Additional Info

Company size (employees)10 to 49
Headquarters RegionNorth America


Awake Security is the only advanced network traffic analysis company that delivers a software platform powered by the expertise and real-world investigations of hundreds of the world’s foremost investigators. Awake’s Network Detection and Response platform applies AI to bring these human skills to all customers, instantly analyzing billions of packets to immediately discover every device, user and application on the network. Through autonomous hunting and investigation Awake then uncovers malicious intent from insiders and external attackers alike.

Awake is backed by investors such as Greylock and Bain Capital Ventures. It has grown to over 40 employees and attracted top industry talent including Rahul Kashyap, formerly chief technology officer of Cylance, who joined Awake as CEO in July 2018. Awake is currently deployed by several Fortune 1000 companies and has seen a 500% customer/ user growth over the past 12 months.

Recently, Enterprise Management Associates (EMA) named Awake as “Value Leader” in its Network Security Analytics report. Awake was not only classified as a leader in the market but came out as #1 for delivering the best time to ROI and value at the lowest ongoing operational effort and cost. EMA spoke to several customers for each participating vendor, so its analysis is based on real-world customer experience.

How we are different

• Analytics
o Traffic analysis: Awake inspects and analyzes traffic from Layer 2 and up. Most competitive solutions instead rely on flows or meta data. Awake extracts signals from full packet capture data to first identify and track entities and uses that for more meaningful and actionable analysis.
o Source analysis: Few network traffic analysis solutions perform source analytics and those that do often require agents or logs / integrations. With Awake’s EntityIQ™ technology, the system automatically develops an understanding of the entities, even as they move across IP addresses.
o Destination analysis: Other solutions rely on threat intelligence, IP geolocation and reputation to assess destinations. Awake instead analyzes destination information such as how and when the domain was registered.
• Detection/ Investigations and Hunting
o Awake’s unique approach to combine traffic, source and destination analytics avoids the error-prone method of training / baselining employed by most other solutions. These solutions base their anomaly detection on deviations from past behavior of a particular IP address or device. Awake instead compares each device to the other entities in the environment, grouping ones that are similar and then identifying behaviors that stand out.
o Awake also also detects known attacker tactics, techniques and procedures (TTPs) via QueryIQ™ detection rules. This allows for far more efficient detection for known bad behavior from insiders or external attackers. Awake’s intelligent platform makes adding capabilities to detect new and evolving threats simple for Awake and its customers.
o Awake automatically provides a forensic timeline of suspect activities for any entity in the system and allows for easy pivots to this information from any alert in the SIEM. This information is also used to compute a risk score for the entity to help automate the triage process.