Wednesday, February 22, 2012

CrowdStrike launches in stealth-mode with $26 million Series A round led by Warburg Pincus

As I mentioned in a previous post, I was delighted to announce that I had joined Warburg Pincus, a leading global private equity firm focused on growth investing, as an Executive in Residence. So far my time as an EIR at Warburg has been fantastic. The past few months have exposed me to many new companies and technologies that really got my creative juices flowing and pushed me to get back into the start-up game with Warburg Pincus as my partner.
Today, I am proud to announce the stealth-mode launch of my newest venture that I co-founded with Dmitri Alperovitch (CTO) and Gregg Marston (CFO) – CrowdStrike. CrowdStrike is a security technology company focused on helping enterprises and governments protect their most sensitive intellectual property and national security information. Utilizing Big-Data technologies, CrowdStrike is developing a new and innovative approach to solving today’s most demanding cyber-security challenges. CrowdStrike’s core mission is to fundamentally change how organizations implement and manage security in their environment.
Why CrowdStrike:
The seemingly daily barrage of disclosures about companies that have had their crown jewels stolen in recent years reinforced a key principle for us – these companies don’t have a malware problem, they have an adversary problem. Many just don’t know it. Today’s attacks are sophisticated, targeted, and long ranging in scope. Unfortunately, almost every security solution focuses on the tens of thousands of pieces of malware, exploits, and vulnerabilities that are seen in the wild every day. Yet, those are just the interchangeable and, in many cases, disposable tools that the adversaries use to achieve their ultimate objective – theft of intellectual property, trade secrets, and other business proprietary information.
As many of you know the security industry is building “Maginot-line” style of defenses – attempting to prevent all adversaries from getting inside the perimeter of the network or host system. More importantly, a well-financed, trained, and highly determined attacker will always get in. More than likely, they are already in. There is no silver bullet that will stop a determined adversary, so while the security industry attempts to build bigger fences, the enemy is bringing higher ladders to the fight. Moreover, the industry continues to focus on the malware or exploits which is akin to focusing on the gun as opposed to the shooter committing the crime. The person or organization pulling the trigger (or deploying the malware) is the one that you ultimately need to focus on. The type of gun or ammunition they may be using is interesting, but in most cases not strategically relevant.
Based upon investigations we have led, such as Operation AuroraNight Dragon, and Shady RAT, and knowing the limitations of existing technologies, we are horrified at the amount of IP being stolen and financial damage inflicted every day. It is evident that we are dealing with economic predators who are systematically destroying value in countries around the world. Even worse, we may very well see the enemy engage in destructive and disruptive attacks designed to take down critical infrastructure or modify key processes and data in a covert undetectable fashion.
The Missing Link: Attribution & Raising the Costs to the Adversary
Attribution is the key strategic piece missing from all existing security technologies – providing the answer to the “who?” vs. the “what?” Knowing who is after your IP is critical in determining what assets you want to protect and how. Protecting everything is impossible – you may as well be protecting nothing. However, knowing the enemy is the first step in the process of determining the priority of allocation of scarce resources to defend the key assets and tailoring your response to the Tactics, Techniques and Procedures (TTPs) of the adversary. Knowing their capabilities, objectives, and the way they go about executing on them is the missing piece of the puzzle in today’s defensive security technologies. The key to success is raising adversary’s costs to exceed the value of the data they may be trying to exfiltrate and the only way to accomplish that is by forcing them to change the way they conduct the human-led parts of their intrusions, such as reconnaissance, lateral movement, identification of valuable assets, and exfiltration. Other parts of the operation, such as vulnerability weaponization, malware delivery, and command and control can be mass-produced and changed at will with little cost. However, attackers are creatures of habit and while they are fast to change their weapons, they are slow to change their methods. By identifying the adversary and revealing their unique TTPs (i.e. modus operandi), we can hit them where it counts – at the human-dependent and not easily scalable parts of their operations.
The CrowdStrike Mission:
As the President and CEO of CrowdStrike, one of the most exciting aspects of this new venture for me is assembling a “dream team” of security visionaries to address this important mission and challenge. Our team is comprised of people who are “big thinkers” that have the technical prowess to execute and carry out our mission goals without the encumbrances that face legacy security solutions. Our team of visionaries are the rebels who believe the current state of security is fundamentally broken and want to do something about it. More importantly, these are the patriots who are tired of seeing our intellectual property and competitive advantage wiped away under the thinly veiled cover of an Internet address. The recent stories surrounding Nortel provide a shinning example of how the adversaries can embed themselves into a multi-national organization for the better part of a decade without detection while systematically accessing their most coveted intellectual property. If we sit back idly and do nothing about these types of attacks, we certainly face a crisis of epic proportions and economic consequences that we have yet to fully comprehend. CrowdStrike does not accept the status quo, and we intend to do something about it. If you share our passion and vision about this crisis, and believe you have what it takes to join our fight then please send an email to mission@crowdstrike.com. We are looking for kick ass coders, consultants, and experts who like us have been fighting and responding to nation-state targeted intrusions.
I will leave you with one final thought. The ancient Chinese military strategist Sun Tzu in his teachings emphasized the need to “know your enemy”. For if “you know your enemy and know yourself,” he wrote, “you need not fear the result of a hundred battles.” Isn’t it time we apply these simple time honored lessons in the cyber security battlefield of the twenty-first century?
If you would like to keep up with the latest news on CrowdStrike please follow us on Twitter @CrowdStrike.
If you are attending the RSA conference next week, you can look for us at the following events we are speaking at:
Monday February 27: America’s Growth Capital 8th Annual Information Security Conference
Wednesday February 29: RSA Conference

7 comments:

  1. That's awesome news. Congrats to you and your team.

    Adam,
    Orange,CA.

    ReplyDelete
  2. Enjoyed your session(s) at ACG...the new gig sounds exciting and refreshing. Good luck and success!

    Rich Hlavka, Lumension

    ReplyDelete
  3. This comment has been removed by a blog administrator.

    ReplyDelete
  4. Hi George,
    I loved reading this piece! Well written! :)

    jason
    property investment experts

    ReplyDelete
  5. Problem: HP Printer not connecting to my laptop.
    I had an issue while connecting my 2 year old HP printer to my brother's laptop that I had borrowed for starting my own business. I used a quick google search to fix the problem but that did not help me. I then decided to get professional help to solve my problem. After having received many quotations from various companies, i decided to go ahead with Online Tech Repair (www.onlinetechrepairs.com).
    Reasons I chose them over the others:
    1) They were extremely friendly and patient with me during my initial discussions and responded promptly to my request.
    2) Their prices were extremely reasonable.
    3) They were ready and willing to walk me through the entire process step by step and were on call with me till i got it fixed.
    How did they do it
    1) They first asked me to state my problem clearly and asked me a few questions. This was done to detect any physical connectivity issues with the printer.
    2) After having answered this, they confirmed that the printer and the laptop were functioning correctly.
    3) They then, asked me if they could access my laptop remotely to troubleshoot the problem and fix it. I agreed.
    4) One of the tech support executives accessed my laptop and started troubleshooting.
    5) I sat back and watched as the tech support executive was navigating my laptop to spot the issue. The issue was fixed.
    6) I was told that it was due to an older version of the driver that had been installed.
    My Experience I loved the entire friendly conversation that took place with them. They understood my needs clearly and acted upon the solution immediately. Being a technical noob, i sometimes find it difficult to communicate with tech support teams. It was a very
    different experience with the guys at Online Tech Repairs. You can check out their website www.onlinetechrepairs.com or call them on 1-914-613-3786.
    Would definitely recommend this service to anyone who needs help fixing their computers.
    Thanks a ton guys. Great Job...

    ReplyDelete
  6. Is Your VIRUS REMOVAL
    Computer Sluggish or Plagued With a Virus? – If So you Need Online Tech Repairs
    As a leader in online computer repair, Online Tech Repairs Inc has the experience to deliver professional system optimization and virus removal.Headquartered in Great Neck, New York our certified technicians have been providing online computer repair and virus removal for customers around the world since 2004.
    Our three step system is easy to use; and provides you a safe, unobtrusive, and cost effective alternative to your computer service needs. By using state-of-the-art technology our computer experts can diagnose, and repair your computer system through the internet, no matter where you are.
    Our technician will guide you through the installation of Online Tech Repair Inc secure software. This software allows your dedicated computer expert to see and operate your computer just as if he was in the room with you. That means you don't have to unplug everything and bring it to our shop, or have a stranger tramping through your home.
    From our remote location the Online Tech Repairs.com expert can handle any computer issue you want addressed, like:
    • - System Optimization
    • - How it works Software Installations or Upgrades
    • - How it works Virus Removal
    • - How it works Home Network Set-ups
    Just to name a few.
    If you are unsure of what the problem may be, that is okay. We can run a complete diagnostic on your system and fix the problems we encounter. When we are done our software is removed; leaving you with a safe, secure and properly functioning system. The whole process usually takes less than an hour. You probably couldn't even get your computer to your local repair shop that fast!
    Call us now for a FREE COMPUTER DIAGONISTIC using DISCOUNT CODE (otr214425@gmail.com) on +1-914-613-3786 or chat with us on www.onlinetechrepairs.com.

    ReplyDelete