In-brief: with a $17 million investment from Sequoia Capital and Tenaya Capital, Armis becomes the latest security firm to trace its origins back to the Israel Defense Force’s Unit 8200 and the latest to target Internet of Things risk to the enterprise.
Armis, a start-up with offices in Israel and Palo Alto, said on Tuesday that it received $17 million in venture funding from Sequoia Capital ($5 million) and Tenaya Capital ($12 million) to further technology it says will help enterprises address threats from connected Internet of Things devices. (Correction: an earlier version of this story incorrectly reported the amount of the Sequoia Capital and Tenaya Capital investment. The story has been updated with the correct amount. PFR June 7, 2017.)
The company said it will use the investment to propel sales and marketing efforts for technology, described as an “agentless IoT security platform that lets enterprises see and control any device or network.” The news comes as risks from connected devices like cameras, networked printers, environmental control (HVAC) and smart building systems are attracting notice from both security researchers and corporate boards.
“There’s a huge blind spot around Internet of Things security and visibility,” Yevgeny Dibrov, the CEO and co-founder of Armis told The Security Ledger. Organizations may be missing upwards of 40 percent of the devices that are connected to their corporate network, he said. Among them: smart television sets, wireless printers, security cameras and mobile phones. The healthcare sector is particularly vulnerable, given the wealth of medical devices that sport wired and wireless network interfaces.
Security experts have long warned about the threat posed by vulnerable and Internet connected devices like webcams, consumer broadband routers, digital video recorders (DVRs) and so on. The Mirai botnet attacks of September and October, 2016, gave shape to that fear, as hundreds of thousands of compromised cameras and DVRs combined to launch crippling denial of service attacks. A Mirai attack on the managed Domain Name System (DNS) provider Dyn temporarily blocked access to domains for Amazon.com, Spotify and other leading web sites. Recent botnets, like Persirai, have also been created using compromised devices like cameras.
Dibrov said that denial of service attacks are not the main concern he hears from enterprise customers, however. “What we hear from CIOs and CISOs isn’t about (denial of service attacks) but about access to their network and organization through an Internet of Things asset,” he said.
With research and development based in Tel Aviv, Israel, and headquarters in Palo Alto, Armis is just the latest security firm to come out of Israel. Its founders, CEO Dibrov and CTO Nadir Izrael met when they served together on the selective Unit 8200 of the Israeli Defense Forces – a kind of informal incubator for technology firms. Past Unit 8200 alums include the founders of security firms like Check Point, Imperva, as well as navigation app Waze, which was acquired by Google.
Existing technology firms, including Cisco Systems and Forescout, offer so-called “network access control” (or NAC) technology that vet devices prior to and after connecting to enterprise environments. Such technologies have expanded in recent years to encompass Internet of Things devices as well.
Armis’ Chief Technology Officer Nadir Izrael said that the company distinguishes itself from them with a large database of device profiles that help companies identify with exactness what devices are attached to their network, and how those devices typically behave. For example, Armis can distinguish the make and model of a specific IP enabled camera from hundreds of other IP cameras. That allows companies to know if a particular threat or attack impacts their organization.
He said the company’s technology, which does not require software “agents” to be deployed on monitored devices, is also a plus, especially given the huge number and variety of connected devices that come online every day.
The company employs about 20 experts in its Tel Aviv office and another 10 in Palo Alto focused on sales and marketing. It currently has about 50 proof of concept deployments in the U.S., according to Dibrov.
A number of firms are targeting the Internet of Things space with an eye on the lucrative enterprise marketplace. Senrio, which launched in 2016, uses sensors deployed at network choke points to sniff out embedded systems, fingerprinting the device type, the operating system and so on to make it visible to IT security staff. Firms like Bastille Networks* and Pwnie Express sell technology and tools to help enterprises spot wireless devices that might be operating stealthily on their network.
(*) Bastille Networks is a sponsor of The Security Ledger.