Get in the KNOW
on LA Startups & TechX
What do education startups, maternal care platforms and Minecraft servers have in common? They’re all susceptible to hacking.
Also, businesses in each industry use software created by Manhattan Beach-based Inspectiv, which announced Thursday that it’s raised an $8.6 million Series A round to continue developing its artificial intelligence that detects and wipes out security threats.
The new funds bring the total Inspectiv has raised to $16.6 million since its 2018 launch. Founder and chairman Joseph Melika told dot.LA the company’s recent growth has largely been steered by the pandemic as companies put a higher value on data security.
The heightened need for better security, according to Melika, is due to recent changes in how people work. “Just people, frankly, getting distracted,” he said, has made some businesses more vulnerable to hackers.
“They’re working remotely, their laptops are from home [with] no firewall,” he said, adding that has left a lot of systems potentially exposed to hacks.
Inspectiv’s risk management platform runs autonomously 24/7 and is constantly scanning for threats, Melika said. The software isn’t just run on A.I., it's also combined with a network of security researchers. Melika said part of Inspectiv’s intelligence comes from the input of thousands of researchers.
Once it finds a threat, the software alerts Inspectiv, whose vulnerability spot-checkers verify it and identify it to the client. Then, Inspectiv scans its other clients for the same threat, or similar invasions that could be lurking. There’s also the potential for the software to review backup files, in case a company wants to make sure no older resolved threats spring back to life.
Melika pointed out several current Inspectiv clients using its software are local, including GoGuardian, maternal care company Mahmee and Minehut, a platform for people to host custom “Minecraft” servers.
The funding round was led by StepStone Group, among a suite of existing Inspectiv investors including Westwood-based Fika Ventures, San Francisco’s Freestyle Capital and Santa Monica-based Mucker Capital.
CEO Ryan Disraeli (left) and Founder and Chairman Joseph Melika (right) Courtesy of Inspectiv
Inspectiv also announced a leadership transition this week alongside several new hires – former CEO and co-founder of fraud prevention service Telesign Ryan Disraeli will take the reins as CEO of Inspectiv, while Melika will remain on board as the company’s board chairman.
“Inspectiv is really helping secure the internet, and that was something that personally I could get passionate about,” Disraeli said. “To be able to work with a team of people that we brought in that also has that security background, but also experience scaling up organizations was a pretty exciting opportunity.”
The company also hired Karen Nguyen as chief revenue officer, Ray Espinoza as chief information security officer and Ross Hendrickson to be vice president of engineering. Disraeli said the Inspectiv team is currently 22 people but the company is “adding aggressively to that number” by expanding its product development team.
Disraeli wouldn’t disclose revenues but told dot.LA he’s confident he can grow Inspectiv quickly.
“There's a lot of companies raising money that don't have customers and don't have real growth,” Disraeli said. “This is a company that has real customers that are growing and growing with us.”
- Santa Barbara Cybersecurity Startups Raise Millions - dot.LA ›
- NVISIONx Cybersecurity Startup Raised $4.6M in Seed Funding ... ›
- Orca Security Lands $230M as it Looks to Grow in Los Angeles - dot ... ›
- Obsidian Cybersecurity Startup Raises $90 Million - dot.LA ›
- Cyversity, TikTok Partner on Minority Cybersecurity Program - dot.LA ›
- Mahmee Welcomes New VP, NINJIO Stacks Exec Team - dot.LA ›
'Our Customer Is Not the Police Department': Ring’s CTO Pushes Back On Privacy Concerns
It's been a busy year for Ring, the home security giant best known for its video doorbells. In January, Ring rolled out the Ring Video Doorbell Wired, its smallest and least expensive doorbell yet. The Santa Monica-based company also unveiled an end-to-end encryption feature that adds an additional layer of protection to videos captured by a user's device. And Ring is now working on additional features, including a pet tracking system and a roving camera that can be remotely activated by customers to investigate disturbances.
But as Ring expands its user base, it is also drawing increased scrutiny from privacy and social justice advocates who are concerned about the Amazon-owned subsidiary's partnerships with law enforcement agencies and reports of racial profiling by users of Ring's Neighbors app.
Ring Chief Technology Officer Josh Roth spoke to dot.la about Ring's product development process and how his company approaches privacy and neighborhood safety.
Since the Amazon acquisition, Ring has developed some integrations with the Alexa system and other Amazon products. Are there ways this relationship may become even closer in the future?
Ring Chief Technology Officer Josh Roth
At the end of the day it comes down to what we call a "better together" story. From our side, we can create better solutions and systems that aggregate devices in your home and give you a better way of leveraging those devices together—whether that's interactions between an alarm system and a light, or your Alexa acting as a sensor for other things. There's a tremendous amount of work to continue to iterate and improve on that. No doubt about it, there will be future integrations that continue to enhance that experience.
How much do you see Ring as a smart home company vs. a home security company? Are there ways you might use the tech stack you've developed in ways that move away from the home security focus you've had thus far?
Our mission is to make neighborhoods safer. I don't see that mission changing. We are a safety and security company. With that being said, things you may not think of as safety and security at the end of the day can become part of a safety and security system. An example of that would be anything that can give awareness about the state of a home. Your thermostat has home and away modes so that it can turn itself hotter or cooler depending on whether someone is at home. If you can integrate that into an IoT system to leverage that awareness and tie it to your alarm system, there's tremendous benefit for your safety and security. There's not always this cut-and-dry IoT space and safety and security space. The reality is that if you do things correctly, they actually merge into one.
And of course as more of these functions become automated, there's going to be growing concern about security. There have been some horror stories about hackers being able to spy on families through their Ring systems. How are you alleviating concerns that someone might gain access to a customer's footage?
Privacy and security are really foundational to everything we build. We start with a security and privacy-first mindset and then we try to introduce those features to our customers, and we try to do it in the quickest fashion possible. If you take a look back historically, Ring was the first in the safety and security space to require two-step verification; we were the first to introduce end-to-end encryption. Ring has never been breached, but we put things in place constantly to improve on security. Where we have to, we put in tighter controls. But when we do it, we make it extremely transparent to the customer. From my perspective, security is of the utmost importance, and I think everyone at Ring and Amazon would tell you the same thing.
You rolled out the end-to-end encryption feature earlier this year, but it's turned off by default. Why make it an opt-in setting rather than an opt-out?
End-to-end encryption implies that there's a key that can only be used by a very specific system or user. It requires us to actually turn off some features that our users actually like to have, because those keys can't be shared in all situations. For example, with the iteration of end-to-end encryption out there today you can't have a shared user. The reason for that is key management and how you would actually hand those keys off that shared user for a temporary or permanent amount of time, and which videos you would give access to. We opted to give something that was the most stringent control we could at launch, and to give the users asking for that the ability to turn it on—with the intent of iterating over time and adding more features like shared users.
There's a handful of items like that. Another use case would be a third-party integration. If you use Alexa, for example, to do video recall or to see who's at the front door, they don't have the keys because we don't have a method to pass the keys from a user's phone to Alexa devices. It would break our user promise around encryption and privacy. We really wanted to focus on the beginning experience of end-to-end encryption being as tight as we could, and then adding to it over time based on customer feedback.
How do you balance privacy concerns with the desire to give customers access to new features?
The baseline default experience that a user gets is the highest level of security that can be provided, and we constantly iterate and improve on that. I look at end-to-end encryption as an advanced security feature. I use the analogy of a hotel room. You have the top lock and you lock the door and you put the sign on the door. You may find you don't necessarily need all that, but it gives you peace of mind. So we want to offer that to our users. But the default standard encryption we provide still provides encryption in transit and encryption at rest. And we always examine it to see if we can improve on that. There is a tradeoff between end-to-end encryption and some of the features we know our users like. But I can tell you as a promise from Ring: We will always push toward providing more security and more options for our users with increased transparency. Any time we add something new they are going to have awareness of it. Any time we give them something around security, we're going to give them a choice to enable those items or not.
You mentioned that Ring's goal is to make neighborhoods safer. Is there an evaluation process as you add features to ensure that you are meeting this goal?
We believe in the power of the community and the power of the neighborhood. We also believe in the privacy of the neighborhood. In addition to privacy shutters on our cameras, we also have privacy zones. When you set up a motion zone, you can block out certain areas to respect the privacy of your neighbors if you choose to do so. Again, it's all put in the hands of customers for customer choice.
We also work with public safety agencies. We've been a great resource for COVID-19 information. We work with local fire and police departments. What that means is they have the ability to request videos (through the Neighbors app). They provide requests in a public way so that everyone is completely aware and it's transparent to the entire community what's being asked of them.
Those partnerships with law enforcement have been controversial. Are there ways you approach product development to ensure devices aren't being used as tools for mass surveillance?
Everything we do is customer first. Our customers are the neighbors who live in those neighborhoods. Our customer is not the police department. It's not the fire department. Our customer is the user who has a home, who's putting a Ring doorbell on their house. We start with that premise, and we build everything around that from a privacy and security perspective. Any time that there's anything involving a public safety agency, users have a choice and it's entirely up to them when and if they share information, when and if they share videos, when and if they work with those agencies. We've seen nothing but positive things come out of that. Kidnappings have been solved because of people working with neighborhood agencies. Neighbor advocates are helping track down things like package theft. We're big believers in people working together. We're big believers in customer choice.
Is there a limit to customer choice? Ring has said in the past it won't use facial recognition technology. What if customers want it? And are there other features that may be off the table?
It's a hard question to answer because I can't predict the future of what I haven't built yet. What I can tell you is we don't use facial recognition on any of our devices or services and we will never sell facial recognition technology to law enforcement. Privacy is so important to us. Anything we build will include these strong privacy protections for our neighbors.
We go through privacy reviews, legal reviews, customer reviews, and internal discussions. We make decisions as to whether we think the items we want to build meet the mission to make neighborhoods safer. Is it in the customer's best interest? Is it providing additional privacy, security, and transparency to the customer? If we can say yes to all of those things, I think we are able to build them. If we have question marks, we don't build them.
This interview has been edited for length and clarity.
- OpenX Pays $2 Million for Collecting Children's Data - dot.LA ›
- Amazon's Ring Camera Provides Footage to Law Enforcement - dot.LA ›
- Amazon-Owned MGM is Making a TV Show Out of Ring Camera Footage - dot.LA ›
- Compare Smart Doorbell Cameras | Smart Home Security | Ring ›
- FBI worried that Ring doorbells are spying on police - BBC News ›
- Police now will have to make a public request for Ring doorbell ... ›
- Ring's police problem didn't go away. It just got more transparent ... ›
- How to stop police from asking for videos from Ring doorbells ›
- Ring, the doorbell-camera firm, has partnered with 400 police forces ... ›
- Video Doorbells | Smart Doorbell Cameras to Monitor Your Door | Ring ›
Orca Security Ltd., an Israeli-based cloud security startup with U.S. headquarters in Los Angeles, has closed a $210 million Series C round and has plans to expand locally as it takes on competitors.
"This cash infusion makes Orca one of the world's fastest cybersecurity companies to reach unicorn status," said Shua, referring to privately held startups valued at over $1 billion. He said Orca plans to become a publicly traded company at some point. "We are not looking to get acquired."
Orca Security has assembled a who's who list of clients. It includes online stock trader Robinhood, New York-based insurer Lemonade, San Francisco-based data analytics firm Databricks and North Carolina-based digital bank Live Oak Bank.
It provides cloud security through its patent-pending "SideScanning" technology. The technology plugs up potential vulnerabilities from cyber threats and replaces them by combining everything into a single platform.
The round was led by Mountain View-based CapitalG, Google's independent growth fund and Menlo-based Redpoint Ventures, said co-founder and CEO Avi Shua, in an interview.
The company competes against cloud security heavyweights such as Qualys Inc., Rapid7 Inc. and Tenable Inc.
But their biggest rival is Santa Clara-based Palo Alto Networks Inc., which has been in a public spat with Orca. Shua said his company is not backing down.
Over the next year, Orca Security plans to "rapidly grow its headcount" in L.A. by hiring more marketing personnel and engineers, as well as beef up its research and development operation in Tel Aviv, Shua said. It also plans to form sales offices in the United Kingdom and Australia.
The company has plans to move into a brick-and-mortar spot in L.A. once pandemic restrictions are lifted.
"It is a prime location," Shua said. "The future for us is hybrid."
Other participants in this latest round include previous investors such as San Francisco-based ICONIQ Capital, Menlo Park-based GGV Capital and San Francisco-based SVCI, or Silicon Valley CISO Investments, an angel investing syndicate geared to chief information security officers.
Founded in December 2019, Orca Security raised $55 million in Series B funding three months ago, and $20 million in a Series A round in May – giving the technology company a market valuation of $1.2 billion, said Shua in the interview.