk detection capabilities at a rapid rate.
“We didn’t need this new money to build a new feature; we already have a proven business model in a market that is maturing,” he said. “We just have to keep doing the same things faster, so that’s what we’re going to do.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.