Every server, handset and connected device in a company is a potential attack vector. San Francisco-based Expanse Inc. today announced that it has raised $40 million in funding to help organizations find vulnerable systems before hackers do.
The startup, which is headed by former CIA analyst Tim Junio, offers a network monitoring platform that differs from most of the other tools in the category. Dubbed Expander, it’s powered by a cloud-based “Internet intelligence” engine that continuously scans the web for public-facing systems. The software identifies the ones that may be vulnerable and connects the dots to identify which asset belongs to what organization.
Expanse said this approach aims to address the increasing fragmentation of corporate networks. Many of the systems in the average enterprise run on outside cloud platforms, while others are located at remote branch locations. According to Expanse, Expander can provide better visibility into these assets than conventional monitoring tools that require more direct access.
The platform’s capabilities lend themselves to a wide range of use cases. Expander can among others identify unaccounted devices, misconfigured cloud infrastructure and potentially insecure assets obtained through an acquisition.
The platform has been adopted at several major organizations over the past few quarters. Among them are Fortune 500 companies such as CVS Health Corp. and Capital One Financial Corp. as well as multiple government agencies, most notably the U.S. Cyber Command. Expanse boasted of having built up this installed base without doing any marketing.
That will change in the wake of the funding round. Expanse also plans to spend some of the capital on growing its sales and engineering teams.
Institutional Venture Partners led the investment, while a number of existing backers contributed as well, including Peter Thiel’s Founder’s Fund. Among them was New Enterprise Associates, which led Expanse’s previous $20 million funding round last year.