Announcing Our Investment in Tracebit's $5M Seed Round.
A year since our first meeting, we’re delighted to announce Tapestry VC’s investment in Tracebit’s $5M Seed round alongside Accel and industry luminaries like Mandy Andress (CISO, Elastic), Josh Yavor (CISO, Tessian) and Guy Podjarny (Founder, Snyk).
Tracebit has now deployed close to 2,000 canaries across hundreds of production accounts including those of Riot Games, Docker and Synthesia. A few basis points closer to “100%”.
Read the announcement from Andy at Tracebit here and take a glimpse into their research here.
Congratulations Andy, Sam and the Tracebit team!
Why canaries & what are they? There was once a time when security teams could plausibly focus solely on “prevention” (e.g. stop that employee from clicking that phishing email). However:
Canaries flip this problem on its head by “assuming breach”. Instead of preventing and/or hunting for the one in a million event that “shouldn’t happen” they instead, create a resource that shouldn’t be interacted with.
Because this resource is wholly created and owned by the person looking to do the detection, they can fully reason about what interactions with it are acceptable and significantly reduce the possibility of misleading false positives creeping in. Same same, but different.
Why now? When we first studied canaries and other deception technologies two years ago we noticed something that piques our interest at Tapestry — dogma. During this time, we were hastily told that “canaries are only for the top 1%” or, a personal favourite, “Atlassian can scale a deception program, but you can’t”.
The convenient thing about dogma is that it can break down rather quickly if you just ask “why” a few times. Answers included: alert imprecision, cumbersome maintenance, untenable costs, et cetera. All seemingly fair points.
However, during our explorations, a duo of founders (who previously helped take Tessian from seed to exit) noted that these points are somewhat moot when applied to modern cloud environments. They believed that canaries could go from the top 1% to 100%.
The team has since jotted down why the modern cloud is a fundamental unlock:
Rarely in cybersecurity do you find a category with so much “space” (thank you, dogma). This admittedly made us apprehensive, but fortunately, we had no shortage of material to keep us busy: Andy has been writing about canaries since 2010, deception jobs were cropping up and “sludge for good” was making the rounds in various forums.
Our intrigue grew into conviction as we spent the year getting to know Andy, Sam and Tracebit. Security Engineers raved about their chats with Tracebit; new product pillars (like canary infra) were rolled out at a rapid clip; and Sam’s research hit the top spot on Hacker News.
This was clearly a product for security engineers, built by security engineers. We couldn’t think of a better pairing and team to bring canaries to “the rest of us”.
Thank you once again Andy & Sam for having us at Tapestry VC on this journey with you.
