With the spike in data breaches over recent years showing that it’s becoming increasingly difficult for organizations to keep intruders out of their systems, Illusive Networks Ltd. is proposing a new approach to fending off cyberattacks that may just help curve the trend: Combating hackers once they’re already behind the corporate firewall.

That unique value proposition has earned the Tel Aviv-based startup $22 million in a newly announced funding round that tops off an exceptionally profitable month for the Israeli cybersecurity scene. It was only a week ago that SentinelOne Inc. bagged $25 million for its analytic antivirus, while the week before that saw Morphisec Information Security Ltd. receive $7 million to commercialize its zero-day vulnerability mitigation technology.  

But Illusive Networks shares little in common with its recently funded peers besides its location and a hefty bank account, or much of the rest of the security industry for that matter. The startup’s platform puts a new spin on the tried-and-tested concept of a honeypot that involves implementing a bait – which takes an innocent form like a few additional folders in a directory – at every stop of attack path.

That means the chance of a hacker stumbling into a honeypot increases the deeper they manage to advance into an organization’s network. The trick is a built-in machine learning capability that enables the platform to adapt each trap to its surroundings, meaning false folders in a system belonging to, say, an accounting department will bear finance-themed titles.

Illusive Networks chief executive Shlomo Touboul said in an interview following his startup’s first $5 million funding round earlier this year that this contextualization enables his startup’s platform to catch hackers after an average of three hops. That’s potentially big enough of a window to steal quite a few files, but puts the rest of a company’s data beyond harm’s reach.

After a honeypot is triggered, Illusive Networks’ platform closes the trap around the hacker and alerts security administrators, who have two options to respond. They can either block the attack outright, or allow the intruder to dig themselves deeper into the pit of false records and directories generated by the software in order to gain a better understanding of their motives.

The new $22 million from New Enterprise Associates and Illusive Networks’ existing backers, among them Eric Schmidt’s Innovation Endeavors, will help expand its marketing operations to increase adoption. NEA general partner Kittu Kolluri is joining the board as part of the investment.

Image via JavadR