Cyvera, a Tel Aviv, Israel-based security startup working on solutions to help block zero-day attacks, has raised $11 million in venture capital funding, the company said Tuesday.
According to Cyvera, its flagship product, TRAPS (Targeted Remote Attack Prevention System), is a client-based platform with agents that “lay traps and set barriers” across paths that an attack could take and conduct random actions to deceive attackers.
The company has also developed what it calls a Reflector, an isolated environment used for deep analysis of foiled attacks.
While Reflector may sound like a typical sandbox, Cyvera says its technology goes further and offers more advanced features than a typical malware analysis sandbox.
“Unlike any other sandbox which is limited to examining files in a ‘generic’ scenario (i.e., Windows 7, office 10, adobe reader 11, etc.), the Reflector replicates the scenario of the specific attacked computer,” Nati Davidi co-founder and Co-CEO of Cyvera told SecurityWeek.
Basically, Davidi says Reflector creates an environment that “convinces” the malware that it is in the right place and lets it be executed.
“Sophisticated malware usually checks to verify they are not under examination and that they are in the correct environment that they are supposed to run in,” Davidi explained. “In addition, the Reflector first runs the file with Cyvera TRAPS engine; every time one of TRAPS’s modules stop the attack, the Reflector will turn-off this module and run the attack again.”
Reflector can learn of the techniques utilized by specific exploits, Davidi said, which can also assist in understanding immediately whether it’s an exploit that utilizes a known vulnerability or a zero-day vulnerability.
Cyvera says its solutions currently work on Windows-based end point and server systems and on top of any platform (whether physical or virtual machine, terminal sessions or thin clients).
Additional operating system support is in development and will be released later this year, the company said.
The funding was led by Battery Ventures, with Ehud Weinstein and Dr. Ofir Shalvi joining the round as well. The previous funding round was led by San Francisco-based VC, Blumberg Capital.
“Cyber attacks that are not yet known pose the biggest threat to national, corporate and personal security. Cyvera’s approach to preventing these attacks is truly innovative, born from the deep expertise of the founding team,” said Itzik Parnafes, general partner at Battery Ventures.
“We don’t know what the attack will look like, and we don’t even try to, because we understand it is impossible to predict,” Davidi said. “But we do know every single technique a perpetrator must use to successfully launch an attack. Often these techniques are concealed in innocent looking files like documents, presentations, web links, images and more. With this knowledge we are able to stop the attack in its tracks at a very early stage and by doing so can help our customers evade the effects of zero-day attacks or known attacks on unpatched computers.”
According to Cyvera, its TRAPS platform has already been deployed, and has successfully prevented targeted attacks, primarily in finance, energy, chemicals, legal, hi-tech and other sectors that operate critical infrastructure or maintain sensitive data.
Cyvera said the new funding will be used to expand business and sales operations in the US and to further develop its protection solutions.