![]() | This article has multiple issues. Please help improve it or discuss these issues on the talk page . (Learn how and when to remove these template messages)
|
![]() | |
Company type | Private |
---|---|
Industry | Cybersecurity |
Founded | 2012 |
Founder | Rob Davis |
Headquarters | Plano, , |
Key people | |
Website | www |
Critical Start is a cybersecurity company based in Plano, Texas, with offices across the United States. The company provides managed detection and response services, endpoint security, threat intelligence, penetration testing, risk assessments, and incident response. [1]
Critical Start was founded in 2012 by former RSA Security executive Rob Davis, as a response to nation-state attacks that occurred with cybersecurity organizations RSA, Bit9, and others in 2011. [2]
Critical Start announced in March 2018 an agreement to acquire Advanced Threat Analytics, [3] a next-generation security analytics platform, to leverage its Zero-Trust Analytics Platform. [4] As a part of the agreement, Critical Start acquired its native iOS and Android mobile security operations center application. [5]
In August 2019, Critical Start published its second annual research survey reporting that security operations center analysts face an "overwhelming number of alerts each day that are taking longer to investigate". [6] According to an article featured on MSSP Alert, the report surveyed security operations center professionals across enterprises managed security service providers, and managed detection and response providers to evaluate the state of incident response within security operations centers from a variety of perspectives, including alert volume and management, business models, customer communications as well as security operations center analyst training and turnover. [7]
The survey found that more than 8 out of 10 security operations center analysts reported that their security operations centers had experienced between 10 percent and 50 percent analyst churn in the past year. [8] Additionally, 70 percent of respondents investigate more than 10 alerts each day [9] – up from 45 percent the previous year, [10] while 78 percent state that it takes over 10 minutes to investigate each alert, which is up from 64 percent the previous year. [11] Critical Start revealed later that month that they would be expanding to a channel-driven model along with the expansion of the company’s national distributors and network of value-added resellers. [12]
In June 2023, Critical Start opened two new facilities, one in Leih, Utah, and another in Pune, India. The facility in India is the company's first Center of Excellence for engineering. [13]
In June 2019, Bregal Sagemount, a growth equity firm, invested $40 million as part of the company’s first outside investment. [14] According to Dallas Morning News, the "investment helped accelerate its North American expansion" [15] and partnerships with Microsoft, Splunk, Palo Alto Networks, Cylance, and Carbon Black, and to expand its market presence for the company's managed detection and response services – including new field offices in Los Angeles and New York City – to "serve enterprise customers and its network of channel partners." [16]
DC Advisory served as the exclusive financial advisor to Critical Start. Financial terms have not been disclosed. [17]
The SANS Institute is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and auditing. The information security courses are developed through a consensus process involving administrators, security managers, and information security professionals. The courses cover security fundamentals and technical aspects of information security. The institute has been recognized for its training programs and certification programs. Per 2021, SANS is the world’s largest cybersecurity research and training organization. SANS is an acronym for SysAdmin, Audit, Network, and Security.
The United States Department of Homeland Security (DHS) is the U.S. federal executive department responsible for public security, roughly comparable to the interior or home ministries of other countries. Its stated missions involve anti-terrorism, border security, immigration and customs, cyber security, and disaster prevention and management.
The United States Computer Emergency Readiness Team (US-CERT) is an organization within the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Specifically, US-CERT is a branch of the Office of Cybersecurity and Communications' (CS&C) National Cybersecurity and Communications Integration Center (NCCIC).
The National Cyber Security Division (NCSD) is a division of the Office of Cyber Security & Communications, within the United States Department of Homeland Security's Cybersecurity and Infrastructure Security Agency. Formed from the Critical Infrastructure Assurance Office, the National Infrastructure Protection Center, the Federal Computer Incident Response Center, and the National Communications System, NCSD opened on June 6, 2003. The NCSD mission is to collaborate with the private sector, government, military, and intelligence stakeholders to conduct risk assessments and mitigate vulnerabilities and threats to information technology assets and activities affecting the operation of the civilian government and private sector critical cyber infrastructures. NCSD also provides cyber threat and vulnerability analysis, early warning, and incident response assistance for public and private sector constituents. NCSD carries out the majority of DHS’ responsibilities under the Comprehensive National Cybersecurity Initiative. The FY 2011 budget request for NCSD is $378.744 million and includes 342 federal positions. The current director of the NCSD is John Streufert, former chief information security officer (CISO) for the United States Department of State, who assumed the position in January 2012.
Fortinet is a cybersecurity company with headquarters in Sunnyvale, California. The company develops and sells security solutions like firewalls, endpoint security and intrusion detection systems. Fortinet has offices located all over the world.
UST, formerly known as UST GLOBAL, is a provider of digital technology and transformation, information technology and services, headquartered in Aliso Viejo, California, United States. Stephen Ross founded UST in 1998 in Laguna Hills. The company has offices in the Americas, EMEA, APAC, and India.
Bitdefender is a Romanian cybersecurity technology company headquartered in Bucharest, Romania, with offices in the United States, Europe, Australia and the Middle East.
The EINSTEIN System is a network intrusion detection and prevention system that monitors the networks of US federal government departments and agencies. The system is developed and managed by the Cybersecurity and Infrastructure Security Agency in the United States Department of Homeland Security (DHS).
Splunk Inc. is an American software company based in San Francisco, California, that produces software for searching, monitoring, and analyzing machine-generated data via a web-style interface.
Secureworks Inc. is an American cybersecurity company. The company has approximately 4,000 customers in more than 50 countries, ranging from Fortune 100 companies to mid-sized businesses in a variety of industries.
Security information and event management (SIEM) is a field within the field of computer security, where software products and services combine security information management (SIM) and security event management (SEM). SIEM is the core component of any typical Security Operations Center (SOC), which is the centralized response team addressing security issues within an organization.
An information security operations center is a facility where enterprise information systems are monitored, assessed, and defended.
VMware Carbon Black is a cybersecurity company based in Waltham, Massachusetts. The company develops cloud-native endpoint security software that is designed to detect malicious behavior and to help prevent malicious files from attacking an organization. The company leverages technology known as the Predictive Security Cloud (PSC), a big data and analytics cloud platform that analyzes customers’ unfiltered data for threats.
Sumo Logic, Inc. is a cloud-based machine data analytics company focusing on security, operations and BI use-cases. It provides log management and analytics services that use machine-generated big data. Sumo Logic was founded in April 2010 by ArcSight veterans Kumar Saurabh and Christian Beedgen, and is headquartered in Redwood City, California.
Optiv Security, Inc. ("Optiv") is a privately owned information security company based in Denver, Colorado. Optiv is a solutions integrator that delivers end-to-end cybersecurity services globally.
Bregal Sagemount is a private equity firm based in New York City.
The Co-Managed IT security service model entails security monitoring, event correlation, incident response, system tuning, and compliance support across an organization's entire IT environment. Co-Management allows organizations to collaborate with their managed security service providers by blending security expertise of the provider with the contextual knowledge of the customer to optimise security posture.
Masergy Communications is a software-defined networking services company founded in 2000 and headquartered in Plano, Texas. The services they provide include Managed SD-WAN, Unified Communications, Cloud Contact Center, and Managed Security. Masergy was acquired by Comcast on October 8, 2021.
Anomali Inc. is an American cybersecurity company that develops and provides threat intelligence products. In 2023, the company moved into providing Security Analytics powered by AI.
The 2018 SingHealth data breach was a data breach incident initiated by unidentified state actors, which happened between 27 June and 4 July 2018. During that period, personal particulars of 1.5 million SingHealth patients and records of outpatient dispensed medicines belonging to 160,000 patients were stolen. Names, National Registration Identity Card (NRIC) numbers, addresses, dates of birth, race, and gender of patients who visited specialist outpatient clinics and polyclinics between 1 May 2015 and 4 July 2018 were maliciously accessed and copied. Information relating to patient diagnosis, test results and doctors' notes were unaffected. Information on Prime Minister Lee Hsien Loong was specifically targeted.