Maintaining network security is hard to do when you face a barrage of unnecessary alerts. That’s what MixMode CEO John Keister found out when he began asking prospective clients about their biggest pain points in security.
Keister joined MixMode, formerly known as PacketSled, in 2017. The company makes network security monitoring software, and has 15 employees between its offices in San Diego and Santa Barbara. A tech entrepreneur, Keister had founded two companies in analytics and advertising before taking the helm of MixMode.
He spent his first six months at the company talking to clients about their problems with false positives in security alerts.
“Over and over again, we kept getting the same answer: ‘We’re flooded with alerts from every security product we buy. We can’t keep up with them, and we also can’t hire fast enough,’” Keister said.
The problem is so bad, he said, that one Fortune 1000 company said it was getting half a million alerts per month, from just one of their security products. Generally, most companies have about six platforms in their security stack, making for hundreds of alerts per day.
“If you look at companies with 500 people or above, they average having 10 people full-time tracking down false positive alerts,” Keister said. “Next year, the estimated number of cybersecurity job openings is 3 million. There are just not enough people to go do this.”
To figure out how to solve this problem, he called Igor Mezic, a professor of mechanical engineering at UC Santa Barbara. Mezic had some experience working on context-aware AI for the Defense Advanced Research Projects Agency, and wondered if it could be applied to the false positives problem MixMode was trying to tackle. He joined as the company’s chief technology officer and chief scientist last year.
‘Very Difficult Math Problem’
“I’ve spent all of my life developing algorithms one way or another,” Mezic said. “(Our system) takes in all the data that it can get its hands on and aggregates it to provide a decision on whether something is a false positive or not.”
It takes into account the time of day data is sent, whose laptop it is sent from, and regular patterns in data exchange. For example, if a company sends a large file every Wednesday, it doesn’t need to be treated as a potential threat.
“Now we have multiple patents that we’ve filed against this,” Keister said. “That is why most other companies have not been able to solve this alert problem; it’s a very difficult math problem. We’re grateful Igor has been working on this for 20 years.”
$11.5 Million to Date
MixMode has raised $11.5 million in capital to date, including a $3.5 million Series A round it closed in October 2017. According to filings with the U.S. Securities and Exchange Commission, the company has raised an additional $1.83 million.
Keister did not disclose the names of the company’s most recent stakeholders, saying the company was “at the outset of raising a round of funding,” and was still in discussions with investors.
“Our overarching goal over the next few years is to scale and make sure our platform can handle many multiples of the size of customers that we work with today,” he said. “We believe we’ve architected the platform to do that. It’s a good place to be.”
Fast Facts About MixMode (formerly PacketSled):
CEO: John Keister
Amount of funding raised to date: $11.5 million
No. of employees: 15
Investors: Keshif Ventures
Headquarters: Sorrento Valley
Year founded: 2012
Company description: MixMode develops a network monitoring platform to help companies respond to security incidents and reduce false positive alerts.