Chapman_Beverley_Mill.JPG
 

Seed Stage Cyber Security Capital

Security Disruption

 

About

StoneMill Ventures invests in disruptive cyber security companies, primarily at the seed stage. We are active investors and look for founding teams that can benefit from our experience building pioneering security companies. As such, we tend to focus our investing in the Washington, DC metro area where we can be hands on but we will invest globally given the right opportunity.

Sutton - Headshot - New.JPG

Michael Sutton

Michael was previously the CISO at Zscaler, a company that has pioneered the Security-as-a-Service space. As a member of the founding team, he spent a decade building Zscaler’s research team, driving the security model and evangelizing the vision. Prior to Zscaler, Michael helped build SPI Dynamics (acquired by HP) and iDEFENSE (acquired by VeriSign).

Following Zscaler’s successful IPO in March 2018, Michael chose to pursue his passion for angel investing on a full time basis by launching StoneMill Ventures. He seeks out passionate entrepreneurs ready to disrupt key components of the security ecosystem. Michael is an active investor who looks for founders desiring mentorship alongside financial capital.

Portfolio

Full Stack Cloud VisibilityUtilizing unique SideScanning™ technology to seamlessly deliver comprehensive full-stack visibility into your entire cloud infrastructure and assets at a fraction of the time and cost of alternative approaches.

Full Stack Cloud Visibility

Utilizing unique SideScanning™ technology to seamlessly deliver comprehensive full-stack visibility into your entire cloud infrastructure and assets at a fraction of the time and cost of alternative approaches.

Security Infrastructure as a Service

Get full visibility into your coverage, build what you want, control your data, get the security capabilities you need, for however long you need them, and pay only for what you use.

Asset Discovery

Asset discovery platform that scans IT and OT environments for asset inventory, attack surface reduction and incident response.

Security-as-a-ServiceComprehensive networking and security platform (SASE+SIEM+GRC) built for MSP/MSSPs

Security-as-a-Service

Comprehensive networking and security platform (SASE+SIEM+GRC) built for MSP/MSSPs

Anti-threat intelligenceIdentifying Internet background noise caused by benign or previously identified scanning sources to streamline and prioritize threat analysis.

Anti-threat intelligence

Identifying Internet background noise caused by benign or previously identified scanning sources to streamline and prioritize threat analysis.

Cloud Security Orchestration and Remediation

Reduce risk by orchestrating cloud security remediation processes efficiently, eliminating dangerous backlogs, mitigating threats and focusing on what really matters.

SaaS SecurityComprehensive visibility, governance and data security to help enterprises secure their SaaS ecosystem.

SaaS Security

Comprehensive visibility, governance and data security to help enterprises secure their SaaS ecosystem.

Cloud Native Application Security

A single pane of glass for microservices and modern application security testing

Business Application Mesh

Manage the risks from third-party integrations and secure app-to-app connectivity

Open source device management

Quickly deploy osquery and secure 300,000+ devices on top of a stable core technology.

Client-side JavaScript securityPrevent data loss incidents caused by compromised JavaScript, third parties and configuration weaknesses.

Client-side JavaScript security

Prevent data loss incidents caused by compromised JavaScript, third parties and configuration weaknesses.

Endpoint detection and responseHuntress Labs partners with MSPs to deliver advanced threat detection for small and mid-market organizations.

Endpoint detection and response

Huntress Labs partners with MSPs to deliver advanced threat detection for small and mid-market organizations.

Threat-Informed Defense

Define, measure, and improve the ability to defend against the adversary behaviors that are most important.

Machine Learning - Training data annotationAI training data platform that enables quick, self-service curation of the quality training data needed to increase the precision of ML models - allowing domain experts within a company to annotate data.

Machine Learning - Training data annotation

AI training data platform that enables quick, self-service curation of the quality training data needed to increase the precision of ML models - allowing domain experts within a company to annotate data.

Continuous vulnerability remediationA continuous vulnerability remediation platform, which automates and orchestrates enterprise vulnerability remediation processes.

Continuous vulnerability remediation

A continuous vulnerability remediation platform, which automates and orchestrates enterprise vulnerability remediation processes.

Deep learning for communicationsSignal processing design leveraging AI to learn optimized models directly from data rather than manually designing specialized algorithms.

Deep learning for communications

Signal processing design leveraging AI to learn optimized models directly from data rather than manually designing specialized algorithms.

Exascale-capable computing architectureDeveloping an Exascale-capable computing architecture designed specifically to tackle the ‘Big Data’ applications that are choking today’s supercomputers

Exascale-capable computing architecture

Developing an Exascale-capable computing architecture designed specifically to tackle the ‘Big Data’ applications that are choking today’s supercomputers

Secure collaborationA secure Slack/WhatsApp alternative for organizations handling regulated/sensitive data.

Secure collaboration

A secure Slack/WhatsApp alternative for organizations handling regulated/sensitive data.

Application Visibility, Control and ProtectionReal-time visibility, behavior analytics and automated controls to monitor and manage network, OS, software and identity to understand and better protect applications.

Application Visibility, Control and Protection

Real-time visibility, behavior analytics and automated controls to monitor and manage network, OS, software and identity to understand and better protect applications.

Predictive cyber threat intelligenceTake control of digital risk with cyber reconnaissance, counterintelligence and monitoring for breached credentials.

Predictive cyber threat intelligence

Take control of digital risk with cyber reconnaissance, counterintelligence and monitoring for breached credentials.

Breach and attack simulationCombined breach and attack simulation features with vulnerability assessment and penetration testing capabilities to deliver the ability to continuously assess the security posture of an entire organization without the ne…

Breach and attack simulation

Combined breach and attack simulation features with vulnerability assessment and penetration testing capabilities to deliver the ability to continuously assess the security posture of an entire organization without the need for costly training, technical expertise, or complex setup.

Third party cyber riskVendor security due diligence that delivers the depth and accuracy necessary to make sound security decisions at the speed of business.

Third party cyber risk

Vendor security due diligence that delivers the depth and accuracy necessary to make sound security decisions at the speed of business.

Cybersecurity and IT workforce developmentOnline courses and experiential tools that provide IT and cybersecurity learning opportunities to anyone, anywhere, anytime.

Cybersecurity and IT workforce development

Online courses and experiential tools that provide IT and cybersecurity learning opportunities to anyone, anywhere, anytime.

Secure StorageHigh performance software-defined storage embedded with advanced data security, encryption and compliance.

Secure Storage

High performance software-defined storage embedded with advanced data security, encryption and compliance.

Workload protectionShield workloads from attacks in the cloud, data center or hybrid environments.

Workload protection

Shield workloads from attacks in the cloud, data center or hybrid environments.

IoT Asset TrackingLeading innovator in low­ power, wide-­area network technologies that power the Internet of Things (IoT). Patented Symphony Link technology provides secure connectivity for IoT devices allowing for precise indoor and outdoor asset …

IoT Asset Tracking

Leading innovator in low­ power, wide-­area network technologies that power the Internet of Things (IoT). Patented Symphony Link technology provides secure connectivity for IoT devices allowing for precise indoor and outdoor asset tracking.

AI Powered Firmware Protection

In-depth introspection of firmware using proprietary machine learning and code analysis techniques to find known and unknown threats and vulnerabilities.

Acquired

Data Access Security Broker

Control access and prevent data breaches by proactively protecting data regardless of where it is created, consumed, stored, or modified.

Authorization Policy Management

Simplifying authorization via a Policy-as-Code approach, allowing developers to manage, author, evaluate, distribute and monitor policies across systems from a single pane of glass.

Internet Inventory

Powerful tools for third-party risk, attack surface management and total intel.

Portable IP security

Mobilizes security at the edge where cyber threats matter.

Secure workload identity

Helping operations and security engineers use SPIFFE to securely and easily build identity-driven, large-scale distributed software systems.

Predictive cyber threat intelligence

Automatically mined deep web/dark web information, combined with advanced machine learning to provide proactive, actionable cyber threat intelligence.

Contact