The Boston startup uses cloud-based analysis to help organizations focus on the biggest threats.
By Joseph Tsidulko | January 2021
COVID-19 forced millions to work from home for the first time, and there’s every indication remote work is here to stay after the global pandemic, and its travel restrictions, are long gone.
That new workplace reality is driving companies to take a fresh look at everything from hiring policies to office space. And it has drastically increased the number of laptops and smartphones connecting remotely to corporate networks that can put data at risk, challenging old approaches to information security.
Cybereason, based in Boston, is among a new breed of cybersecurity startups changing the game in protecting those vulnerable devices from cybercriminals by using artificial intelligence and other cutting-edge analytical tools.
People were already fretting about the gradual “meltdown of the perimeter” before the pandemic, says Cybereason CEO Lior Div, as bring-your-own-device policies were extending IT beyond corporate firewalls.
“Then the pandemic hit and one day everybody was working outside the perimeter,” he says.
Cybereason relies on the power and scalability of the cloud to deliver security beyond that traditional perimeter. Unlike legacy endpoint vendors that mostly compute on the edge, letting software on the laptop or phone assess security threats, Cybereason ingests all that data to search in real time for potential breaches by analyzing some 80 million events per second. This analysis helps IT organizations focus on the most serious threats instead of sorting through waves of alerts.
Looking to scale this cloud-based approach across the globe, the fast-growing cybersecurity standout with an eye toward IPO needed much more computing capacity. That search culminated in Cybereason designating Oracle as its preferred cloud provider.
Div says the shared values were obvious from his first meeting with Oracle CEO Safra Catz.
“We were looking for a company that understands security is not an afterthought, that it is something core to what they do,” he says.
After deep conversations with Catz and other Oracle cloud leaders, Div appreciated that Oracle approached security as a core design element—one built down to the bare metal of its public cloud.
Another factor driving the decision to run the Cybereason Defense Platform on Oracle Cloud Infrastructure (OCI) was global presence. Cybereason sells its solutions primarily to large enterprises and governments that are often bound by data sovereignty requirements. Oracle’s vast, rapidly expanding network of global cloud regions helps that customer base to comply with regional data privacy laws. But performance was the showstopper. Cybereason put Oracle cloud services through their paces to ensure Oracle Cloud Infrastructure could handle an unusually demanding load.
“We were looking for a company that understands security is not an afterthought, that it is something core to what they do.”
Because Cybereason is shuttling petabytes of data daily from devices to its cloud-based analytics engine, the company needed an infrastructure vendor offering unrivaled data processing speed and almost nonexistent latency, Div says.
And it didn’t hurt that Oracle offers the industry’s lowest rates for outbound data transfers—an OCI differentiator that has attracted videoconferencing providers and other software companies that grapple with massive data egress volumes.
At the start of the year, Cybereason’s discussions and evaluations with cloud infrastructure providers were moving along at a strong clip, Div says. Then the massive and sudden shift to remote work generated an unexpected surge of new business. Endpoints became the center of the battlefield, and the enterprise essentially became the sum of all those endpoints. Organizations had to expand what applications and actions they allowed on those devices.
Div said Cybereason went back to Oracle with a message: “Now we have to move.”
Cybereason’s architecture allowed it to rapidly implement its multicloud ambitions. The startup built its products from the ground up, writing every single line of code with an eye on complete portability for its cloud expansion.
Cybereason never made the mistake of relying on native features from cloud providers, the CEO says. “If you make a strategic decision to run your software by features, you’re not making a good decision,” Div says.
Recent headline-grabbing hacks of cybersecurity providers illustrate the risks facing these companies. Oracle’s security-first approach to cloud—with key protections built-in to its core infrastructure and an architecture designed to reduce attack surfaces—gives Div confidence.
“As a security vendor that’s positioned itself as leading the revolution in how to protect companies, I have to make sure there’s zero risk from us,” Div says.
Photography: Cavan Images/Getty Images.
Joseph Tsidulko is a senior communications director at Oracle. Previously, he was a journalist at CRN covering cloud native technology.