Stairwell Inception helps organizations get ahead of the most sophisticated attackers
Stairwell launched Inception, a platform for recursive threat hunting, detection, and response. Inception helps security practitioners decisively and quickly determine if they were compromised—now or in the past—by immediately surfacing threats that typically take months to detect.
Stairwells’s approach—inside-out security—caught the eye of leading investors, securing $20 million in Series A funding from Sequoia Capital, Accel, Allen & Company LLC. Accel partner Steve Loughlin and Sequoia partner Bill Coughran joined the company’s board of directors.
Stairwell’s inside-out approach to security starts by looking inward at a company’s data, generating an intelligent view of its environment, and enriching it with emerging threat intelligence to identify artifacts, patterns, and relationships that indicate nefarious activity.
By pre-preserving evidence in an organization’s environment, Inception removes the time-sensitive nature of detection, and can identify compromises faster by applying new learnings to the past, present and future states of an environment. Stairwell aims to empower security practitioners with an expressive query language that can be applied to threat hunting, detection, and incident response activities simultaneously.
According to IBM’s Cost of a Data Breach report 2021, the average time it took to identify and contain a breach was 287 days. The SolarWinds attack was a textbook example of the damage that slow detection and response can create. It is estimated that attackers gained unauthorized access to the Orion Platform 14 months before the breach was disclosed and downstream effects began to take place.
“We’re giving security teams the context and visibility they need so that they can take back the high ground; they don’t have to accept defeat as inevitable,” said Mike Wiacek, founder and CEO of Stairwell. “We’re building Stairwell to help companies outsmart attackers by detecting compromise faster, and in some cases identify novel activity or files that may not be dangerous now, but may become malicious in the future.”
“Stairwell has created a different approach to security that enables organizations to get ahead of the most sophisticated attackers,” said Sequoia’s Coughran. “The Inception platform automates what has traditionally made threat hunting hard, empowering teams with the tools to stop threats in their tracks. We’re excited to partner with Mike and see the impact the Stairwell team will have on the market and the industry overall.”
The team behind Stairwell is composed of security experts from the likes of Google and Mandiant. Founder and CEO Mike Wiaceck created one of the first threat intelligence teams, Google’s Threat Analysis Group, and co-founded Chronicle (now part of Google Cloud).
New executive team hires include Mike Wayne as Chief Revenue Officer, Paul Scott as Head of Product, and Steve Miller as Head of Threat Intelligence. Wayne was formerly head of North American security sales at Google Cloud. Before Stairwell, Scott was Director of Threat Research at Perch Security and directed intelligence and research at Alert Logic. Miller held research and data forensic positions at the U.S. Department of Homeland Security, FireEye, Anomali, and Mandiant.
“The Stairwell team is applying decades of experience working with massive datasets to security, and taking a bold step forward to solve the most serious security challenges that enterprises face on a daily basis,” said Accel’s Loughlin. “Mike and his leadership team have a strong track record of pushing the industry forward at critical moments in response to the needs of security professionals. They know what’s needed, because they were on the front lines while defending adversaries on behalf of the world’s most respected companies.”
More about Inception
Inception speeds compromise detection by empowering teams with recursive contextual threat analysis, detection, and response. Key benefits include:
Detects compromise across past, present, and future states: Inception treats all files as suspicious and pre-preserves them as evidence to speed up detection and uncover previously unknown compromises. By continuously evaluating the entirety of evidence in light of emerging insights, it unlocks time—detecting compromise across the past, present, and future states of an organization’s environment, and denying attackers the advantages on which they depend.
Produces contextual threat intelligence: With its inside-out approach, Inception uncovers what’s most important to an organization. The platform starts by analyzing an organization’s files to produce intelligence and then enriches it with external information to deliver actionable insights for intelligence and response teams.
Keeps organizations out of attackers’ reach: Inception helps organizations outsmart even the most sophisticated attackers with threat detection that is unique to each organization and imperceptible to attackers. It does this by giving organizations tailored defenses and intelligence that attackers can’t test against or reverse-engineer.