4iQ raises $30 million for AI that attacks the trade in stolen digital identities


To view the original article, please click here.


Digital identity protection startup 4iQ today announced a $30 million round it will use to ramp up investments in its go-to-market activities. The funding comes as 4iQ brings former Waterline Data head Kailash Ambwani on as CEO.

Over 300 data breaches involving the theft of 100,000 or more records occurred between 2005 and 2014, Forbes reports. Data breaches exposed 4.1 billion records in the first six months of 2019 alone. As of 2019, the World Economic Forum considers cyberattacks among the top risks to global stability.

Los Altos, California-based 4iQ, which was founded in 2016 by Alberto Gomez and Julio Casal, seeks to lead the countereffort with a platform that collects identity information from public websites, social media, and the dark web. 4iQ claims to have curated and normalized over 45 billion records with more than a trillion attributes in total, targeting fraud, money laundering, counterterrorist financing, insider threats, cybercrime, identity theft, and account takeover. The company has now surpassed 100 customers with over 25 million users.

4iQ’s IDHunt platform enables investigators to analyze monikers or pseudonyms and other identity-related attributes in real time. Drawing on 4iQ’s database, IDHunt is able to correlate and enrich findings with Pastebin documents, historical DomainWhoIs data, cryptocurrency addresses and clusters, social profiles, standard search engines, reverse IP lookups, and other data sources. IDHunt provides context around threat actors, revealing their cohorts, associations, and criminal rings. The platform’s machine learning algorithms, meanwhile, calculate malicious identity and domain scores and build relationship graphs “in seconds.”

IDTheft complements 4iQ’s IDHunt tool and enables clients to assess risk and monitor people for exposure through APIs. These APIs tap into the identity database, retrieving exposed identity and risk scores that power password managers, account takeover prevention, business risk assessments, and consumer identity protection providers. 4iQ says all breaches undergo a verification process in which analysts and experts use research and investigation methods to ensure the domain data and other information is real and valid. Once a breach is verified, the 4iQ platform calculates a risk score based on variables such as attribute types, dates, and password strength.

“4iQ’s unique approach to unmasking cybercriminals’ real-world identities is pivotal for organizations to understand if any information is compromised, their employee attack surface, and so much more,” Ambwani said. “Our innovative tools, which allow companies to monitor identity and information risks, can ultimately help to better protect organizations and their people. I’m excited for the direction of our company and look forward to sharing other major announcements in Q4.”

ForgePoint Capital led the series C announced today, with participation from Benhamou Global Ventures, C5 Capital, and Adara Ventures. This brings the company’s total raised to over $63 million, following an $18 million series B in December 2018.

Competition is fiercer than ever in a global cybersecurity market that will soon pass $300 billion, according to Global Market Insights. Indeed, Atlas VPN found that recently launched cybersecurity startups raised more than $31 million in 2020. Rivals include IntSights, which in November 2019 raised $30 million for its cloud-hosted cyberthreat detection and remediation solution, and TrapX Security, which recently raked in $18 million to thwart cyberattacks with decoy assets. That’s not to mention San Francisco-based ZecOps, which last November nabbed $10.2 million for its tech stack that automates detection, analysis, and response to cyberattacks on endpoints and servers and Trinity Cyber, whose threat-combating suite combines detection with “adversary inference.” Another contender, Lacework, nabbed $42 million in September 2019 to protect cloud environments from data breaches.