Corelight closes $9.2M Series A to help enterprises battle ransomware

Its already been a year of multiple high profile ransomware attacksand now cybersecurity startup Corelight has bagged a $9.2 million Series A round, led by Accel Partners. Osage University Partners and Riverbed Technology Co-founder Dr Steve McCanne also participated in the round.

Preventing ransomware is among the listed use-cases for the startups first product, the Corelight Sensor, which it describes as a flight data recorder for its target enterprise customers networks allowing them to quickly and easily go back in time to try to understand sophisticated cyber attacks.

As well asinvestigating and preventing ransomware, the product aims to address other security threats including denial of service, unauthorized access, misconfiguration, abuse, exfiltration of data, malware infection, insider threat, port scanning, advanced persistent threat, plus phishing and other mail-based attacks or incidents.

Corelights investment comes against a backdrop of existing enterprise market traction for its network visibility products whichare themselves built atop a widely used open source framework (called Bro) which co-founderDr Vern Paxson began developing all the way back in 1995 when he was working at the Lawrence Berkeley National Laboratory. Users of the Bro framework are slated to include Amazon andDeloitte.

The teams route for commercializing their open source framework is via Corelights turn-key solutions forenterprise network visibility which they say reduce deployment time and complexity.

The Corelight Sensor also offers paying customers a comprehensive API; enterprise integrations for Splunk, Amazon S3 and Kafka; performance optimizations yielding 3-4x higher data processing throughput compared to standard servers; a high performance FPGA-based network interface card; optimized file extraction and log filtering.

Commenting on the Series A in a statement, Accels Eric Wolford, said: We often invest in very widely-used open source projects. But its uncommon for them to have much enterprise market traction. And whats highly unusual for a Series A company like Corelight is to have a shipping product built on battle-hardened open source software and dozens of paying customers including six of the Fortune 100, plus one of the largest private companies in the US. Ive never seen that before.

Corelight said the Series A funding will be used to accelerate its growth plans to meet market demand for its products through investments in sales, marketing and engineering.

Were busy working on a series of new features customers are asking for so they can focus effort away from sensor management and towards higher-value activities like data analysis, threat hunting and incident response, noted Greg Bell, CEO of Corelight, in a statement.

We help our customers solve cybersecurity problems faster than they can today, often decreasing the time to resolve incidents from hours and days down to minutes. This new investment will accelerate our progress.

Prior to taking in VC funding, the San Francisco-based company has been supported by an SBIR grant, while the Bro project was initially funded by the National Science Foundation at the International Computer Science Institute.

Read more: