Secure web gateways — network security services designed to help organizations enforce IT policies around Internet usage by blocking (or letting through) certain traffic — are one of the most common investments that organizations make in their cybersecurity profiles. But as a product that’s been around for decades, there remains a lot of room for innovation and improvement. Today, an SWG startup called dope.security is announcing $16 million in funding to fuel its efforts to do just that.
In contrast to being routed through the cloud and datacenters, or large and expensive on-premise network appliances (some the popular approaches for SWG services these days), Dope has designed a secure web gateway product that’s run on an organizations’ endpoints — computers and other devices connected to the company network — an approach that it believes makes it easier to use, more secure and privacy-friendly for users, less prone to failures, and significantly faster in terms of performance.
Dope plans to use the funding for hiring, business development, and to continue enhancing its product with more features. These will include a Dope API later in the year and further along a ‘zero trust’ layer for organizations that need that extra level of security, said Kunal Agarwal, Dope’s founder and CEO, in an interview from its HQ in Mountain View, CA.
The round, a Series A, is being led by GV (Google Ventures) with boldstart ventures and Preface, which backed the startup last year when it was still in stealth, also participating. The company has now raised $20 million and it is not disclosing valuation.
Agarwal said he first came upon the idea of Dope’s central premise when he was working at Symantec, where he started as an engineer working on SWG and worked his way up over years to product manager and eventually GM. Symantec is one of the world’s best-known purveyors of secure-web gateway and other security products, and so Agarwal saw first-hand not just how slowly it took Symantec to bring on any changes to the product but the problems with how the product worked today.
“I lived SWG day in and day out,” he said. “I heard how customers complained about how, when it doesn’t work properly, you don’t have web access at all.”
In his view, with the huge shift of computing to the cloud, it’s been a misfire to shift security to the cloud wholesale to manage that. Typical secure web gateway products built to work in the cloud essentially send all of their traffic to servers before letting it proceed or blocking it. This essentially causes delays and in cases where something is not working correctly, total failure. The problem has been compounded with more traffic moving to the cloud, and more people working from more disparate locations, rather than all in a single office.
Dope describes its approach as “fly direct”: the end point is where the evaluation of the traffic is made before allowing it through (or not as the case may be). That reduced hop not only means less time spent in transit, but also less of a chance of the whole system falling over. The cloud is used by Dope, but only for certain aspects of the service. Administrators manage white and black lists there, data that in turn is distributed to endpoints — using guidance from Dope itself, which says that it’s crunching through some 700 terabytes of content to understand threats on the internet; later, the cloud is where diagnostics and analytics are sent so that network administrators can better understand usage and behavior on their networks.
That points to another important aspect of this, and all secure web gateway products: the baseline of these services remains that they are there to control how people go online; monitor what they do; and see how data, and what data, might come into or go out of a network. But in the bigger scheme of a market that was worth $9 billion at the end of 2022, and predicted to grow to nearly $24 billion by 2028, it’s clear that this is only going to grow as an approach in the bigger struggle of trying to secure organizations against ever-growing cybersecurity threats. Dope believes it’s offering a route to managing that containment in a potentially less invasive way, that is more user friendly, than the other options out there.
“dope.security cares deeply about design and user experience in a way that is unique to the security industry. Its first goal when creating a product is simplicity – the simplicity of architecture, purchasing, deployment, and management,” said Sangeen Zeb, a general partner at GV, in a statement. “dope.security is well-positioned to reinvent traditional approaches to SWG, and we’re excited to work with the team to bring this modern approach to life.” Zeb’s joining the startup’s board with this round.
Pricing starts at $60 per device per year for the service.
All copyrights for this article are reserved to Techcrunch.com