RedSeal relauches with new features and $17M in funding

RedSeal develops security risk management software so companies can eliminate cyber threats

(Come mingle with hundreds of top venture capitalists representing $10B-plus in capital under management, including Khosla Ventures, Greylock and Javelin Venture Partners, and learn from founders/CEOs including Marco Zappacosta, Co-founder & CEO of Thumbtack and Adam Goldenberg, CEO of JustFab, Slava Rubin, Founder & CEO of Indiegogo, at Vator Splash Oakland on here!)

RedSeal, developer of security risk management (SRM) software and solutions, which helps companies eliminate cyber threats, is continuing its overhaul, which began a year ago, with the appointment of Ray Rothrock as CEO.

On Monday, the company announced new product offerings, as well as a new funding round to validate the transition.

"The company had been around 10 years, since 2004, but by 2014 the company had been flat lined for a couple of years, and was running out of cash," Rothrock told me in an interview. "As one of the original investors, I was asked to figure out what was going on, and I liked the opportunity. There were things we thought were broken, but worth repairing, and that it could be done."

So he, and Pete Sinclair, another early investor in the company, and now the COO of RedSeal, talked to over 200 corporate and government customers, about how to innovate, and where to take the product. Using their combined rolodexes, the two were able to "rebuild the team quickly, recut the deck with the board, start rebuilding the company, and recruit new management."

"We corrected a lot of things customers clamoring about and shopped that version. We didn’t change features, just made it run better, faster, and not as buggy," Rothrock said. "Last year we built a new product roadmap and customers loved it so we innovated as fast as humanly possible."

Now, finally, those new products are ready to be launched. There are two major changes taking place.

First is cloud connectivity. The company is now offering the same visibility into virtual networks, but now enables organizations to verify and optimize the security settings of private and public cloud deployments, including Amazon Web Services and VMware vShield.

The second is the implementation of Layer 2 discovery, which means organizations now have visibility through the network layers. They can identify and prioritize exposed assets after a breach and isolate affected hosts quickly.

"We started out as a firewall management company, but the world got complex quickly, and we realized that algorithms were suitable to calculating every route that a packet can take in the network. We could take that info, and create software module of how it operates, but we never calculated risk or security layer," Rothrock said.

With Layer 2, customers can take that map and see which ports should take priority, and which are the most vulnerable, so they know which are higher risks for business.

"They can understand where it lives and how a packet gets from outside to inside, and how software on the network operates business-wise. It puts intelligence into the answer."

So, with Layer 2, if there is an incident, RedSeal can then help the customer isolate that host, see who it is talking to and why, and build a fortress around it to isolate the problem.

To help put this new plan into motion, the company has now raised a $17 million Series C round of funding. Investors including new investors Tyco, MATH Venture Partners, Pallasite Ventures, DRW, and others, along with prior investors Venrock, Sutter Hill, Icon Ventures, Leapfrog, and Olympic Ventures also participating. This latest round brings the company's total venture funding to $75 million."

"The fact that there are new guys in this round is a good thing," Rothrock told me. "New money in a deal is a sign of progress."

The new funding will go toward building out the team, specifically hiring more engineers, and channel development, meaning marketing and training. The company just started this program in the fourth quarter of 2014, and will "put more feet on the street."

With 81 current employees, RedSeal plans to have that number around 95 by the end of this year.

The Sunnyvale, California-based RedSeal currently counts 207 organizations as customers, a third of which are government agencies, while the other two-thirds are large businesses, typically with $100 million in revenue. 

 It measures its return on investment in terms of cost and time savings for its customers.

For example, one customer was running 10,000 devices, and was using 18 engineers to maintain and keep them running. With RedSeal, it was able to reduce that number to just three, and redeploy those engineers to other projects.

One thing the company has not yet measured is incident response, Rothrock said.

"If you can contain an incident that can be life saving. If something bad happens, and it spreads, it can become very expensive to manage it, " he told me. "Some just shut down their networks. Imagine a CEO making the call to stop revenue. That is extremely costly, but if you do security right, it should be more reliable and trustworthy."

The philosophy behind the company is to create a world where companies and businesses can know exactly how secure they are, and where that information will be publicly known to their customers so they know which businesses are, and are not, secure enough to use.

First, it wants to address the problem of something that has been missing in many of its competitors, by giving an overview, or "umbrella view," of how security management is affecting their business. Secondly, it wants to address the "hardening up of these networks," due to the Target breach, which has made people think twice about putting their credit card information online.

"This opens opportunities for insurance. If you're a better driver, you get a better rate. If you have a more secure network, then you get better rate. Cyber insurance is going to be a growing area," said Rothrock. "When you sell a house, you get it inspected, to make sure you don’t have rats. Our software can do that for a network."

Ultimately, the reason all of this is so important, is because of the corrosive effect that all of the recent cyber crime, including the attacks on Target and Sony, are having on our economy

"One question I get asked frequently is, 'Is there going to be a cyber Pearl Harbor?' The answer is maybe, but don’t worry because cyber attacks right now are eating into the economy," Rothrock told me. "It slows down growth and a recent survey confirmed that people are concerned about this. This was not the case four or five years ago, but Target made everyone aware, and Sony has made us scared. This is important to business, because it is costing businesses money."