Our Investment in Authentic8
We’re excited to announce that Merus has invested in the online security company, Authentic8. Guest post by my partner Peter. Originally posted here.
It’s a Big Idea
The web has become the primary vector for criminals to deliver malware to scam users. Since it’s the browser on your machine that downloads and runs code from the web, it’s impossible for you to know if the code that’s downloaded is secure and trustworthy each time you go online. What’s more, the criminals’ attack “surface area” is even broader than the browser–there’s URL redirection and other potential weak points all the way across the chain from the user’s machine to the web destination.
At the same time, tracking one’s passwords has grown increasingly unmanageable. It seems like each site has different password strength requirements, minimum (or maximum) password lengths, set of characters you’re allowed to use, etc. To deal with this complexity, people end up setting weak passwords, re-using them across sites, or storing them in unsafe places. As a result, online accounts are more easily compromised by criminals.
Dealing with online security is a major pain point for consumers and businesses of all sizes. Authentic8 turns the problem on its head: What if you could simply outsource the headache of keeping your browser secure and managing all of your passwords to a trusted and reliable party? Authentic8 delivers the Simply Safe browsing experience.
Real Software Solving Real Problems
How they solve this problem is quite novel. Each time you access the web, Authentic8 launches a Disposable Browser in the cloud. In essence, you’re surfing the web in real-time from Authentic8’s servers where they manage all security aspects on your behalf. It’s called a disposable browser because they’re “single-use”–Authentic8 gives you a fresh browser instance each time you access the web and discards it when you’re done, a bit like dental floss or latex gloves. The implication is quite powerful: Malware never touches your machine.
What’s more, once you’re using Authentic8’s service, they do all the hard work of validating the destination site you’re trying to reach, as well as securely and automatically submitting your login credentials. So there’s no need to remember any passwords or manually generate new ones, as some sites periodically require. The company precisely fits our goal of investing in entrepreneurs building real software solving real problems.
Exceptional Team
Perhaps what we like most about our investment in Authentic8 is that we get to work with the two exceptional founders again–Scott Petry and Ramesh Rajagopal. Scott and Ramesh worked together for several years at Postini, the company Scott founded in 1999, which was a pioneer in security-related SaaS, where Ramesh was VP of Corporate Development (Google acquired Postini for $625M in 2007–an acquisition sponsored by my two partners, Salman Ullah, who led Corporate Development at Google, and Sean Dempsey, who led the overall acquisition).
The three of us at Merus also had the privilege of working with Ramesh for several years when we were all part of Microsoft’s Corporate Development & Strategy team. We’re also excited to be partnering with Foundry Group, which recently announced their investment in Authentic8.
To be considered for Authentic8’s beta program or for more information on the company:
Click here to be put on the list of future beta invitees. For some great insights and discussion on Internet security (like this one: “Macs & Volvos: Where perception transcends reality“), check out Authentic8’s blog, OSMoSis.
