Arik Hesseldahl

Recent Posts by Arik Hesseldahl

Why Was Marc Andreessen Smiling at D9? Ask SilverTail Systems.

Last week, while on the stage at D9, Marc Andreessen, partner in the venture capital firm Andreessen Horowitz, was asked about his interest in investing in security. He grinned. Let’s go to the original post:

Marc Andreessen: We love security, we’re all excited about security: It’s government, it’s businesses, it’s organized crime. It’s a phenomenal commercial opportunity.

Kara Swisher : What would you invest in?

Andreessen: That’s why I was smiling inappropriately. The threats keep morphing.

Walt Mossberg: Which companies would that be?

Andreessen: We have some interesting undisclosed investments, and I’m on the hunt.

Well, now we know why he was smiling. Today Andreessen Horowitz announced that it is leading a $20 million Series B funding round in SilverTail Systems, a Web security company. Additionally, Scott Weiss, the co-founder of IronPort, now part of Cisco Systems, who joined AH as a general partner in March, is joining SilverTail’s board of directors.

So what does SilverTail do? Banks and insurance companies and Web commerce companies use it to track traffic to their sites in real time and to distinguish good traffic generated by normal customers from bad traffic generated by criminals probably trying to do naughty things that more often than not tend to break the law.

How does it do that? CEO Timothy Eades told me that the company has developed a way of performing predictive analytics on live Web traffic at a massive scale. “When the market opens, we can look at hundreds of thousands of clicks a second and tell the criminals from the good guys,” he said. Among the ways to tell good guys from the bad are the speed with which they move from one page within a site to another, and the kinds of data they look for. “Depending on how they move around we can determine their intent,” he says. When it sees traffic that’s outside the norm, it flags it. Given the known patterns, there are almost never any false positives, he says.

There aren’t many companies who have publicly disclosed that they’re using it, but one is ING Group, the big Dutch bank. Today the firm monitors more than 750 million users and more than 1.8 billion web sessions per year through online banks in Europe, the Middle East and the U.S., online payment providers, e-commerce players, and government sites.

And among its investors is In-Q-Tel, the venture capital firm of the U.S. Central Intelligence Agency. What’s having an investment from In-Q-Tel like? Pretty much like an investment from any other firm, Eades says, except that this one has an in with government agencies that do a lot of secret stuff. Other prior investors are Leapfrog Ventures, Atlanta’s Seraph Group, and Startup Capital Ventures.

I also talked with AH partner Scott Weiss. He said an investment in Silvertail is a little “counterintuitive” for the firm. “Most security companies end up being tuck-in acquisitions for Cisco Systems, or Symantec or McAfee,” he says. “Silvertail is right in our sweet spot,” he says, playing in a market where the winner could take all.

There isn’t a day that goes by that you don’t hear about some organization or another coping with an attack of some kind by hackers. (You’re telling me!). Right now the standard way of dealing with all the incoming attacks is to run intrusion detection software, which Weiss says amounts to little more than a car alarm that tells you something bad is going on. Once you know that, you capture all the packets from the attack traffic and try to figure out what if anything was stolen. It’s slow and unsatisfying.

Silvertail’s team is made up of veterans from eBay and PayPal. “I can’t think of a pair of sites that are attacked more often,” Weiss said. Watching those attacks taught them a thing or two about what to look for in detecting an attack that’s underway.

Weiss said that during the due diligence process he noticed something you almost never see in the security business. “The people we talked to were willing to talk about this,” he says. “You almost never see that with security companies. CIOs don’t like to talk about what they’re using unless it really makes their eyes pop out. They wanted to talk about this.”

Latest Video

View all videos »

Search »

I think the NSA has a job to do and we need the NSA. But as (physicist) Robert Oppenheimer said, “When you see something that is technically sweet, you go ahead and do it and argue about what to do about it only after you’ve had your technical success. That is the way it was with the atomic bomb.”

— Phil Zimmerman, PGP inventor and Silent Circle co-founder, in an interview with Om Malik