Artificial Intelligence & Machine Learning
,
Fraud Management & Cybercrime
,
Next-Generation Technologies & Secure Development
Series A Investment Expands AI-Driven Cybersecurity and Threat Deflection
A ransomware defense company led by the former CEO of Shape Security raised $50 million to build out automated ransomware defenses that work in milliseconds.
See Also: A Modern Approach to Data Security
Mimic said the Series A funding round will help the Silicon Valley-based vendor grow its engineering team, enhance automation for securing legacy applications and scale globally, according to CEO Derek Smith. He said the company is focused on technical innovations in kernel-level security, automating protection configurations, and protecting commercial and proprietary applications.
“It’s a very technically complicated solution to the problem, and so we needed the horsepower to be able to attract the very best, most elite engineers and software developers to execute our vision, and we needed the ability to get the best go-to-market team around the world to scale quickly,” Smith told Information Security Media Group.
Why Traditional Ransomware Defenses No Longer Cut It
Mimic, founded in 2023, employs 71 people and has raised $77 million in two rounds of outside funding, with the company emerging from stealth in May 2024 with a $27 million funding round led by Ballistic Ventures. The company has been led since May 2024 by Smith, who headed online fraud and abuse prevention platform Shape Security for nine years before selling it to F5 for $1 billion in January 2020 (see: F5 Lays Off 623 Staffers as Customers Postpone New Purchases).
The increasing profitability of ransomware has caused a shift in cybercriminal behavior, with attackers moving away from other forms of cybercrime, given how many organizations continue to pay ransoms, Smith said. The speed of ransomware – where data encryption or exfiltration happens in less than 90 seconds – demands a new approach to cybersecurity that focuses on prevention, not just detection.
“The more companies that pay the ransom, the more threat actors flood into the space, and it’s becoming the number one problem that most CISOs deal with,” Smith said.
Smith said Mimic’s core innovation is real-time ransomware deflection at the kernel level, meaning that unlike EDR solutions that analyze threats after they’ve occurred, Mimic stops ransomware before it can encrypt or steal data. There’s no time for human intervention or SOC involvement since ransomware executes in seconds, which Mimic’s kernel-level solution addresses by running locally on the system.
“From the beginning of them starting – to the point at which your data is encrypted or exfiltrated or both – is 90 seconds or less,” Smith said. “So, there isn’t time for a human to be involved. There’s not time for a SOC to be involved. That means that you have to be able to find and deflect the attack extremely quickly, and that’s the core innovation that we bring to the market.”
How Mimic Plans to Put the Series A Funding to Work
Mimic’s investors were carefully selected based on deep industry experience and alignment with its vision, with Google Ventures being a natural fit because Mimic already integrates Google technology into its backend and has worked closely with Google’s security ecosystem. On the other hand, Menlo Ventures was chosen due to its strong expertise in product strategy and go-to-market operations.
“We have a long history of successfully working with Google Ventures in the past, so they were the partner of choice for us,” Smith said.
Mimic plans to hire kernel engineers to improve its technology and develop automation for protecting proprietary and legacy applications, said Chief Product Officer Bob Blakey. Legacy apps are harder to secure because they vary significantly from customer to customer, requiring advanced automation to adapt protection. Mimic wants to generate protection rules based off the app’s normal behavior.
“In order to create the configuration of our protection, which applies specifically to each of those applications, we either have to do manual work, which is not the right way to do it, or we have to build sophisticated automation that can analyze those applications and can build custom profiles to protect each one of them,” Blakey told ISMG.
Mimic plans to grow its footprint outside North America from just 25% today to more than 50% in the next few years by partnering with MSSPs who have already established relationships with enterprises in Europe, Latin America and Asia. Smith said Mimic is investing in localizing its security platform to support regional languages and compliance standards.
“The most important investment is localization,” Smith said. “So, in a lot of these geographies, we’re adapting our user interface and user experience to local languages so that our local security partners can utilize them.”