September 21, 2021 • Mike Wiacek

Let’s Take Back the High Ground

Why and how Stairwell helps you stay out of reach of attackers.

By Mike Wiacek

Nearly a year ago, we launched Stairwell with a vision to empower security teams to outsmart attackers. If we’ve learned anything since, it’s that the bad actors keep winning. After a year of active development, we’re announcing Inception. Inception is a platform for recursive threat hunting, response, and investigation. It’s already helping our early customers spend more time doing the right investigative work, identifying artifacts of concern, and determining if their organizations are compromised right now, or have been in the past. To accelerate development and our mission, we’ve secured $20M in funding from Sequoia and Accel and have more than doubled the size of our team since last year.

Stairwell aims to apply pragmatic realism to recurring cybersecurity issues. We’re not going to say Inception solves every problem—nobody can, and you should be wary of those who claim to. But what we can say is that Inception gives organizations the insights and context they need to identify the things that don’t belong, act in seconds to make it right, and finally have the opportunity to get ahead of adversaries. 

Most organizations rely on the same types of security products to defend themselves. Unfortunately, most of these solutions are vulnerable to oracle attacks. That’s just a fancy way of saying that the same tools you may rely on for protection can be used by adversaries for testing. If an adversary can iterate and change their tools until they can no longer be caught, your ability to defend yourself is significantly reduced— if not outright eliminated. Stairwell believes we need tools that exist outside this penetrable ecosystem. Imagine a platform that provides defenders with visibility, context, and awareness that is resilient to such evasion. Our approach fundamentally gives customers this high ground in detecting and responding to intrusions.

Inside-out Security

While others look outside for information, Inception starts by looking within. We call this inside-out security. After all, the most immediate threats to your organization are the things already on your systems. Inception pre-preserves evidence and treats all executable files in your environment as suspicious. It builds a virtual evidence locker, tailored to your organization, that is private, secure, and searchable. Inception makes this data actionable, so you not only have a vault of evidence, you have the ability to hunt, analyze, and respond. Inception continuously applies new insights and intelligence to the historic and current state of your systems — giving you confidence in the ongoing operational integrity of your environment, backed by data you can inspect and control. You are now able to leverage context and visibility that malicious actors cannot; finally you have an opportunity to deny them the advantages they currently enjoy.

To use a real world example, in late 2020 news broke about a supply chain attack against SolarWinds. FireEye/Mandiant released YARA signatures to identify the malicious software. A company that was using Inception would be able to action these signatures in seconds. They’d quickly identify any files on any system that matched them, whether or not the files were still on the device or not. With Inception, time no longer affords adversaries an opportunity to hide, as teams have the ability to quickly apply new intelligence to establish and maintain their ongoing operational integrity.  

A partnership

Beyond the platform, we believe our approach needs to be collaborative. We do not view our customers as transactional relationships, but as members of an alliance, partners with whom our own success is intertwined.

Our company values extend beyond our own employees and govern our interactions with customers and channel partners, too. 

Thanks to all of the individuals who have been a part of the team up to this point. My fellow teammates bring common traits of empathy, respect, passionate curiosity, and a healthy appreciation for practical excellence that have made for an exciting and fulfilling journey so far, and we’re just getting started. 

We are looking for people who are driven to go a step above what others have tried to what they haven’t. People who want to chart a course for which there is no road. People who share success, failure, and everything in between. People who want to put security in reach of everyone. If this describes you, reach out. We’re hiring