Connect with us

Hi, what are you looking for?


Cybersecurity Funding

Stealthy Startup Cylance Makes Official Launch With $15 Million in Funding

Cylance, a tech security startup that has been operating in a rather secretive fashion until today, made its official launch as a security vendor along with announcing that it has raised $15 million in funding.

Cylance, a tech security startup that has been operating in a rather secretive fashion until today, made its official launch as a security vendor along with announcing that it has raised $15 million in funding.

Cylance LogoCylance is led by former McAfee global chief technology officer Stuart McClure who serves as president and CEO of the firm. As a security expert with more than 22 years of experience, McClure was founder, president and CTO of Foundstone which was acquired by McAfee in 2004. He also is known in security circles for his well known series of books, Hacking Exposed.

Prior to the company’s “official” launch today, it has built up a roster of well-respected security experts, through both organic hiring, and acquiring other startups. In October 2012 Cylance acquired Ridgeway Internet Security, a software startup specializing in Web application firewalls and honeypot technology.

In December 2012, the company acquired Skout Forensics, a cyber-forensics technology and services company specializing in automated forensics.

Billy Rios and Terry McCorkle at Security Analyst SummitWhile up to now the company has been somewhat secretive in what it has been up to, it has made some splashes in recent months around security vulnerabilities and research.

Just last month, Cylance reserachers Terry McCorkle and Billy Rios said they were able to hack into a medical management system and take control of other pieces of connected equipment by targeting a heap overflow vulnerability on a Philips XPER system. McCorkle and Billy Rios joined Cylance after the company acquired SpearPoint Security Services, a company founded by the security researcher duo.

This past summer, Rios and McCorkle, prior to working for Cylance, were credited with discovering vulnerabilities in the Tridium Niagara AX Framework, a popular software platform that integrates various control systems and devices and allows them to be managed over the Internet.

Interestingly, just last week at the Kaspersky Lab Security Analyst Summit in San Juan, Puerto Rico, Rios and McCorkle demonstrated a proof-of-concept exploit that made use of two yet-to-be patched security vulnerabilities in the Niagra Framework that would allow a remote attacker to take control of the system.

The new $15 million cash injection came from Khosla Ventures and Fairhaven Capital, and will be used to fuel the company’s vision of “securing the most insecure and defenseless systems in the world, through advanced services and products addressing critical infrastructure and servers, desktops and devices.”

Advertisement. Scroll to continue reading.

“The time is now to change the paradigm in security. Companies like Cylance know how to solve this problem at its core, and we will help them deliver on that vision,” said Vinod Khosla, founder of Khosla Ventures and long-time Silicon Valley entrepreneur.

“Cylance’s executive pedigree has seen it all in the security world and I am confident in their mission to fix the industry’s failures as well as protect and empower the world through its top talent, products, services and research,” Khosla added.

Along with its investors, Cylance added three additional board members, Patrick Heim, former Kaiser Permanente CSO and now Chief Trust Officer at and Retired Admiral William J. Fallon. Additionally Alex Doll, former CEO of PGP who sold to Symantec in 2011, will join the board.

Additionally, Cylance said tht it also established a Board of Advisors comprised of individuals from diverse industries, including Paul Forney (Invensys), David Willson (Army/NSA), Shane Shook (KPMG/PwC), Robert Bigman (CIA), Stewart Baker (Steptoe/NSA), Alex Nazaruk (GetCo), Michael Rauchman (GetCo), Eric Culp (formerly of ESRI), and Joseph Gabbert (formerly of McAfee and EMC).

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.