Corelight closes $9.2M Series A to help enterprises battle ransomware


It’s already been a year of multiple high profile
ransomware attacks
 and now cybersecurity startup
Corelight has bagged a $9.2
million Series A round, led by Accel Partners. Osage University
Partners and Riverbed Technology Co-founder Dr Steve McCanne
also participated in the round.

Preventing ransomware is among the listed use-cases for the
startup’s first product, the Corelight Sensor, which it
describes as a “flight data recorder” for its target enterprise
customers’ networks — allowing them to “quickly” and “easily”
go back in time to try to understand sophisticated cyber
attacks.

As well as investigating and preventing ransomware, the
product aims to address other security threats — including
denial of service, unauthorized access, misconfiguration,
abuse, exfiltration of data, malware infection, insider threat,
port scanning, advanced persistent threat, plus phishing and
other mail-based attacks or incidents.

Corelight’s investment comes against a backdrop of existing
enterprise market traction for its network visibility products
— which are themselves built atop a widely used open
source framework (called Bro) which co-founder Dr Vern
Paxson began developing all the way back in 1995 when he was
working at the Lawrence Berkeley National Laboratory. Users of
the Bro framework are slated to include Amazon
and Deloitte.

The team’s route for commercializing their open source
framework is via Corelight’s turn-key solutions
for enterprise network visibility which they say reduce
deployment time and complexity.

The Corelight Sensor also offers paying customers a
“comprehensive” API; enterprise integrations for Splunk, Amazon
S3 and Kafka; performance optimizations yielding “3-4x higher
data processing throughput compared to standard servers”; a
“high performance” FPGA-based network interface card; optimized
file extraction and log filtering.

Commenting on the Series A in a statement, Accel’s Eric
Wolford, said: “We often invest in very widely-used open source
projects. But it’s uncommon for them to have much enterprise
market traction. And what’s highly unusual for a Series A
company like Corelight is to have a shipping product built on
battle-hardened open source software and dozens of paying
customers including six of the Fortune 100, plus one of the
largest private companies in the US. I’ve never seen that
before.”

Corelight said the Series A funding will be used to accelerate
its growth plans to meet market demand for its products through
investments in sales, marketing and engineering.

“We’re busy working on a series of new features customers are
asking for so they can focus effort away from sensor management
and towards higher-value activities like data analysis, threat
hunting and incident response,” noted Greg Bell, CEO of
Corelight, in a statement.

“We help our customers solve cybersecurity problems faster than
they can today, often decreasing the time to resolve incidents
from hours and days down to minutes. This new investment will
accelerate our progress.”

Prior to taking in VC funding, the San Francisco-based company
has been supported by an SBIR grant, while
the Bro project was initially funded by the National Science
Foundation at the International Computer Science Institute.


Featured Image: Bryce Durbin

Leave a Reply

%d bloggers like this: