Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybersecurity Funding

Cyber-Attack Prevention Firm Solebit Raises $11 Million

Tel Aviv-based cyber-attack prevention firm Solebit Labs, currently establishing new global headquarters in Silicon Valley, has announced completion of an $11 million Series A funding round led by ClearSky Security.

Tel Aviv-based cyber-attack prevention firm Solebit Labs, currently establishing new global headquarters in Silicon Valley, has announced completion of an $11 million Series A funding round led by ClearSky Security.

Solebit was founded in 2014 by Boris Vaynberg, Meni Farjon, and Yossi Sara — all of whom graduated from Israel’s IDF technology units. The funding announced today will be used to accelerate adoption and deployment of the SoleGATE Security Platform from the new headquarters in Silicon Valley.

SoleGATE is an attack prevention system that can be used as a replacement or alternative to traditional endpoint protection systems. Such systems typically rely on either malware signatures or malware behavioral analysis engines — with or without benefit of machine learning AI algorithms— to detect malware; and both of these approaches can be evaded by zero-day fileless attacks. 

SoleGATE is an attack prevention system that uses neither signatures nor behavioral analysis to detect malicious code before it enters the network. Instead, it creates a logical ‘no code zone’ that inspects every data stream for executable code, no matter how encrypted or hidden. By inspecting every data stream, malicious code has nowhere to hide, and cannot evade detection. Solebit claims that it has a false positive rate of less than 0.002%.

“Attackers still possess the edge, particularly in zero-day attacks, despite considerable security investment,” said Vaynberg, CEO of Solebit. “DvC (Solebit’s patent-pending inspection engine) assumes that there is no legitimate reason for executable code to be present in any data file. DvC also accurately identifies and blocks malicious active content using advanced flow analysis, de-obfuscation techniques and deep content evaluation, to reveal threat intent within any data file covering machine, operating system and application levels, thereby rendering such sandbox-evading malware harmless to the enterprise.”

SoleGATE is a virtual appliance that can analyze data streams at high speed. For large companies, “SoleGATE supports both vertical and horizontal scaling,” Vaynberg told SecurityWeek. “Each SoleGATE virtual appliance can scan many files concurrently (based on number of CPU cores dedicated to the virtual appliance) and customers can use multiple SoleGATE instances working in Active-Active mode.” 

The technology is closer in concept to Content Disarm and Reconstruct (CDR) solutions than it is to standard malware detection products — but still has fundamental differences. “The SoleGATE DvC engine analyzes the binary content of each scanned file and reaches a conclusive verdict regarding the file, whether it is malicious or not. It covers a wide range of file formats, does not change anything in the scanned file and, of course, there is no effect on user experience,” explained Vaynberg. 

“CDR, however, is reconstructing the file, assuming that reconstruction will remove any malicious payload. This technology is generally limited in the number of supported file formats, and it can affect user experience since it is actually altering the file the user receives.”

Advertisement. Scroll to continue reading.

SoleGATE does not create signatures for files or malicious behavior — all data streams are inspected as if never before seen. Nor does it share or export any data from the customer’s environment — eliminating, for example, the sequence of events that triggered Kaspersky Labs’ issues with the US government. In that instance, it is thought that files exported from an NSA contractor’s home computer for Kaspersky malware analysis somehow alerted Russian intelligence services to the presence and location of those sensitive files; which were later obtained by hacking the contractor’s computer.

SoleGATE does, however, provide IoCs to the customer, “in order,” said Vaynberg, “to leverage the customer’s entire security stack based on SoleGATE’s unique detection.” He added, “SoleGATE also supports malicious links detection and prevention. It provides customers with prevention against links that lead to malicious web pages or malicious files to be downloaded from the web. A phishing web page that seeks to socially engineer user credentials will be supported later.”

“Solebit provides the most effective, real-time, and accurate cyber-attack prevention platform that is incredibly simple to use, integrate and manage,” said Peter Kuper, Managing Director, ClearSky Security. “As organizations struggle to better manage risk against unknown threats, Solebit is ideally positioned to be a trusted partner to both enterprise and large-scale security vendors as they contend with ever increasingly sophisticated attackers.”

Related: It’s Time For Machine Learning to Prove Its Own Hype

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cyber Insurance

Cyberinsurance and protection firm Boxx Insurance raises $14.4 million in a Series B funding round led by Zurich Insurance.

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Funding/M&A

Thirty-five cybersecurity-related M&A deals were announced in February 2023

Funding/M&A

Forty-one cybersecurity-related M&A deals were announced in March 2023.