Blueshift Cybersecurity has raised a seed round of $6 million from investors WestWave Capital and CyberJunction. The company specializes in infrastructure and data security tools for small- to medium-sized businesses.
Blueshift specializes in tools for extended detection and response (XDR). This is a relatively new field in cybersecurity. The term was coined by Palo Alto Networks in 2018 and picked up steam when both Gartner and Forrester saw it as a convergence of security capabilities. Gartner predicts that the number of organizations using XDR could grow from 5% today to more than 40% by 2027.
XDR plays a vital role in helping enterprises secure a more extensive and varied infrastructure. As a result, various tools have evolved to protect networks, web traffic, email, cloud services and endpoints.
Starting around 2005, vendors introduced tools for aggregating threat intelligence from across these different tools, which came to be known as security information event management (SIEM). SIEM focused on simply improving the ability to detect security events, leaving it up to cybersecurity teams to respond via other channels.
In 2015 Gartner coined the term security operations, analytics and reporting (SOAR) for describing an emerging class of tools that helped coordinate a response. However, these tools tend to be a heavy lift, particularly for smaller enterprises. XDR tools are deployed as a cloud service, which simplifies deployment and ease of use compared to SIEM/SOAR and it also can automate the response to attacks.
Blueshift’s XDR security values integration over migration
Over the last couple of years, major security vendors such as Microsoft, Check Point, Cisco, Trend Micro, McAfee, Rapid7 and Palo Alto Networks have begun extending their traditional endpoint, network and antivirus protection capabilities to support XDR. However, Gartner cautions that by 2023 at least 30% of endpoint detection and response (EDR) and SIEM vendors will claim to provide XDR despite lacking core XDR functionality. One point of contention is the extent to which these tools can collect data across multiple third-party tools, rather than requiring users to migrate existing security services to a single platform.
We are not a rip-and-replace solution. Unlike these competitors, we will work with whatever you have in your current security stack in addition to our platform, we work very hard to get data from as many sources as we can and use that data to detect and investigate anomalies in our customers’ environments.” Brad Rowe, chairman and CEO at Blueshift’s
Another Blueshift innovation has been to integrate zero-trust data protection with its XDR platform. Zero-trust data protection can force the protection of files during a security incident so that only authorized users with proper multifactor authentication can access them. This helps reduce the risk that the data is exfiltrated or encrypted during an incident.
Cigent, a data protection vendor, incubated the company. Cigent CTO Greg Scasny designed the Blueshift XDR architecture before the formation of Blueshift. Existing Cigent customers began using the platform and it was eventually spun out as a separate company. There are currently about 50 customers using the service to protect over 100,000 devices.