Around 80% of security breaches now revolve around the manipulation of compromised identities, according to CrowdStrike’s 2023Threat Hunting Report, and 62% among those cases involve the misuse of valid accounts, while 34% involved domain or default accounts being exploited.
The likes of ransomware, account takeover, session hijacking and online fraud are a problem, and one company on a mission to address this issue is SpyCloud.
SpyCloud’s products provide actionable insights, enabling enterprises to proactively prevent ransomware, account takeovers and consumer fraud. They also assist in investigating cybercrime incidents. The unique data they gather from breaches, malware-infected devices, and underground sources supports popular dark web monitoring and identity theft protection services.
SpyCloud serves numerous global enterprises, mid-sized companies, and government agencies, protecting over four billion accounts globally. In recent years, the company secured a $30 million Series C funding round in 2020, tripled its revenue and created solutions to mitigate new and prevalent cyberattacks. Its partnerships include popular identity monitoring services and MSSPs that leverage SpyCloud’s analytics to deliver ongoing value to consumers and businesses of all sizes.
Still on track of its original mission, SpyCloud recently closed a $110 million growth round commitment of primary and secondary capital (led by Riverwood Capital, a global investor in high-growth technology companies).
With the newly acquired funding, SpyCloud intends to accelerate progress in various domains, including Enterprise Protection, Consumer Risk Protection and Investigations. In addition, they are poised to unveil solutions that effectively counter authentication bypass attempts, safeguarding both enterprises and consumers from the compromise of their passkeys.
An integral aspect of their strategy involves expanding their renowned repository of recaptured malware assets. By doing so, they aim to equip their customers and partners with novel insights that empower them to proactively tackle the most sophisticated cyber threats prevalent today.
Another focus point is the advancement of their analytic capabilities. They are working toward establishing connections between instances of personal and corporate identity and authentication data exposure. This initiative is geared toward fostering a security approach centered around identity, transcending the conventional limitations of device-centric approaches adopted by many corporate security teams.
Furthermore, SpyCloud is strengthening its portfolio of integrations. Building upon existing collaborations with key players like Active Directory, Okta, and Tines, they aim to forge partnerships with prominent tools in identity management, incident response, orchestration, and directory services. Adding to that, SpyCloud is set to expand their global go-to-market teams to assist organizations in effectively adapting to the evolving cybersecurity landscape.
“As authentication methods improve, businesses need to adjust their defenses to keep up with criminals’ new behavior,” said Ted Ross, SpyCloud CEO and co-founder. “SpyCloud allows you to do just that, and we will continue to illuminate and resolve the most critical risks facing security teams today, stopping attacks they haven’t been able to see coming.”
Edited by
Alex Passett
