For the past 20-plus years, Peter Smith has made a career in cybersecurity trying to keep bad actors off computer networks, failing at nearly every stop.
It’s not that he’s incapable of protecting a network — it’s just impossible to completely shut out cybercriminals. All it takes is for a hacker to successfully impersonate a trusted piece of software once, he explained. After that, they’ll have reign inside a system and the ability to shut down an entire business, as NotPetya did with a global shipping container company.
“The problem, which has resurfaced time and again is: How do you keep bad guys off your network?” Smith said. “The answer is, you can’t.”
Smith believed that zero-trust architecture — the theory that software should be verified every time it tries to access a network — was the answer, but he couldn’t figure out a way to make it work. Then one day, he looked down at a can of Pepsi and had an epiphany — everything, from a single can of Pepsi to software, has a serial number or unique identifier, he realized.
From that idea came Edgewise Networks.
Zero trust is a new way of thinking for security practitioners.”
Based in Burlington, Massachusetts, Smith’s company provides a security platform that autonomously verifies each piece of software that accesses a company’s hybrid cloud network based on its unique identifier or serial number. On Tuesday, the company announced that it has secured $11 million in funding and launched a new, simpler version of its software.
The round will help the company reach a larger market of customers, said Smith, who’s Edgwise’s CEO.
“This is an entirely new paradigm,” Smith told Built In. “Zero trust is a new way of thinking for security practitioners. People need to see it to believe it, and they need to see it to understand its benefits and effects.”
Driven by machine learning, Edgewise’s platform records the identifier of each software that a company grants access to its cloud or data network and what part of it accesses. From there, it automatically microsegments, or breaks down the network into pathways, and limits the software to one specific lane. This reduces the attack points and limits the impact a hacker has if they manage to access a company’s network.
But the most important measure is that security teams can manage, update and enact these policies with a single click, Smith said. That simplicity is crucial in convincing businesses to adopt better security measures.
“We have something that is impossibly simple,” Smith said. “What this round is about is getting it in front of as many people as possible.”
With the round, Smith said the company plans to double its team of 35 by the first quarter of next year, adding primarily to the sales and research and development teams.
They also plan to launch a podcast this week called “Will it Defend,” in which they’ll compare Edgewise’s security platform against traditional firewalls, in an effort to help people understand how important zero-trust methods are, Smith said.
Existing investors .406 Ventures and Accomplice led the round, with additional participation from Pillar.