RevealSecurity accelerates detection of malicious activities in enterprise apps

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!

RevealSecurity, a provider of application detection and response, today announced a $23 million series A funding round geared towards safeguarding enterprise applications from malicious insider and impostor activities.

Many organizations are migrating mission-critical functions from on-premises to software-as-a-service (SaaS) and cloud. According to a Gartner survey, the COVID-19 pandemic and the rise of digital services have made the cloud the focal point of future digital experiences. According to the survey, by 2025, more than 85% of organizations will have adopted a cloud-first strategy and will be unable to completely implement their digital plans without the use of cloud-native architectures and technologies.

This market-wide shift, alongside an increasing tendency of employees working remotely as another result of the pandemic, has increased the attack surface for imposters and trusted users. While cloud services provide a number of advantages, like scalability, efficiency and cost savings, they are also a top target for hackers, according to Kaspersky.

According to ESG, 40% of organizations perform attack surface management because their attack surface is expanding. The report also added that 67% of organizations claimed that their attack surface has expanded in the last two years. One of the causes, which accounts for around 32% of organizations, is the use of public cloud infrastructure. Additionally, the use of software-as-a-service (SaaS) applications and services accounts for 30% of the attack’s causes, while a growth in remote employees accounts for 28%.

As a result of this trend, there is a higher demand for solutions that can effectively monitor user actions and detect business process attacks across many applications. According to Kaspersky, the average cost of a data breach is $3.86 million; in order to avoid a financial loss of that magnitude, organizations must take precautions to protect themselves against cloud threats.

Existing detection solutions of malicious activities in the application layer are based on rules which are defined by log events and generated by specific applications. However, rule-based solutions, according to RevealSecurity, only detect known attack types and generate a significant number of false alerts, necessitating ongoing investment and maintenance. According to a report by Subex, the creation, application and evolution of these rules are based on expert manual involvement. Organizations may not be able to keep one or two steps ahead of attackers when such a solution is implemented.

RevealSecurity claims that its detection solution is application agnostic, evaluating user journeys within and across various apps, including SaaS, cloud, and custom-built ones. According to the company, it built an unsupervised patent-pending machine learning algorithm to scan event logs and detect unusual user journeys, which has helped it grow its international customer base in the banking, insurance, healthcare, and utility sectors.

The five stages of the user journey demonstrate that it’s best to examine user behavior at each level to figure out where they get stuck. According to Gartner, 30% of organizations have created customer journey maps but have trouble implementing them. The science of monitoring user behavior across interactions and through time, known as user journey analytics, assesses the impact of user behavior on organization outcomes. This method is gaining traction as organizations see the usefulness of user/customer journeys as a way to track and improve their experience performance. According to Customer Journey Analytics Market Statistics, the global customer journey analytics market was worth $8.3 million in 2020 and is expected to grow to $46.7 million by 2030, a CAGR of 18.8%.

RevealSecurity said its TrackerIQ solution, which is application agnostic, analyzes user journeys in and between different types of applications – SaaS, cloud and custom-built applications. The company claimed that TrackerIQ does not rely on application-specific rules, and is instead powered by innovative user journey analytics, combined with a unique clustering engine to accurately detect abnormal journeys which reflect malicious activities. RevealSecurity added that TrackerIQ provides easy to use investigation tools that allow for a quick understanding of the user’s anomalous journey.

Doron Hendler, CEO and cofounder of RevealSecurity, told VentureBeat in an email interview that TrackerIQ is a “field-proven and unique solution for the detection of malicious insider threat challenges in business applications that does not require the development of rules and has extremely high detection accuracy.” Tracking user journeys, according to Hendler, offers a new level of application activity analysis that is significantly more accurate and extensive than older rule-based and statistical model solutions. He claims that the essence of activities makes no difference to TrackerIQ because it can detect aberrant sessions far more precisely by assessing the activity sequence rather than focusing on each individual action.

TrackerIQ’s precision, according to Hendler, is due to a unique clustering engine that learns all user journeys and profiles. He added that TrackerIQ’s clustering engine and unsupervised machine learning algorithm understand each user’s profile and group them into comparable sessions. According to Hendler, impersonating a user’s typical profiles is far more difficult, and insiders looking to exploit or abuse an application will eventually divert from their normal accounts.

RevealSecurity’s methodology, according to Hendler, has the flexibility to be used in any application because of its agnostic capabilities. This is fundamental to detection, he said, because each application has a unique format flow and set of activities. RevealSecurity belongs to a new category of application detection and response, with no competitors offering a universal solution for application detection that works across a wide range of apps, including custom-built applications, Hendler added.

SYN Ventures is leading the round, with participation from Hanaco Ventures, SilverTech Ventures and World Trade Ventures. The funding will be used to accelerate RevealSecurity’s global expansion and product development.

Originally appeared on: TheSpuzz