Elisity, a cybersecurity startup, today announced that it raised $26 million in a funding round led by Two Bear Capital and AllegisCyber Capital. CEO James Winebrenner says that the capital will be put toward scaling Elisity’s operations as it accelerates R&D and customer acquisition.

According to a recent study published by the University of Maryland, hackers attack every 39 seconds, or about 2,244 times a day. The average time to identify a breach in 2019 was 206 days, at which point the cost could be in excess of $3.92 million. Kaspersky Lab reported a threefold year-over-year increase in smart gadget hacks in the first half of 2018, with one malware variant managing to infect 57,000 wireless security cameras.

Elisity, whose founding team includes Cisco, Qualys, and Viptela veterans, offers a product suite that’s designed to secure data while ensuring access. It combines the paradigm of zero trust access, meaning no user is trusted by default from inside or outside the network, and a software-defined perimeter to authorize users, devices, and apps based on policies before they can communicate with critical resources. Access is monitored by AI algorithms that track, monitor, and analyze flows and user behavior to make recommendations and discover all of an organization’s assets to build an encrypted mesh overlay between a cloud services panel and network probes.

Elisity was started in 2018 by Burjiz Pithawala, Sundher Narayan, and Srinivas Sardar, all of whom previously held leadership roles in product development and architecture at Cisco. The executive team is headed by Winebrenner, who led the go-to-market strategy for Viptela from pre-launch through to the sale to Cisco in 2017.

Zero trust

According to Gartner, zero trust network access augments traditional VPN technologies for application access, removing the excessive trust once required to allow employees and partners to collaborate. The approach abstracts and centralizes the access mechanisms, so that the security engineers and staff can be responsible for them.

The global zero trust security market is expected to reach $54.6 billion by 2026, rising at a compound annual growth rate of 18.8%. Gartner posits that this reflects the technology’s potential: More resilient environments with improved flexibility and better monitoring appeal to organizations looking for more flexible — and responsive — ways to connect and collaborate with their digital business ecosystems, remote workers, and partners.

With Elisity, devices can connect to a software-defined, app-centric virtual network that runs atop existing transport networks only if they’re configured with a policy. The mesh decouples app access from underlying network access, assuming the network is untrustworthy. Similar to a traditional virtual private network (VPN), services brought within the Elisity environment aren’t visible on the internet and are thus mostly shielded from attackers. Organizations can connect and secure access in campus, branch, and remote offices to apps in the cloud, multicloud, and datacenter environments.

“Elisity’s AI-powered … platform fuses identity and behavioral intelligence to continuously assess risk and instantly optimize access, connectivity, and protection policies that follow … devices, applications and people wherever they go,” Winebrenner told VentureBeat via email. “By integrating asset management, connectivity, and security, Elisity helps enterprise-class organizations across industries including financial services, health care, and manufacturing break through today’s siloed enterprise networking-and-security group challenges.”

Winebrenner says the mesh isn’t just a VPN replacement, but rather a platform that helps companies transition to zero trust across their digital footprint. Elisity provides real-time information on who’s accessing resources and from where, allowing admins to segment environments based on traffic flow and machine identity. It also lets them manage a unified access policy and support the requirements of remote access in a secure way, migrating workloads across clouds or within a VPN in a cloud.

Winebrenner claims that 31-employee Elisity allows enterprises in industries such as manufacturing, pharmaceuticals, financial services, and health care to realize cost savings, time savings, and risk mitigation because they no longer have to rely on disparate software to protect access. He says the platform reduces the total number of tools required to manage access — without taking such access for granted.

“Distributed enterprises need agile security for their remote workforce. But converged cloud security approaches don’t take into consideration the unmanaged or managed devices employees are using, often without any visibility from IT or security. The industry most go beyond edge security, it must go beyond … identity and access management,” Winebrenner added. “The better approach is the integration of all these things into security that gets closest to the asset or user and understands the context of behavioral changes.”

Milpitas, California-based Elisity’s latest funding round brings the company’s total raised to over $33 million to date.