top of page
Untitled design (1).png
GTM Research Logo (6).png

SpyderBat

Enterprise Applicablity
HEADQUARTERS
FOUNDED
FUNDING

Austin, TX

$14.2M Series A

2019

FOUNDERS

Brian Smith, CTO & Co-Founder

Marc Willebeek-LeMair, CEO & Co-Founder


EMPLOYEES

24

PRIVATE | PUBLIC

Private

COTS

COTS | OSS
USE CASES

Container Runtime Security

GTM Insights

GTM Domain Insights


Understanding context is often time-consuming when running alerts to ground for a security organization.


Of the folks in this space, here are some notables:


  • Spyderbat - Differentiation



Spyderbat continuously records ALL runtime context in an environment (from Kernel to Cloud) while providing causal linkage (recording both good & bad events alike). Alerts can then be traced along the resultant causal chain that's created. Normal behaviors can then be safely ignored, allowing practitioners to focus on more toxic combinations ONLY (i.e., Alerts-to-Traces).


Practitioners can then group behaviors for another order of magnitude reduction in alerts.


To do this, Spyderbat has developed the following algorithms:


  1. Guardian - Records context to determine and visualize aggregate event significance in the environment. Guardian is the backbone that surfaces risk while addressing drift by comparing running applications against prior versions

  2. Flashback - Replays the sequence of activities within/across containers at the earliest warning signs of trouble

  3. Scout - Maps to Mitre Attack Matrix and Kubernetes Threat Matrix and identifies attacks based on suspicious behaviors.

  4. Interceptor - Acts as automatic guardrails to protect known-good processes, extracts attackers, and rolls back misconfigurations.


Collectively this delivers on the value chain from causality through enforcement.


bottom of page