The biggest and most important unsolved problem in Information Security, arguably all of IT, is asset inventory. Rather, the lack of an up-to-date asset inventory that includes all websites, servers, databases, desktops, laptops, data, and so on. Strange as it sounds, the vast majority of organizations with more than even a handful of websites simply do not know what they are, where they are, what they do, or who is responsible for them. This is also strange because an asset inventory is the first step of every security standard and recommended by every expert.
After many of
years of research, it turns out the reason why is rather simple: There are
currently no enterprise-grade products, or at least anything widely adopted, that
solves this problem. This is important because obviously it’s impossible to
secure what you don’t know you own. And, without an up-to-day asset inventory, the
most basic and reasonable security questions simply can’t be answered:
- What percentage of our websites have been tested for vulnerabilities?
- Which of our websites have GDPR, PCI-DSS, or other compliance concerns?
- Which of our websites are up-to-date on their patches, or not?
- An organization has been acquired, what IT assets do they have?
As of today, with
Bit Discovery, all of this is about to change. BitDiscovery is a website asset inventory solution designed to be lightning fast,
super simple, and incredibly comprehensive.
While identifying
the websites owned by a particular organization may sound simple at first blush,
let me tell you, it’s not. In fact, asset inventory is probably the most
challenging technical problem I’ve ever worked on in my entire career. As
Robert ‘RSnake’ Hansen’s, member of Bit Discovery’s founding team describes in glorious detail, the variety of challenges are absolutely astounding. Just in terms of
cpu, memory, disk, bandwidth, software and scalability in general, we’re
talking about a legitimate big data problem.
Then there’s the
challenges that websites may exist on different IP-ranges, domains, hosting
providers, fall under a variety of marketing brands, managed by various
subsidiaries and partners, confused by domain typo-squatters and phishing scams,
and may come and go without warning. Historically, finding all of an
organizations websites is typically conducted through on-demand scanning seeded
by a domain name or IP-address range. For anyone who has ever tried this model,
they know it’s tedious, time consuming (hours, days, etc), and false-positive
and false-negative prone. It became clear that solving the asset inventory
problem required a completely different approach.
Bit Discovery,
thanks to the acquisition and integration of OutsideIntel, is unique because we
take routine snapshots of the entire Internet, organizing massive amounts of
information (WHOIS, passive DNS, netblock info, port scans, web crawling, etc.),
extract metadata, and distil it down to simple and elegant asset inventory
tracking. As a completely web-based application, this is what gives Bit
Discovery its incredible speed and comprehensiveness. Instead of waiting days
or weeks for an asset discovery scan to complete, searches take just seconds
or less.
After years of
hard work and months private beta product testing with dozens of Fortune 500
companies, we’re finally ready to officially announce Bit Discovery and just weeks
away from our first full production release. I’m particularly proud and
personally honored to be joined by an absolutely world-class founding team. As
an entrepreneur you couldn’t ask for a better, more experienced, or inspiring
group of people. All of us have worked together for many years on a variety of
projects, and we’re ready for our next adventure! Our vision is that every
organization in the world needs an asset inventory, which includes what we like
to say, “Every. Little. Bit.”
Founding Team (5):
- Jeremiah Grossman (CEO)
- Robert ‘RSnake’Hansen (Chief Technology Office)
- Llana Grossman (Product Management)
- Lex Arquette (Head of Engineering)
- Heather Konold (Chief of Staff)
Investment ($2,700,000, led by Aligned Partners):
As you can see, our
goals at Bit Discovery are extremely ambitious and we need strong financial backing
fully realize them. As part of the company launch, we’re also thrilled to
announce a $2,700,000 early stage round led by Susan
Mason (Managing Partner, Aligned Partners).
During our fund
raising process, we interviewed well over a dozen exceptional venture
capitalist firms, and we were very picky in the process. Aligned’s experience, style, and
investment approach matched with us perfectly. Their team specializes in
experienced founding teams who have been-there-and-done-that, who operate
companies in a capital efficient manner, who know their market and customers
well, and where the founders and investors interests are in alignment. That’s
us and we couldn’t be happier with the partnership.
And,
as Steve Jobs would say, “one more thing.” Every company can benefit from the
assistance and personal backing by other highly experienced industry professionals.
The funding round includes individual investments by Alex Stamos (Chief of
Information Security, Facebook), Jeff Moss (Founder, Black Hat and Defcon), JimManico (Founder, Manicode Security), and Brian Mulvey (Managing Partner, PeakSpan
Capital).
Collectively,
between Bit Discovery’s founding team and investor group, I’ve never seen or
heard of a more experienced and accomplished team that brings everything
together for a company launch. We have everything we need for a runaway
success story. We have the right team, the right product, the right financial
partners, and we’re at the right time in the market. All we have to do is put in
the work, serve our customers well, and the rest will take care of itself.
Finally,
the Bit Discovery team wants to personally thank all the many people who helped
us along the way and behind the scenes. We sincerely appreciate everyone’s
help. We couldn’t have gotten this far without you. Look out world, we’re ready
to do this!
No comments:
Post a Comment