Data-cruncher ArcSight dominated security operations centers—the digital war rooms of corporations—through the aughts. Splunk, a mighty rival, took the lead in the present decade. But which company will prevail in the years to come?
Greg Martin spies an opening. His 3-year-old startup, JASK, is building a data analytics engine for a new cybersecurity era, he says.
JASK—short for “just ask,” a phrase designed to evoke simplicity in data-querying—uses techniques drawn from a subdomain of artificial intelligence known as machine learning in order to automate the work of security analysts, who increasingly find themselves inundated with threats and alerts. By applying AI tools, JASK aims to alleviate the burden on overloaded business defenders.
“What this does is it allows us not to replace a bunch of humans but to reprioritize how we use these resources that are limited,” says Martin, JASK’s CEO and cofounder. Prior to creating JASK, Martin cofounded ThreatStream, a threat intelligence firm that was later renamed Anomali. Before that he served in various leadership roles at ArcSight both preceding and following its $1.5 billion acquisition by HP in 2010.
“We’re rebooting ArcSight from scratch,” Martin declares.
In the burgeoning market for so-called security information and event management (SIEM) systems, JASK faces stiff competition from the likes of Splunk, IBM’s QRadar, and ArcSight; not to mention other firms, like Exabeam and Securonix, which started out in a sub-branch of cybersecurity called user behavior analytics and which have been pivoting into the broader data-crunching SIEM market. Analysts at Gartner project this more expansive category to reach nearly $6 billion in 2021.
To keep ahead, Splunk, for one, has been cleverly adding capabilities to its market-topping product through acquisitions. The firm bought Phantom Cyber, a security automation startup, for $350 million in February, and it scooped up VictorOps, a software problem-solving tool-maker, for $120 million earlier this month, as Fortune first reported.
Despite the strength of incumbents, investors detect an opportunity. JASK is set to disclose Thursday that it has raised $25 million in a new round of funding led by Kleiner, Perkins, Caufield and Byers, a prominent Silicon Valley venture capital firm.
There simply aren’t enough humans to go around and handle all of the work that needs to get done inside security operations centers, says Ted Schlein, a prolific cybersecurity investor at Kleiner Perkins who led JASK’s latest fundraising round. Schlein has also joined JASK’s board of directors, the startup is set to announce on Thursday.
Schlein happens to know the SIEM market intimately; he previously invested in and served on the board of ArcSight. He has also placed bets on Mandiant, a digital forensics firm snapped up by FireEye for about $1 billion in 2014; Carbon Black, a cybersecurity company that went public earlier this year; and Phantom Cyber, the automation firm recently purchased by Splunk.
How resource-strapped teams will deal with a growing deluge of threats is the great cybersecurity challenge businesses will face for the foreseeable future, Schlein says. He notes that AI tech holds promise toward addressing the situation.
JASK’s chief executive sees it that way too. “Think of us as a SIEM with a built-in robot SOC [security operations center] analyst,” Martin says.
“We don’t even want to call it SIEM anymore,” Martin adds, eschewing the industry jargon. Instead, he opts for an allusion to the ever-buzzy self-driving car industry: “We’re calling it the autonomous SOC.”
JASK has raised a total of $39 million in venture capital funding to date with previous investors that include Battery Ventures, Dell Technologies Capital, and TenEleven Ventures. The startup has roughly 90 employees and 20 paying customers, Martin said, who have signed deals that account for $10 million in revenue through yet-to-be-realized bookings.