Cado Security, which offers a digital forensics platform for cloud environments, is seeing strong demand for its automation-driven product and plans to scale up quickly to meet the enterprise need, according to CEO James Campbell.
On Tuesday, Cado Security released the findings from a new survey by Enterprise Strategy Group, which found that digital forensics and incident response processes are less mature for cloud environments than for on-premises environments. Investigations are more challenging in cloud environments, according to the research.
Respondents reported that it currently takes about three days to even start an investigation of a cloud breach, following data capture and processing. And almost 9 in 10 companies reported seeing a â€œnegative outcomeâ€ occur during that interval of time.
Digital forensics platforms are used to collect and process data from a companyâ€™s environments, enabling an investigation of and response to a security incident. London-based Cado says it offers the â€œfirst and onlyâ€ digital forensics platform that is cloud-native.
Thatâ€™s an advantage because it means the Cado platform is â€œpurposeful and designed for these environments,â€ such as Amazon Web Services and Microsoft Azure, and offers a â€œdepth of instrumentation for these environmentsâ€ not offered by existing tools, said Doug Cahill, vice president and senior analyst at Enterprise Strategy Group.
While enterprises have accelerated their shift to the cloud during the pandemic, there are many indicators that security has not kept up. For instance, the recently released 2021 Thales Cloud Security Study found that 83% of U.S. businesses still fail to encrypt half of the sensitive data they store in the cloud.
Boom times for Cado
Campbell, who cofounded Cado Security in April 2020, said customer demand for the Cado platform has been substantial in recent months, though the company isnâ€™t disclosing how many customers it has landed so far.
â€œWeâ€™ve had more inbound interest than we can actually handle,â€ he told VentureBeat. â€œOur job at Cado now is to make sure we can scale in a feasible way to meet the demand.â€
Over the next six months, Cado Security plans to hire steadily and expand to 50 employees, Campbell said. He declined to share the companyâ€™s current headcount.
Campbell, who previously led PricewaterhouseCoopersâ€™ cyber response service and Australiaâ€™s national Australian Signals Directorate as associate director, cofounded Cado with Chris Doman, who previously built the ThreatCrowd threat intelligence portal and serves as the startupâ€™s chief technology officer.
Along with AWS and Azure, Cadoâ€™s platform can also be used with containers and with data from on-premises environments.
Earlier this month, Cado announced a partnership with SentinelOne, a fast-growing vendor offering AI-powered security for endpoints and cloud workloads that went public in June. Other milestones this year for Cado include a $10 million series A round led by Blossom Capital in April, bringing the companyâ€™s total funding to $11.5 million to date.
The cloud security challenge
In the new Enterprise Strategy Group survey, respondents cited as major issues a lack of data and context to conduct the investigations of cloud environments, as well as the lengthy time needed to collect and process data. Ultimately, 35% of security alerts for cloud environments go uninvestigated, according to the survey.
But with Cado, â€œthe ability to ingest the event information â€” the forensics residue from all the relevant sources â€” and then harmonize that can really expedite that time between detection and investigation,â€ Cahill said. â€œSo you can start to eliminate some of the bad downstream outcomes.â€
Cadoâ€™s platform provides these capabilities by automating many of the processes involved with cloud forensics, Campbell said. The platform automatically captures data, rapidly processes the data, and enables customers to understand what it means using analytics powered by machine learning, the company says.
â€œWeâ€™re bringing in automation and taking the complexity out of the cloud-to the point where all you have to do is click a button, and you have your data. Itâ€™s easy as that. And thatâ€™s how we should be using the cloud. We should make it easy,â€ Campbell said. â€œAnd itâ€™s the only way weâ€™re going to keep pace with the change thatâ€™s happening. Attackers are moving to the cloud because everybody is shifting their data and their workload resources to the cloud. And we need to do something about it.â€
The Cado platform is well-suited for customers in any industry with a cloud environment, especially for companies that are highly dependent on the cloud, he said.Â The platform also helps to address the shortage of workers and skills in cybersecurity, Campbell said.
â€œNow, the IT guy or the security guy is not only having to be an on-premises expert â€” now youâ€™re asking them to be an AWS expert and an Azure expert,â€ he said. â€œThe idea is to take out the requirement that they need to be an AWS expert or an Azure expert. We give them something they can use in a very familiar way, to do an investigation quickly, mostly through automation.â€