We envision a world in which the adversary no longer has the benefit of stealth and surprise, but is instead openly tracked and monitored through a real-time intelligence platform that all companies and organizations have access to. Through clear visibility and real-time tracking, we can turn the tables on threat actors and give network defenders the upper hand.
The company closed a $10 million Series A in 2019 led by AllegisCyber and a $2 million seed round from DataTribe in 2018.
Advanced threat groups hide behind custom tools, signature obfuscation and sophisticated techniques – all of which make it difficult to detect them early enough to prevent widespread compromise and damage.
This unique “outward-in” vantage point allows us to instantly identify new breaches, continually monitor malicious activity and attribute these attacks to the specific malware used and the threat group behind it. It also enables us to predict future attacks on large companies and organizations, by spotting malicious movement within their supply chains.
By evolving the field of cyber intelligence, we are empowering organizations and putting attackers on the defensive. Just as satellite imagery has changed the physical battlefield, our global constellation of covert sensors provides game-changing intelligence on the adversary that can radically transform corporate cyber defense.
We avoid the pitfalls and guesswork of traditional threat intelligence by going directly to the source – the hackers’ own networks. Prevailion’s platform collects active intelligence from “command & control (C2)” servers used by state-sponsored and criminal hackers spread around the world. On a daily basis, we track over one million malware “beacons,” and hundreds of thousands of compromised IPs.
We can see where the adversary actually is – not where we think it is or where it might be. By tracking the servers hackers use to control their malware and other malicious tools, we can see their activities in real-time and find out who they are successfully targeting.
Threat actors can’t operate in the light of day. They depend on stealth and surprise. We remove that from the equation by eliminating their ability to keep these attacks a secret. By aggressively monitoring their activity, and sharing this intelligence with all companies and organizations, we make it harder for threat actors to hunt their prey – particularly through the supply chain.
We aren’t thrown off by fileless attacks, steganography, tunneling and other sophisticated techniques designed to avoid detection. Because we follow the money – i.e., the command-and-control communications which attackers can’t avoid using – we are able to detect compromises that others can’t. By making breach detection instant, we help companies avoid expensive and unrecoverable damages, such as stolen IP.
We make it impossible for threat actors to blind-side companies by sneaking in through the supply chain. By exposing hackers’ initial compromises in the smaller third-party companies that orbit larger corporations, we can show network security teams exactly where the next attack will come from. This predictive capability is a game-changer for cybersecurity, as it gives companies the chance to harden their defenses and cut off access before the attack takes place. In the future, this predictive intelligence could also be used by governments to disrupt criminal networks while they are still in the early stages, before they have a chance to launch massive attacks.
We make it possible to track threat actors, detect breaches instantly and predict future attacks through the supply chain – all of which reduces the burden on an organization’s cyber defense team. By eliminating uncertainty, we make it possible for companies to feel confident about their own security.