The Todyl Blog

The latest insights on the Todyl Security Platform, security and networking best practices, success stories, and life at Todyl.

Exciting Updates at Todyl: Series A Funding, Overhauled SIEM, Integrated Endpoint Security, Holistic MXDR Service, and New Website

John Nellen
Posted by John Nellen on Mar 17, 2022 6:00:00 AM

We’re excited to share several significant updates, including our Series A funding, the launch of the Todyl Security Platform, and our new website.

Last week, Todyl closed a $28 million Series A investment round, led by Anthos Capital, with Tech Operators, Blu Ventures, and StoneMill Ventures increasing their existing investments. The funding supports Todyl's mission to empower businesses of any size with a complete, end-to-end security program.

I started Todyl in 2015 with a simple goal: bring enterprise security to businesses of all sizes. The pattern and problem were clear. To stay connected and protected, every organization needs enterprise capabilities, but the products were too complex, costly, and fragmented for most SMBs and mid-market companies.

Fast forward several years, and I am proud to say Todyl helps protect tens of thousands of businesses globally, ranging from solo law practices to mid-market companies with thousands of devices and hundreds of offices. Todyl grew over 300% in 2021, and we tripled the size of our team in 6 months. Our SASE module, the Secure Global Network (SGN) Cloud Platform, now sits in 29 Points of Presence, spanning the world from LA to Mumbai to Sydney. The SGN has access to over 1Tbps of bandwidth. Our SIEM processes over 1.3 billion events per day, and our LAN ZeroTrust module dynamically updates internal network traffic policies over 70 thousand times per hour.

We've only begun our journey, and we've never been more committed to our mission and partners. The partner relationships we've built fuel us, and I can only hope it's felt with every interaction.

Looking towards the future, I'm excited to launch the Todyl Security Platform. Building on top of our SASE, we've significantly extended the capabilities of the platform, empowering our partners with a unified approach to security that's customizable for every business and budget. Highlights of the platform include:

The Todyl Security Platform spans prevention, detection, and response by unifying SASE, Endpoint Security (EDR + NGAV), SIEM, MXDR, and GRC in a cloud-first, single-agent platform. Backed by the Todyl Security Platform, partners can deliver world-class security and networking to businesses of all sizes.

We designed the platform to be highly customizable, making it easy for partners to calibrate the services they deliver to their client’s needs and risk profiles. As a cloud-first, comprehensive solution, it provides the flexibility needed to connect and protect businesses as the modern workspace continues to evolve. Below, we detail some of the capabilities of our new modules.

Endpoint Security (EDR + NGAV)

The integrated Endpoint Security solution combines EDR and NGAV to stop attacks, accelerate detection, streamline threat hunting, and enable immediate response actions. It uses the same SGN Connect Agent as our other modules, making it easy to turn on cutting-edge prevention and detection for endpoints in a few clicks.

We partnered with Elastic Security, whose recent acquisition of Endgame—a pioneer and industry-recognized leader in endpoint protection, detection, and response—elevated their Endpoint Security to be on par with top Gartner Magic Quadrant Endpoint solutions.

Backed by advanced machine learning (ML) and behavior analytics, Endpoint Security continuously learns and adapts. The Endpoint Security module integrates with the SIEM, helping to power investigation, analysis, and response through a single pane of glass.

A key strength is Memory Threat Protection. Threat actors increasingly execute attacks in memory to evade many traditional anti-virus and anti-malware solutions. These attacks include fileless attacks that rely on process injection via shellcode. Our Endpoint Security stops many of these attacks from occurring and detects suspicious or unauthorized activities happening in memory.

Additional capabilities include:

    • Ransomware Protection—detects and stops known and unknown ransomware with advanced machine-based analytics and ransomware canaries
    • Malware Protection—detects and stops malicious attacks by using a machine learning model that looks for static attributes to determine if a file is malicious or benign
    • Malicious Behavior Protection—detects and stops system activities or behaviors associated with known and potential attack traits from a broad range of attack techniques
    • Machine Learning for Outlier Detection—identifies and alerts to changes that deviate from the baseline, including threshold-based and sequenced-based indicators

Security Information & Event Management (SIEM)

Over the last year, we rebuilt our SIEM from the ground up. SIEMv2 makes it easy to ingest from third-party data sources, including hardware appliances, Cloud Services, SaaS apps, on-premise systems, and more, providing a single pane of glass for comprehensive visibility across organizations’ environments. The powerful Detection & Analysis engine analyzes and correlates all ingested data, delivering actionable insights and real-time reporting.

We included dozens of pre-built reports and visualizations, broken out both by the Todyl module and ingested data source. This provides partners with highly targeted views for further investigation and analysis. Our Detection Engineering Team manages detection rules and threat hunting dashboards, which helps our partners find new vulnerabilities, Zero-Days, and exploits in their environment.

Integrated Case Management makes it easy to manage security incidents. Alerts linked to the same threat are aggregated into a single case, providing context-rich data in a single place. It provides the full picture of what happened and serves as a workspace for teams to investigate. The detection rules are mapped to the MITRE ATT&CK® Framework, providing a common framework to accelerate response. SIEM also provides interactive timelines and process trees to help our partners unravel the root cause faster.

When paired with Todyl’s GRC module, it’s easy to demonstrate controls, view what’s occurring in environments for ongoing assurance, and visualize compliance programs for the first time. Without any additional software, Todyl gathers evidence and automatically integrates the controls the platform includes. We have a growing list of one-click compliance reports, including PCI, HIPAA, CMMC, NIST 800-171, and many more. Together, these increase your ability to meet compliance requirements and understand what falls in scope.

Managed Extended Detection & Response (MXDR)

We designed our MXDR Service to overcome the gaps and shortcomings with typical managed detection & response (MDR). Concerns about detection coverage, logging ingestion challenges, wondering if threat hunting is actually happening, and never hearing from the account team are things of the past.

With Todyl's MXDR, each partner gets a dedicated Detection & Response Account Manager (DRAM) assigned to their account. They take a holistic approach focused on where data resides, what systems are used, and operational processes. In short, DRAMs understand their environments, customers, and ensure detection coverage, help increase visibility, provide prevention control recommendations, and help strengthen security posture.

DRAMs serve as a single point of contact and an advisor for our partners’ prevention, detection, and response strategy. They help map out an effective detection and visibility approach, assist with custom detections and reporting, deliver personalized prevention and configuration recommendations, and convey the specifics of their environment to our Security Operations Center (SOC).

DRAMs use their understanding to optimize what’s ingested and help to customize dashboards and detection rules to provide deep visibility into environments. They utilize the advanced security features built into the Todyl Security Platform to enhance prevention and detection. The Todyl Security Platform also delivers an array of rapid response options such as host isolation, LAN ZeroTrust, firewall updates, and more to shut down attacks in their tracks.

New Website

Our last update to share is the launch of the new Todyl.com. The website is in direct response to feedback from partners. We completely changed our messaging, focusing on the capabilities of the Todyl Security Platform. The style and design also received a complete overhaul.

If you have any questions or feedback on any of the above, please reach out to your Account Manager or contact us here.

Topics: Product Update, Company News, Networking and Security

Subscribe

Trending Posts