The threat of zero-day attacks is one of the most significant elements in the threat landscape to organizations today.  The potential for damage is vast, it incorporates some of the most difficult challenges in cyber security today. Social engineering, weak passwords, malicious Trojans, and other elements play into this category.  The Ponemon Institute reports that cyber-attacks increased by 42% in 2012.  In that survey, companies reported about two successful attacks per week; and, on average, cybercrime cost them $8.9 million a year, with information theft representing the highest external cost.  An exploit or weakness on some element of an organization’s network can pose a significant threat because there is no existing patch or update for it, thus ‘zero-day’ – and that  threat can linger for long time until that patch is released.   To many organizations, that’s an unacceptable risk, so one company, Cyvera is acting on these threats with a unique cyber security defense system that is designed to stop unknown, zero-day attacks before they can unleash such malicious, harmful activities. Cyvera, is an Israel-based cyber security company that today announced an $11 million round of funding to expand its business. The funding was led by Battery Ventures. Serial entrepreneurs Prof. Ehud Weinstein and Dr. Ofir Shalvi, joined the round as well

Cyvera delivers this system through its flagship product, the Cyvera TRAPS (Targeted Remote Attack Prevention System).  This client-based platform consists of endpoint agents and a centralized Management and Report Center. The agents lay traps and sets barriers across every conceivable path that an attack could take and conduct random action to deceive the attacker.  In addition to stopping an attack and preventing any malicious activity before it occurs, Cyvera has also developed Reflector, an isolated environment for post-prevention study and deep analysis of the prevented attack, based on the forensics evidence collected in the process of prevention.

“We don’t know what the attack will look like, and we don’t even try to, because we understand it is impossible to predict. But we do know every single technique a perpetrator must use to successfully launch an attack. Often these techniques are concealed in innocent looking files like documents, presentations, web links, images and more,” explains Netanel Davidi, Co-CEO of Cyvera.  “With this knowledge we are able to stop the attack in its tracks at a very early stage and by doing so can help our customers evade the effects of zero-day attacks or known attacks on unpatched computers.”

This pro-active approach is unique as it is designed to befuddle intruders rather than block or analyze everything that they are doing right away.  The delay approach then allows the system to block the action before any sensitive information is actually compromised.  It taps in beyond automated security intrusion techniques into the world of the motivated hacker behind the scenes and keeps that attack busy while it is evaluated and is exposing its nature.

Cyvera has built a success-filled record in protecting infrastructure.  TRAPS has been deployed, and has successfully prevented targeted attacks, primarily in finance, energy, chemicals, law-firms, hi-tech and other sectors that operate critical infrastructure or keep sensitive data. In one notable case, Cyvera was deployed at Haifa-Group, a multinational corporation and leader in chemicals, agricultural fertilizer and growing technologies, where a highly sophisticated attack was obstructed before any damage occurred. The early prevention enabled a deep investigation of the attack which led to the identification of the “contractor” who engaged the attack against Haifa Group and several other similar companies.  These are all enterprises with sensitive data, intellectual property, and regulatory situations – exactly the kind of industries that have the most to protect.

What Cyvera offers instead, through its TRAPS (Targeted Remote Attack Prevention System) flagship product, is a client-based platform. As Davidi describes it, this is a 16-point system of controls that, rather than try to block or monitor and identify everything that comes through, it effectively creates obstacles that will stop or slow down malicious intruders enough so that they can subsequently be eliminated before they ever touch sensitive servers. “It’s a unique approach which is that instead of trying to identify attackers, we attract them first.”

Cyvera’s current system offers cyber defense solutions currently work on all types of Windows-based end point and server systems and on top any platform (whether physical or virtual machine, terminal sessions or thin clients).  This follows general trends in the security business, as most zero-day attacks are developed for the leading platform, still they are developing additional operating system support that is planned for release later this year.

The new funding will be used to expand Cyvera’s business and sales operations in the US and to further develop its cyber defense solutions.  That starts with a newly opened San Francisco office.  Cyvera has focused in on the finance sector, as well as healthcare, critical infrastructure and federal markets. The company recently became a partner in McAfee’s Security Innovation Alliance (SIA), a technology partnering program created to accelerate the development of interoperable security products and to simplify the integration of these products within complex customer environments.