Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Bot Fighter Shape Security Raises $26 Million

Shape Security, a provider of bot protection and anti-automation solutions, today announced that it has raised $26 million in growth capital, bringing the total raised by the Mountain View, California-based company to $132 million. 

Shape Security, a provider of bot protection and anti-automation solutions, today announced that it has raised $26 million in growth capital, bringing the total raised by the Mountain View, California-based company to $132 million. 

Founded by former Google, Department of Defense and major defense contractor employees, Shape’s platform helps protect against bots, fraud, and unwanted automation, and can detect and shut down automated attacks in real-time. 

According to the company, its platform can “distinguish real users from fraudsters even when criminals use manual methods,” and currently processes more than 500 million transactions each day.

The additional funding will be used to support international growth, the company said. 

Shape previously explained to SecurityWeek that its platform takes the advantage away from attackers by implementing real-time polymorphism, or dynamically changing code, to remove the static elements that malware, bots and other automated attacks use to interact with web applications.

“We’re making it the attacker’s problem to figure out how to be able to create a scripted programmatic attack against an application which is constantly rewriting itself,” Shuman Ghosemajumder, Shape Security’s CTO, told SecurityWeek in 2014.

“Today, we continue to use dynamic code to create a powerful defense for 20% of the consumer brands in the Fortune 500, and have evolved the original real-time polymorphism,” Sumit Agarwal, Shape Security co-founder & COO, now tells SecurityWeek

According to Agarwal, the company has tweaked its platform in three key ways.

Advertisement. Scroll to continue reading.

“We have evolved past visible changes made to application code in favor of mostly invisible changes made to our own code, which provides more stability,” he said. “We have developed extremely powerful code-generation and obfuscation technologies which allow us to deliver unique code on every single pageview, for every single customer transaction we protect. This means that, even if an attacker were to reverse-engineer our code on one of our customer’s websites, those learnings would be irrelevant almost immediately.”

Finally, Agarwal explained, the company has “created a self-protecting virtual machine that runs dynamically compiled JavaScript which has proven to be extremely effective at holding attackers at bay.”

Norwest Venture Partners led the latest funding round, with new strategic investors JetBlue Technology Ventures and Singtel Innov8. Existing investors Kleiner Perkins, Venrock, Baseline Ventures, Allegis Capital, Focus Ventures, Epic Ventures, Raging Capital, and Tomorrow Ventures also participated. 

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.