SenseOn nabs $20M for faster, more accurate cybersecurity detection and response via its ‘triangulation’ approach

As cybersecurity becomes a bigger and more complex problem for organizations, a startup aiming to increase its accuracy in fighting breaches — by bringing in an ever-wider funnel of data and vantage points to identify issues — is expanding its business.

SenseOn, which employs cloud-based, AI powered techniques for its so-called “triangulation” approach to the challenge of cybersecurity covering endpoints, networks and microservices, has picked up $20 million. The Series A is led by Eight Road Venutres, with MMC Ventures, Crane Venture Partners and Winton Ventures Limited — all existing backers — also participating. SenseOn — not to be confused with cabinet security business Senseon — previously raised $6.4 in a seed round of funding in 2019.

The funding is coming the back of very strong growth, both the bad and good kind.

The bad growth is the sort that we unfortunately hear about every day, in the form of cybersecurity breaches: SenseOn estimates that compromised records passed the 37 billion mark in 2020 — up 141% over 2019.

The good growth is that SenseOn itself has been rising to the challenge for its customers, and as a result its own business has grown (in revenues and engagements) by over 350%. The London-based startup, founded and led by David Atkinson — who had previously been the commercial director for Darktrace and before that spent years pioneering new cybersecurity techniques at the U.K.’s Ministry of Defense as well as other military and government roles — counts a number of financial services firms, consumer businesses and government organizations among its customers.

The problem that SenseOn has identified is that the world of security today has evolved to contain a plethora of point solutions, as well as differing approaches within those point solutions, to address different aspects of the cybersecurity challenge. While some of these are very effective, they are only taking on some of the battle, and if an organization wants to adopt the most secure policy, it might use a number of these in tandem, which in turn can slow down systems and response, or create other issues within them.

SenseOn’s solution has been to build a system that essentially aims to do everything together, with some parts of the solution built by itself, and some parts integrating with other products.

Atkinson describes the approach not unlike “how a human analyst thinks” (which is why the AI aspect of the service, balancing different streams of information, is central to the approach). He also says it is similar to how a global positioning system works: “the more satellites [a GPS] triangulates off, the more accurate it is.”

And to borrow a little from Atkinson’s previous role in the military (he’s pictured here, on the right, in a helicopter in Afghanistan years ago), SenseOn is building not just weapons that security specialists can use to do their jobs better — the platform and the apps — but also ammunition — in the form of data that SenseOn picks up and organizes — to use with those weapons.

Acknowledging the fragmentation inherent in a lot of the most intelligent security technology point solutions, and tackling that by integrating different silos of information to create more complete pictures, is something that seems to be catching on. I’d also argue that it is a sign of the industry maturing, with possibly some distinct platforms emerging as a result.

Cybellum, which LG acquired last week, is taking the same approach but focusing specifically on automotive security (which itself is also very fragmented because of the multiple OEMs and technology systems involved). Others like ActZero are taking the same approach but specifically for one segment of the market, SMBs. Others are looking at specific pain points that result from the fragmentation, such as Secureframe with security compliance, Axonius with managing a plethora of endpoints, or vArmour with the challenges of working across multiple clouds.

Making a platform play is significantly more ambitious, in particular in a market with so many strong point solutions, but with a lot of traction already for SenseOn, it’s a bet that investors want to take. “SenseOn is poised to become a global cybersecurity leader,” said Alston Zecha of Eight Roads Ventures in a statement. “We have long looked for a company which coordinates detection intelligently across domains and can consolidate multiple tools into one solution. SenseOn does this and more. We are privileged to partner with such a thoughtful and high-integrity group as Dave and team.”

Senseon raises $6.4M to tackle cybersecurity threats with an AI ‘triangulation’ approach

Darktrace helped pave the way for using artificial intelligence to combat malicious hacking and enterprise security breaches. Now a new UK startup founded by an ex-Darktrace executive has raised some funding to take the use of AI in cybersecurity to the next level.

Senseon, which has pioneered a new model that it calls “AI triangulation” — simultaneously applying artificial intelligence algorithms to oversee, monitor and defend an organization’s network appliances, endpoints, and ‘investigator bots’ covering multiple microservices — has raised $6.4 million in seed funding.

David Atkinson — the startup’s CEO and founder who had previously been the commercial director for Darktrace and before that helped pioneer new cybersecurity techniques as an operative at the UK’s Ministry of Defense — said that Senseon will use the funding to continue to expand its business both in Europe and the US. 

The deal was co-led by MMC Ventures and Mark Weatherford, who is chief cyber security strategist at vArmour (which itself raised money in recent weeks) and previously Deputy Under Secretary for Cybersecurity, U.S. Department of Homeland Security. Others in the round included Amadeus Capital Partners, Crane Venture Partners and CyLon, a security startup incubator in London.

As Atkinson describes it, triangulation was an analytics concept first introduced by the CIA in the US, a method of bringing together multiple vectors of information to unearth inconsistencies in a data set (you can read more on triangulation in this CIA publication). He saw an opportunity to build a platform that took the same kind of approach to enterprise security.

There are a number of companies that are using AI-based techniques to help defend against breaches — in addition to Darktrace, there is Hexadite, a remediation specialist acquired by Microsoft, Amazon’s working in the field, and many others. In fact I think you’d be hard-pressed to find any IT security company today that doesn’t claim to or actually use AI in its approach.

Atkinson claims, however, that many AI-based solutions — and many other IT security products — take siloed, single-point approaches to defending a network. That is to say, you have network appliance security products, endpoint security, perhaps security for individual microservices so on.

But while many of these work well, you don’t always get those different services speaking to each other. And that doesn’t reflect the shape that the most sophisticated security breaches are taking today:

As cybersecurity breaches  and identified vulnerabilities continue to grow in frequency and scope — with hundreds of millions of individuals’ and organizations’ data potentially exposed in the process, systems disabled, and more — we’re seeing an increasing amount of sophistication on the part of the attackers.

Yes, those malicious actors employ artificial intelligence. But — as described in this 2019 paper on the state of cybersecurity from Symantec — they are also taking advantage of bigger “surface areas” with growing networks of connected objects all up for grabs; and they are tackling new frontiers like infiltrating data in transport and cloud-based systems. (In terms of examples of new frontiers, mobile networks, biometric data, gaming networks, public clouds, and new card skimming techniques are some of the specific areas that Experian calls out.)

Senseon’s antidote has been to build a new platform that “emulates how analysts think,” said Atkinson. Looking at an enterprise’s network appliance, an endpoint, and microservices in the cloud, the Senseon platform “has an autonomous conversation” using the source data, before it presents a conclusion, threat, warning or even breach alert to the organization’s security team.

“We have an ability to take observations and compare that to hypothetical scenarios. When we tell you something, it has a rich context,” he said. Single-point alternatives essentially can create “blind spots that hackers and manoeuvre around. Relying on single-source intelligence is like tying one hand behind your back.”

After Senseon compiles its data, it sends out alerts to security teams in a remediation service. Interestingly, while the platform’s aim is to identify malicious activity in a network, another consequence of what it’s doing is to help organizations identify “false positives” that are not actually threats, to cut down on time and money that get wasted on investigating those.

“Organisations of all sizes need to get better at keeping pace with emerging threats, but more importantly, identifying the attacks that require intervention,” said Mina Samaan of MMC Ventures in a statement. “Senseon’s technology directly addresses this challenge by using reinforcement learning AI techniques to help over-burdened security teams better understand anomalous behaviour through a single holistic platform.”

Although Senseon is only announcing seed funding today, the company has actually been around since 2017 and already has customers, primarily in the finance and legal industries (it would only give out one customer reference, the law firm of Harbottle & Lewis).