Security Experts:

Connect with us

Hi, what are you looking for?


Application Security

Shape Security Raises $25 Million to Expand “Botwall” Technology

Shape Security today announced that it has raised $25 Million in a Series D funding round to accelerate deployments of its Botwall Service, with specific plans to expand further in China.

Shape Security today announced that it has raised $25 Million in a Series D funding round to accelerate deployments of its Botwall Service, with specific plans to expand further in China.

The Mountain View, California-based web security firm has now raised a total of $91 million, including $20 million in a Series B round in 2013 and $40 million in Series C round February 2014. Well before emerging from stealth mode in January 2014, the company raised $6 million in a Series A round in 2012, led By Kleiner Perkins Caufield & Byers and Eric Schmidt’s Tomorrow Ventures.

 Shape Security Raises $25 MillionFounded by former Google, Department of Defense and major defense contractor employees, Shape’s “Botwall” technology helps protect web sites and mobile apps against automated attacks conducted by threat actors that use automation. These automated attacks are growing rapidly, Shape says, and currently account for more than half of all traffic to the login pages of major websites, and bypass products that many enterprise use, such as WAFs, DDoS and fraud controls, and IDS/IPS.

Shape previously explained to SecurityWeek that its platform takes the advantage away from attackers by implementing real-time polymorphism, or dynamically changing code, to remove the static elements that malware, bots and other automated attacks use to interact with web applications.

“We’re making it the attacker’s problem to figure out how to be able to create a scripted programmatic attack against an application which is constantly rewriting itself,” Shuman Ghosemajumder, Shape Security’s VP of Strategy, told SecurityWeek in 2014.

Beijing-based Northern Light Venture Capital participated in the funding round to assist Shape with expansion into China.

“In the same way that automation has transformed traditional industries, automation is transforming the economy of cyber attackers, and rewriting the rules of enterprise risk in the process,” SecurityWeek columnist Wade Williamson wrote in a September 2014 column. 

Web technologies are inherently vulnerable to automation, and have given rise to a new breed of scripted attacks, Williamson said.

“Automated attacks are cheap, tireless, and can target virtually any functionality that we expose to our end-users. Because of their reach, these attacks become both highly probable and enormous in scale. This makes understanding automated threats essential in order to understand IT and enterprise risk,” Williamson, a previous employee of Shape Security, explained.

Lead investor in the round Baseline Ventures, Northern Light and Epic Ventures join existing investors Kleiner Perkins Caufield & Byers, Venrock, Norwest Venture Partners, Google Ventures, Tomorrow Ventures and other prominent investors in this round.

The company says customers include global airlines, US banks, insurers, major federal government agencies, and several of large retailers.

“Cycling through user IDs and passwords at various websites, such as online banking or credit card portals… these massive automated account takeover attacks have become much more sophisticated and have escalated substantially, according to our clients, with big pickups in such attacks during and right after the 2014 holiday season,” wrote Avivah Litan, VP Distinguished Analyst at Gartner. “Some report that such scripted attacks against large online sites doubled in the first two months of 2015.”

“Attackers are constantly evolving, but we are able to stay ahead of them successfully. Our new funding will allow us to take our proven approach and scale it to other major markets around the world,” said Derek Smith, CEO of Shape Security.

Shape’s Botwall technology can deployed in the cloud or on premise.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.


More than 450 cybersecurity-related mergers and acquisitions were announced in 2022, according to an analysis conducted by SecurityWeek

Application Security

While there are many routes to application security, bundles that allow security teams to quickly and easily secure applications and affect security posture in...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.