Illusive Networks, a cybersecurity startup based out of Israel that protects networks by building “deception” frameworks to identify and trap malicious hackers, has added Microsoft Ventures — the software giant’s young investment arm — as its newest strategic investor. In keeping with the startup’s name and purpose in this world, Illusive is not disclosing any details about the terms of this investment — except that it’s a new investment.
It brings the total raised by the startup to something more than $30 million after Illusive picked up $22 million in 2015 led by NEA. Others investors include Cisco also as a strategic backer, Innovation Endeavors, Bessemer Venture Partners, Citi Ventures, Marker, and Team8 — a security incubator that spawned Illusively. Microsoft Ventures is also a new backer of Team8.
“We have made the investment just recently,” Mony Hassid, who runs Microsoft Ventures in Israel, told TechCrunch of Illusive. “We have made a decision to invest in the deception market, and we believe there are more security opportunities, which is why we have invested in Team8 in addition to this.”
Illusive was founded in 2014 and it is part of a new guard of security firms — they include other startups like Shape Security but also larger firms like Imperva that have built “deception” products alongside their existing detection and response businesses — have emerged in the wake of a large, significant evolution in technology.
Large organizations all run their businesses in large, distributed, digital networks; and with that have arisen a very distributed and sophisticated cadre of malicious hackers — working independently; in teams; for governments; for crime syndicates; for themselves — dedicated to breaking into those networks and doing bad things. This confluence has caused an unprecedented number of destructive cyber attacks and hacks in the last few years.
Illusive accepts that malicious hackers will manage to find ways into networks: it doesn’t deal in firewalls or anything that might keep them out full stop. Instead, it takes a page out of another development in tech — virtual and augmented reality — and creates an alternate, false version of a company’s network to trap those hackers.
“There will always be a phishing or drive-by attack,” founder and VP of R&D Ofer Israeli said in an interview. “Humans are the weakest link and always will be and will continue to make mistakes. But once the hacker is in, now we have an attacker who needs to orient himself.”
Once a hacker finds himself (or herself) in the Illusive version of your network, Illusive identifies that individual and either keeps him locked in there forever, or ejects him for good.
Illusive does not specify who its customers are but Israeli describes them as large enterprises, of 1,000 or more employees, who are “some of the largest in the world, household names in different verticals.” They include large banks (recall Citi is an investor), tech companies, law firms and more.
It’s not clear yet how Microsoft will work with Illusive, but the idea is to tap strategies to build products to fit their own and also to sell to their customers as well. This would make sense for companies like Microsoft and Cisco, who may already have security offerings but are working with customers who need extra levels of protection beyond what is already available.