More devices are coming onto the Internet every single day, and that’s especially true within organizations that have a fleet of devices with access to sensitive data — which means there are even more holes for potential security breaches.
That’s the goal of Kolide. The aim is to ensure that companies have access to tools that give them the ability to get a thorough analysis of every bit of data they have — and where they have it. The Kolide Cloud, its initial major rollout for Mac and Linux devices, turns an entire fleet of apps and devices into what’s basically a table that anyone can query to get an up-to-date look at what’s happening within their business. Kolide looks to provide a robust set of tools that help analyze that data. By doing that, companies may have a better shot at detecting security breaches that might come from even mundane miscalculations or employees being careless about the security of that data. The company said today it has raised $8 million in new venture financing in a round led by Matrix Partners.
“It’s not just an independent event,” Kolide CEO Jason Meller said. “The way I think about it, if you look at any organization, there’s a pathway to a massive security incident, and the pathway is rather innocuous. Let’s say I’m a developer that works at one of these organizations and I need to fix a bug, and pull the production database. Now I have a laptop with this data on this, and I did this and didn’t realize my disk wasn’t encrypted. I went from these innocuous activities to something existentially concerning which could have been prevented if you knew which devices weren’t encrypted and had customer data. A lot of organizations are focused on these very rare events, but the reality is the risk that they face is mishandling of customer data or sensitive information and not thinking about the basics.”
Kolide is built on top of Osquery, a toolkit that allows organizations to essentially view all their devices or operations as if it were a single database. That means that companies can query all of these incidents or any changes in the way employees use data or the way that data is structured. You could run a simple select query for, say, apps and see what is installed where. It allows for a level of granularity that could help drill down into those little innocuous incidents Meller talks about, but all that still needs some simpler approach or interface for larger companies that are frantically trying to handle edge cases but may be overlooking the basics.
Like other companies looking to build a business on top of open source technology, the company looks to offer ways to calibrate those tools for a company’s niche needs that they necessarily don’t actively cover. The argument here is that by basing the company and tools on open source software, they’ll be able to lean on that community to rapidly adapt to a changing environment when it comes to security, and that will allow them to be more agile and have a better sales pitch to larger companies.
There’s going to be a lot of competition in terms of application monitoring and management, especially as companies adopt more and more devices in order to handle their operations. That opens up more and more holes for potential breaches, and in the end, Kolide hopes to create a more granular bird’s-eye view of what’s happening rather than just creating a flagging system without actually explaining what’s happening. There are some startups attacking device management tools, like Fleetsmith does for Apple devices (which raised $7.7 million), and to be sure provisioning and management is one part of the equation. But Kolide hopes to provide a strong toolkit that eventually creates a powerful monitoring system for organizations as they get bigger and bigger.
“We believe data collection is an absolute commodity,” Meller said. “That’s a fundamentally different approach, they believe the actual collection tools are proprietary. We feel this is a solved problem. Our goal isn’t to take info and regurgitate it in a fancy user interface. We believe we should be paid based on the insights and help manage their fleet better. We can tell the whole industry is swinging this way due to the traction OSQuery had. It’s not a new trend, it’s really the end point as a result of companies that have suffered from this black box situation.”