HYAS, a threat intelligence startup that specializes in mapping and blocking the command and control infrastructure of malicious hackers, announced it has closed out its Series B round with $16 million in new funding.
The new round was led by S3 Ventures, with additional financial support from Uncorrelated Ventures, Tightline Holdings, the Cyber Mentor Fund and Dcode Capital. As part of the deal, S3 Ventures Partner Charlie Plauche will get a seat on the board of directors.
HYAS offers threat intelligence services, but the company’s calling card revolves around two tools, called Insight and Protect, that pull around 3 billion data points about adversary infrastructure every day from various sources on the internet and third-party data brokers. Those data points are then fed into a data lake where a correlation engine identifies risky or presumed IP addresses or possible command and control servers that an organization’s IT assets, (whether a laptop, a phone, or “an IoT-connected coffee pot”) should not be communicating with and blocks them in the real time.
In an interview, CEO David Ratner said the tools utilize “a combination of communication patterns and knowledge of adversary infrastructure that allows us to be very unique in detecting intrusions that no one else can find, especially around difficult to find supply chain or low and slow attacks or other kinds of things that [don’t necessarily] beacon out every two seconds."
Ratner was cagey about where specifically HYAS gets its non-public data, declining to name sources because he said doing so publicly might tip off hacking groups about how to evade detection or obscure their infrastructure. He would only say that the company’s findings go beyond whitelisting and blacklisting of domains known to be associated with hacking groups and that the company has signed non-disclosure agreements with “authoritative sources” that gives them “data that no one else has, which allows us to find intrusions that no one else can find.”
Ratner said their Insight tool has found traction with customers in the financial services, health care and technology sectors who already have internal threat or fraud teams and are looking to add more granularity to their established security programs.
HYAS Protect, which can be integrated into an application programming interfaces or set up as a cloud-based DNS solution, is meant to provide a more automated solution for companies with less security-savvy IT teams. While Fortune 1000 companies tend to look for a much deeper understanding of which hacking groups are attacking them and why, there are a host of mid-sized enterprises that are asking those questions at a broader and more basic level.
“There are a whole host of customers that are simply [worrying] ‘how do I keep myself safe from a supply chain attack? How do I keep myself save from ransomware?’ and ‘I don’t have an expert in my company who knows how to do this’ and that’s exactly the market for Protect,” Ratner said.
HYAS is headquartered in Victoria, Canada, with about 30 employees located in Canada and the United States. Ratner said “most” of those employees work on the product and R&D side, and the Series B funding will go largely towards expanding their “incredibly small” sales and go to market teams. The company expects to double its total headcount over the next 18 months and expand its sales footprint in Western Europe, North and South America, Australia and New Zealand.