Promote this Nomination

Additional Info

Company size (employees)10 to 49
Headquarters RegionNorth America

In 3 bullets, summarize why this company is different from the competition and deserves recognition:

The Verodin Security Instrumentation Platform (SIP) is the first business platform purpose-built to measure, manage and improve security effectiveness. The Verodin SIP enables security programs to safely demonstrate the impact of modern threats, vulnerabilities, and malicious activities within the context of their environment. With Verodin SIP, security teams can observe and adjust real responses to real attack behaviors without ever putting production systems in danger. The Verodin SIP continuously challenges and validates the effectiveness of an organization's layered defenses, proactively identifies configuration issues in the security stack and exposes true gaps across people, process, and technology.

Verodin developed a completely unique approach to security validation, which eliminates any guesswork or uncertainty. Verodin understands that the only way to yield reliable results is by leveraging real attack bytes as opposed to human interpretations or “simulations.” The Verodin SIP operates by facilitating the safe and continuous execution of real attack behaviors in the production environment to determine the effectiveness of firewalls, WAFs, IPS, DLPs, endpoint controls, SIEMs, etc. Each attack is associated with an API or similar integration with the log manager or SIEM, so users know precisely what attack behaviors are being blocked, alerted on, and correlated. Verodin provides prescriptive response data that helps organizations understand exactly what security tools are falling short or misconfigured and how to optimize their effectiveness.

Verodin SIP ships with a wide variety of content such as dashboards, reports, content tagging for regulatory mandates and industry standards, prescriptive responses to identify gaps and behaviors. The Verodin Behavior Research Team (BRT) frequently publishes actionable attack behavior packages to the Verodin Content Library, which include prescriptive signatures and rules to better prevent, detect and respond to the attack behaviors. In addition, Verodin’s open content platform allows users to develop their own sequences with 3rd party attack data.

Brief Overview

Security teams exhaust a massive amount of time and money deploying hundreds of products to protect their organizations from cyber attacks. However, even after all of this effort, there have been no systems in place to quantify security effectiveness and understand spend-to-value. Modern security infrastructures, across endpoint, network, cloud and emails controls, are too complicated and dynamic to validate their effectiveness with manual, point-in-time assessments and traditional vulnerability scanning. In 2016, Verodin formally launched its Security Instrumentation Platform (SIP), to help organizations continuously monitor their security program’s effectiveness and realize full potential from investments.

The Verodin SIP is a groundbreaking technology that allows organizations to validate their security controls against a variety of attack behaviors such as malware execution, CLI attacks, PowerShell attacks, tunneling, data exfiltration, SQL Injection, C&C traffic and more. In addition to assessing and improving a program’s security technologies, Verodin SIP maximizes the value of security processes and enables teams to condition with real-world events. For the first time, security leaders can safely demonstrate exactly how their people, processes, and technologies will respond to any attack.

Shortly after its launch, Verodin raised a $13 million Series A funding round with some of the leading names in cybersecurity including Blackstone, Rally Ventures, Crosslink Capital and Cisco Investments, which added pivotal resources to accelerate Verodin’s market growth. Today, Verodin’s reach extends globally and the team has multiplied by 5x. In December 2017, Verodin brought on its 45th hire and currently has HQ in Washington DC with offices in other major hubs such as NY, CA and TX. The new category of Security Instrumentation is being adopted across government agencies and every major industry vertical. Verodin is proud to be making security much more transparent and effective.