Fortscale raises $7M for its self-learning insider threat detector

data-1590455_1920

Hackers employ a variety of tactics to target corporate infrastructure, but most successful attacks have one thing in common: They exploit legitimate user credentials to access data. It’s a vector that Fortscale Security Ltd. has spent the past five years trying to close.

To fuel its efforts, the startup today announced that it has raised $7 million in funding from a group of investors led by security-focused fund Evolution Equity Partners and Valor Capital Group. They were joined by several of the backers that contributed to Fortscale’s previous two rounds, including Intel Corp.’s venture capital arm. The firm has raised a total of $23 million to date from seven funds.

What drew the chip giant and the other investors on the list to Fortscale is its threat detection platform, which employs machine learning technology to detect when login credentials are used in a suspicious manner. One of the system’s biggest selling points is that it doesn’t require security professionals to manually define rules for when an action should be flagged as traditional alternatives do. Instead, its algorithms automatically evaluate user behavior based on a combination of some 50 security criteria and historical activity data.

This approach enables Fortscale’s platform to spot not only hacking attempts but also cases where it’s authorized users who are to blame for suspicious activity. When a positive hit is detected, the system scores the threat based on its severity to help information technology administrators prioritize their work. The mechanism ensures that potential database breaches and other urgent risks aren’t put on the back burner while the IT department through alerts caused by, say, an oblivious worker printing out an off-limits document.

When an issue does warrant attention, administrators can use Fortscale’s diagnostics dashboard to map out the full scope of the problem. The startup also offers an embedded version called Presidio that enables companies to plug its detection capabilities into the third-party security platform they prefer to use for tackling breaches. It hit general availability in conjunction with today’s funding announcement.

Source: Pixabay