Did you miss the session at the Data Summit? See on-demand here.
MixMode, which today announced a $ 45 million Series B funding round, has a great opportunity ahead to actively protect its self-learning, “third-wave” AI system against previously unknown cyber attacks, CEO John Keyster told VentureBeat.
A significant portion of the hundreds of billions of dollars spent each year on cybersecurity is focused on signature-based solutions, protecting only 20% of the successful attacks that were previously seen, Kister said. But the other 80% of cyber attacks (according to Ponemon Institute figures) are novel attacks – and they require advanced AI capabilities to detect, he said. “Existing systems just don’t address that 80%,” Kister said.
And so, for MixMode’s approach, “we think it’s going to be a very big opportunity,” Kister said. “This issue of novel attacks – and it’s completely different from the risk landscape of 5-10 years ago – is something that every enterprise is thinking about.”
And given the lack of talent in the cybersecurity sector, the enterprise “would prefer to figure out how to handle the problem without making too many manual efforts,” he said.
That’s where MixMode comes into play for customers. The company offers a security platform that takes advantage of self-learning AI to see all attacks – including novel attacks like Zero Days – while also reducing noise for security teams, according to Keyster, with 97% false positives. Reduces.
Today, to further the commercial expansion of the MixMode platform, the company announced its Series B round, led by growth equity firm PSG, and includes investments by Entrada Ventures.
‘Third Wave’ AI
According to the company, MixMode’s self-learning system, as defined by the Defense Advanced Research Projects Agency (DARPA), is the first platform to meet the criteria for “Third Wave” AI. That means the platform doesn’t need training data, and doesn’t need data or manual input of configuration, Kister said.
The advantage for the system’s customers – who not only learn on their own, but also have the ability to predict – is that the MixMode platform can detect attacks much earlier, he said.
“We can see the attack setup before the attack,” Kister said. “If you can see an attack coming, then you can react before any major damage is done.”
Based on work in the field of dynamic systems by company CTO Igor Mezic, a professor at the University of California, Santa Barbara, Mixmod holds several patents for its self-learning AI technology. Magic has previously developed AI-based projects for the US Department of Defense, Air Force, Army and Centers for Disease Control.
No training required
With the MixMode platform, the advantage is that humans don’t have to constantly train the system on data, tune the system or write new rules, Kister said. When humans should be associated with AI systems, “speed will slow down,” he said.
“Instead of writing new rules or making new adjustments to the customer to make the system work better, the system simply looks, learns, sees what is normal, sees what is not – and then adjusts accordingly,” Kister said. “And creates a workload on the SOC [security operations center] The team is more organized. “
MixMode’s system works by learning what the client’s general environment looks like, looking at the communication between different nodes on the network, and then finding any discrepancies. For example, the system “generally knows how it interacts with IP addresses, how large the packets are and how often they communicate,” Kister said. “It does not require ongoing training data. It simply responds to what it sees in real time. “
Overall, at MixMode, “we think the approach we’ve taken with third-wave AI is really unique,” he said.
MixMode focuses on sales through indirect channel partners, and now works with more than 25 reseller and MSSP (managed security services provider) partners. And many of those partners, including Optiv, are now selling MixMode to end customers, Kister said.
The company has not yet disclosed the total number of its customers, but said the customers include the Phoenix and San Diego city governments. Along with the government, other major verticals for MixMode include financial services, utilities and manufacturing.
With the company’s traction so far and new funding on hand, MixMode aims to double its revenue in 2022, Kister said.
MixMode did not disclose its total funding to date. The company raised $ 4 million Series A round in 2020.
Kister joined the company in 2017 – formerly known as PacketSled, and Mezic in 2018. PacketSled was originally founded in 2013 with a focus on data security analysis. Keister Varenne is the managing partner at Partners, who previously co-founded Marchex, and has served in executive roles at the company, including the president.
MixMode, based in Santa Barbara, California, currently employs 30 people and expects a team of 60 or 70 by the end of the year.
Decrease in human effort
In today’s diverse customer environment, the way to use MixMode will depend on the needs of a particular customer, according to Keyster. In some cases, SOC teams use MixMode to reduce the number of false positives fed into their existing security tools – such as SOAR (Security Orchestration, Automation and Response) or SIEM (Security Information and Event Management).
In other cases, MixMode could actually be used to replace SOAR, SIEM or Network Detection and Response (NDR) solutions, Kister said. The company does not market itself as one of those solutions, however, “we really feel like we’re in a different box,” he said.
Regardless of how its system is used, MixMode believes that many organizations are deploying staff members to perform a large number of manual tasks – to find actionable alerts – which in reality “can be done effectively by AI today, Kister said.
Venturebeat’s mission Digital Town Square is set to become a place for technical decision makers to gain knowledge about the changing enterprise technology and practices. Learn more