As companies get to grips with a wider (and, lately, more enforced) model of remote working, a startup that provides a platform to help track and manage all the devices that are accessing networked services — an essential component of cybersecurity policy — has raised a large round of growth funding.
Axonius, a New York-based company that lets organizations manage and track the range of computing-based assets that are connecting to their networks — and then plug that data into some 100 different cybersecurity tools to analyse it — has picked up a Series C of $58 million, money it will use to continue investing in its technology (its R&D offices are in Tel Aviv, Israel) and expanding its business overall.
The round is being led by prolific enterprise investor Lightspeed Venture Partners, with previous backers OpenView, Bessemer Venture Partners, YL Ventures, Vertex, and WTI also participating in the round. Dean Sysman, CEO and Co-Founder at Axonius, said in an interview that the company is not disclosing its valuation, but for some context, the company has now raised $95 million, and PitchBook noted that in its last round, a $20 million Series B in August 2019, it had a post-money valuation of $110 million.
The company has had a huge boost in business in the last year, however — especially right now, not a surprise for a company that helps enable secure remote working, at a time when many businesses have gone remote in an effort to follow government policies encouraging social distancing to slow the spread of the coronavirus pandemic. As of this month, Axonius has seen customer growth increase 910% compared to a year ago.
Sysman said that this round had been in progress for some time ahead of the announcement being made, but the final stages of closing it were all done remotely last week, which has become something of a new normal in venture deals at the moment. “We’ve all been staying at home for the last few weeks,” he said in an interview. “The crisis is not helping with deals. It’s making everything more complex for sure. But specifically for us there wasn’t a major difference in the process.”
Sysman said that he first thought of the idea for Axonius when at a previous organization — his experience includes several years with the Israeli Defense Forces, as well as time at a startup called Integrity Project, acquired by Mellanox — where he realised the organization itself, and all of its customers, never actually knew how many devices accessed their network, which is a crucial first step in being able to secure any network.
“Every CIO I met I would ask, do you know how many devices you have on your network? And the answer was either ‘I don’t know,’ or big range, which is just another way of saying, ‘I don’t know,’” Sysman said. “It’s not because they’re not doing their jobs but because it’s just a tough problem.”
Part of the reason, he added, is because IP addresses are not precise enough, and de-duplicating and correlating numbers is a gargantuan task, especially in the current climate of people using not just a multitude of work-provided devices, but a number of their own.
That was what prompted Sysman and his cofounders Ofri Shur and Avidor Bartov to build the algorithms that formed the basis of what Axonius is today. It’s not based on behavioural data as some cybersecurity systems are, but something that Sysman describes as “a deterministic algorithm that knows and builds a unique set of identifiers that can be based on anything, including timestamp, or cloud information. We try to use every piece of data we can.”
The resulting information becomes a very valuable asset in itself that can then be used across a number of other pieces of security software to search for inconsistencies in use (bringing in the behavioural aspect of cybersecurity) or other indicators of malicious activity — specifically following the company’s motto, “Know Your Assets, Identify Gaps, and Automate Security Policy Enforcement” — even as data itself may seem a little pedestrian on its own.
“We like to call ourselves the Toyota Camry of cybersecurity,” Sysman said. “It’s nothing exotic in a world of cutting-edge AI and advanced tech. However it’s a fundamental thing that people are struggling with, and it is what everyone needs. Just like the Camry.”
For now, Axonius is following the route of providing a platform that can interconnect with a number of other security products — currently numbering around 100 — rather than building those tools itself, or acquiring them to bring them in house. That could be one option for how potentially it might evolve over time, however.
For now, the idea of being agnostic to those specific tools and providing a platform just to identify and manage assets is a formula that has already seen a lot of traction with customers — which include companies like Schneider Electric, the New York Times, and Landmark Medical, among others — as well as investors.
“Any enterprise CISO’s top priority, with unwavering consistency, is asset discovery and management. You can’t protect a device if you don’t know it exists.” said Arsham Menarzadeh, general partner at Lightspeed Venture Partners, in a statement.
“Axonius integrates into any security and management product to show customers their full asset landscape and automate policy enforcement. Their integrated approach and remediation capabilities position them to become the operating system and single source of truth for security and IT teams. We’re excited to play a part in helping them scale.”