Tag: edge device security

Posted on

TechCrunch Disrupt Battlefield alum Perygee helps secure building operations

While TechCrunch Disrupt Battlefield 2022 is still fresh in our minds, Perygee, a member of the 2020 group, has been helping companies keep their building operations elements secure. It looks at things like HVAC, elevators and sensors; keeping patches up-to-date and searching for vulnerabilities.

Today the company announced a $4.75 million seed round, and the general availability of its self-service tier, which lets companies get started with the product without interacting with a sales team.

Mollie Breen, a former NSA employee, developed the idea for her startup while she was a student at Harvard Business School. “Perygee is a lightweight, complete platform for IoT (Internet of Things) and OT (operational technology) devices,” Breen told TechCrunch.

She sees one of the company’s key differentiators being time to value. “We’re measuring value in minutes, not months, and we’re complete, so we’re bringing together a lot of different security tools from anomaly detection to vulnerability detection across the entire security stack.”

She says the devices her company looks to secure are tough to track because they are often out of the purview of the IT or security teams, yet they interact with the network, and they can be vulnerable to attack. It leads to security blind spots that Perygee is trying to shed some light on.

“What we saw over the past 24 months is that that these blind spots aren’t unique to just HVAC devices and security cameras. It actually applies to all devices. So every IoT-OT device has a physical presence that is managed by some non-security stakeholder, whether it’s facilities or an operations team member like an industrial engineer on a manufacturing floor or a clinical engineer on the hospital floor,” she said.

To help get going quickly, the company has created a no-code workflow tool to automate common security tasks like patching. The automation also helps facilitate coordination between these often disparate teams from building and facilities operations and the network and security teams to make sure that these tasks don’t fall between the cracks.

Perygee workflow and data screens.

Image Credits: Perygee

Today, the product is managing 30,000 devices, and the startup has 7 employees. Breen says that as a female founder, she is particularly aware of building a diverse company from the cap table to the board to the workforce.

When we spoke to her about her $1.75 million pre-seed round at the end of 2020, she said she was actively reaching out to diverse talent on LinkedIn, but she recognizes as the company grows that is not a scalable methodology.

“We are looking at our pipeline and looking at the diversity metrics within it. And then I think having internally really honest conversations about where we might be biased around when we’re when we’re thinking about hires. I like to be in those rooms because I’d like to like to think of myself as someone who has a particular pulse on where biases, especially towards women candidates, can show up and how we make sure that we’re not we’re not applying those biases to our pipeline,” she said.

Today’s seed round was led by Ballistic Ventures with help from BBG Ventures, a firm that backs early-stage startups with female founders, and several industry angels. The company has raised $6.35 million to-date.

TechCrunch Disrupt Battlefield alum Perygee helps secure building operations by Ron Miller originally published on TechCrunch

Posted on

Deviceplane wants to bring over-the-air updates to Linux edge devices

Deviceplane, a member of the Y Combinator Winter 2020 class is developing an open source toolset to manage, monitor and update Linux devices running at the edge,

“We solve the hard infrastructure problems that all these companies face including network conductivity, SSH access, orchestrating and deployment of remote updates, hosting, application monitoring and access and security controls. It’s 100% open source, available under an Apache License. You can either host it yourself or you can run on the hosted version,” company founder and CEO Josh Curl told TechCrunch.

He could see this working with a variety of hardware including robotics, consumer appliances, drones, autonomous vehicles and medical devices.

Curl, who has a background in software engineering, was drawn to this problem and found that most companies were going with home-grown solutions. He said once he studied the issue, he found that the set of infrastructure resources required to manage, monitor and update these devices didn’t change that much across industries.

The over-the-air updates are a big part of keeping these devices secure, a major concern with edge devices. “Security is challenging, and one of the core tenets of security is just the ability to update things. So if you as a company are hesitant to update because you’re afraid that things are going to break, or you don’t have a proper infrastructure to do those upgrades, that makes you more hesitant to do upgrades, and it slows down development velocity,” Curl said.

Customers can connect to the Deviceplane API via WiFi, cellular or ethernet. If you’re worried about someone tapping into that, Curl says the software assigns the device a unique identity that is difficult to spoof.

“Devices are assigned an identity in Deviceplane and this identity is what authorizes it to make API calls to Deviceplane. The access key for this identity is stored only on the device, which makes it impossible for someone else to spoof this device without physical access to it.

“Even if someone were able to spoof this identity, they would not be able to deploy malicious code to the spoofed device. Devices never have access to control what software they’re running — this is something that can be done only by the developer pushing out updates to devices,” Curl explained.

The company intends to offer both the hosted version and installed versions of the software as open source, something that he considers key. He hopes to make money supporting companies with more complex installations, but he believes that by offering the software as open source, it will drive developer interest and help build a community around the project.

As for joining YC, Curl said he has friends that had been through the program in the past, and had recommended he join as well. Curl sees being part of the cohort as a way to build his business. “We were excited to be tapping into the YC network — and then being able to tap into that network in the future. I think that YC has funded many companies in the past that can be DevicePlane customers, and that can accelerate going forward.”

Curl wasn’t ready to share download numbers just yet, but it’s still an early stage startup looking  to build the company. It’s using an open source model to drive interest, while helping solve a sticky problem.