MixMode Raises $45M for Self-Learning Security Platform that Fights Zero-Days

Missed a session at the Data Summit? View here on demand.

MixMode, which today announced a $45 million Series B funding round, has a huge opportunity to leverage its machine learning, “third wave” AI system to proactively protect customers from previously unknown cyber-attacks, CEO John Keister told VentureBeat.

A significant portion of the hundreds of billions of dollars spent on cybersecurity each year is focused on signature-based solutions, which only protect against the 20% of successful attacks seen before, Keister said. But the other 80% of cyber-attacks (according to Ponemon Institute figures) are new attacks — and identifying them requires advanced AI capabilities, he said. “The existing systems simply cannot handle that 80%,” says Keister.

And so, for MixMode’s approach, “we think it’s going to be a very big opportunity,” Keister said. “This issue of new attacks — and that the threat landscape is completely different than it was 5-10 years ago — is something every company thinks about.”

And given the talent shortage in cybersecurity, “enterprises would prefer to figure out how to tackle the problem without much manual effort,” he said.

That’s where MixMode for customers comes into play. The company provides a security platform that uses machine learning AI to detect all attacks, including new attacks such as zero-days, while also reducing noise for security teams, reducing false positives by 97%, Keister said.

To drive the commercial expansion of the MixMode platform, the company today announced its Series B round led by growth stock company PSG, including an investment from Entrada Ventures.

‘Third Wave’ AI

MixMode’s machine learning system is the first platform to meet the criteria for “third wave” AI, as defined by the Defense Advanced Research Projects Agency (DARPA), the company said. That means the platform requires no training data and requires no manual data entry or configuration, Keister said.

The benefits for customers of the system — which is not only self-learning, but also has predictive capabilities — is that the MixMode platform can spot attacks very early, he said.

“We can see the intent of an attack before the attack takes place,” Keister said. “If you see an attack coming, you can react before major damage is done.”

MixMode holds several patents for its machine learning AI technology, based on work on dynamic systems by company CTO Igor Mezic, a professor at the University of California, Santa Barbara. Mezic has previously developed AI-based projects for the United States Department of Defense, the Air Force, the military and the Centers for Disease Control.

No training required

With the MixMode platform, the advantage is that people don’t have to constantly train the system on data, tune the system or write new rules, Keister said. When people need to get involved in AI systems, “the speed will slow down,” he said.

“Instead of forcing the customer to write new rules or perform new configurations to make the system work properly, the system just watches, learns, sees what’s normal, sees what isn’t – then adapts accordingly ,” said Keith. “And makes the workload for the SOC [security operations center] team much more manageable.”

MixMode’s system learns what the customer’s normal environment looks like, looks at the communication that takes place between different nodes on a network, and then detects any anomalies. For example, the system “generally knows how those IP addresses interact, how big the packets are, and how often they communicate,” Keister said. “It doesn’t require ongoing training data. It just reacts in real time to what it sees.”

All in all, at MixMode, “we think the approach we’ve taken with third-wave AI is really unique,” he said.

Sales growth

MixMode focuses on sales through indirect channel partners and now works with more than 25 reseller and MSSP (managed security services provider) partners. And many of those partners, including Optiv, are now selling MixMode to end customers, Keister said.

The company has not disclosed the total number of customers it now has, but said it would include the city governments of Phoenix and San Diego. In addition to government, other key vertical markets for MixMode include financial services, utilities, and manufacturing.

With the company’s traction to date and new financing in hand, MixMode aims to double its sales by 2022, Keister said.

MixMode has not disclosed total funding so far. The company has raised a $4 million Series A round in 2020.

Keister joined the company – formerly known as PacketSled – in 2017 and Mezic joined in 2018. PacketSled was originally founded in 2013 with a focus on data security analytics. Keister is a managing partner at Varenne Partners, which previously co-founded Marchex, and has held senior positions at the company, including president.

Santa Barbara, California-based MixMode currently employs 30 people and expects to grow to a team of 60 or 70 by the end of the year.

Reducing Human Effort

In today’s diverse customer environments, the way MixMode can be used will depend on the specific needs of the customer, according to Keister. In some cases, SOC teams use MixMode to reduce the number of false positives fed into their existing security tools, such as SOAR (security orchestration, automation, and response) or SIEM (security intelligence and event management).

In other cases, MixMode can actually be used to replace SOAR, SIEM or network detection and response (NDR) solutions, Keister said. However, the company isn’t marketing itself as one of those solutions because “we really think we’re in a different box,” he said.

Regardless of how the system is used, MixMode believes many organizations are deploying employees to do large amounts of manual work — to find actionable alerts — which in reality “can effectively be done by AI today,” Keister said.

VentureBeat’s mission is to be a digital city square for tech decision makers to learn about transformative business technology and transactions. Learn more

This post MixMode Raises $45M for Self-Learning Security Platform that Fights Zero-Days

was original published at “https://venturebeat.com/2022/03/23/mixmode-lands-45m-for-self-learning-security-platform-that-combats-zero-days/”