Connect with us

Hi, what are you looking for?


Cloud Security

HyTrust Receives Investment from CIA’s Venture Capital Arm

HyTrust, a provider of policy management and access control solutions for virtual and cloud environments, has entered into a strategic investment and technology development agreement with In-Q-Tel (IQT), the not-for-profit venture capital arm of the CIA.

HyTrust, a provider of policy management and access control solutions for virtual and cloud environments, has entered into a strategic investment and technology development agreement with In-Q-Tel (IQT), the not-for-profit venture capital arm of the CIA.

According to the company, the agreement was designed to help fuel product development and enable the expansion of support operations to meet customer demand, and increase HyTrust’s reach into the federal government.

HyTrust LogoIn-Q-Tel Invests in HyTrustLaunched by the CIA in 1999, IQT’s mission is to identify and partner with companies developing cutting-edge technologies that serve the national security interests of the United States. The firm goes beyond investing money alone, and actively engages with entrepreneurs, growth companies, researchers, and investors to deliver technologies that provide superior capabilities for the CIA and the larger Intelligence Community.

Organizations use HyTrust’s technology deploy cloud environments faster and securely virtualize workloads. The company helps organizations realize the benefits of a virtualized infrastructure while minimizing risk by ensuring that security policies are automated, applied correctly and enforced.

In October 2012, the company added a “secondary approval” feature to its HyTrust Appliance that enforces the “two-person rule”, made famous by the US Air Force’s general rule focusing on nuclear missile launches.

Nuclear Launch Controls

“According to US Air Force Instruction (AFI) 91-104, the two-person rule was designed to prevent the accidental or malicious launch of nuclear weapons by a single individual,” HyTrust President and Co-Founder, Eric Chiu explained previously. “Similarly, HyTrust’s Secondary Approval feature mandates designated approvers authorize high-impact operations prior to users with administration privileges being able to execute actions that can impact the business or even bring down the entire data center.”

“HyTrust can help deliver audit, enforcement, and policy controls to the administrative layer, including Secondary Approval to enforce the ‘two man rule’ on key transactions,” said Chiu.

“We’re privileged to join the In-Q-Tel portfolio and look forward to expanding our relationship with IQT and its government partners,” Chiu said.

Advertisement. Scroll to continue reading.

“Our partnership with HyTrust will accelerate and enhance the company’s technology relating to the control, management and compliance of virtual datacenter environments,” said Robert Ames, Senior Vice President in charge of IQT’s Information and Communication Technologies Practice. “The assurance of critical infrastructure and data assets is paramount, and we believe that the HyTrust solution has the potential to greatly benefit our government customers.”

Hytrust is also backed by investors including VMware, Granite Ventures, Cisco Systems, Trident Capital, and Epic Ventures.

Other notable investments made by In-Q-Tel in the security space include Silver Tail Systems (October, 2010), Oculis Labs (September 2011), FireEye (March 2009), Veracode (June 2008), and in November 2002 the firm reportedly invested $3 million in ArcSight, which was eventually acquired by HP for $1.5 billion.

In-Q-Tel has a track record of not disclosing the details of its investments and agreements, and the financial terms of the HyTrust deal were not disclosed.  

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.


Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...