DEVCON Puts Down Roots With New Memphis HQ As It Pivots Its Cybersecurity Product

This past October, cybersecurity startup DEVCON announced that it will be returning to Memphis to build its headquarters there. The company will keep offices in Atlanta and London.

With this move and DEVCON’s new $2.4 million headquarters, the startup is expected to create more than 160 new jobs over the next 5 years.

“While Memphis has a strong base of agricultural tech and logistics tech, they recently started really focusing on cybersecurity. With some of the commercial enterprise headquarters that are there like FedEx and ServiceMaster, they wanted to make that a high priority,” DEVCON CEO Maggie Louie tells Hypepotamus.

The move comes in the heels of a product pivot earlier this year as the startup continues to grow. DEVCON recently moved away from its original proposition of protecting publishers and media companies from ad fraud from pop-up ads.

“We’ve really expanded our customer base, and our product, and team dramatically. We were able to hone in on the underlying vulnerability that hackers have been exploiting, is the third-party JavaScript,” says Louie. “It’s been a big evolution for us.”

Two of the five largest data breaches in the last 18 months, including a breach of British Airways, came from risks associated with third-party JavaScript. This is dynamic code that is on a site, but cannot be controlled by the site owner, like a third-party chatbot in the case of the British Airways incident. The airline had to pay a $230 million GDPR fine.

Louie says that the average fine for a data breach is $150 per record. However, data breach fines like British Airways’ can quickly escalate based on how long the vulnerability went undetected. The airline’s data breach went undetected for six months.

“They weren’t looking for this vulnerability. There aren’t a lot of solutions out there that can provide you any kind of transparency, much less real-time protection against the exploitation of your third-party JavaScript,” she says.

“You might have a content security policy that you feel like it’s covering some of this, but ultimately that’s a static solution for a dynamic problem.”

The DEVCON platform has four different layers with a five-tier ranking system of severity. Its main security solution works with the browser, monitoring all JavaScript calls in real time. The platform remains dynamic and alert as it blocks any JavaScript calls that engage in malicious behavior or have an exploitative pattern.

“This has given us a really great opportunity to provide real-time security on the client side and browser side for big enterprise banks, brands, e-commerce, and more — which is a much broader, bigger industry than the one we were servicing before,” she says.

This is a $500 billion market, Louie shares, much bigger than the previous adtech market they were initially addressing.

Since DEVCON has been looking at more than 10 billion third-party JavaScript calls every month since its inception, the platform has the upper hand on competitors.

“Being able to not only block threats in real time, but then ranking the highest one so that those can be addressed immediately is a really great piece of our platform that I don’t think anyone else has been able to tackle,” she says.

The threats that aren’t as immediate are then archived; if they come up again, the team can review them as needed.

In Memphis, DEVCON will also be working with local state colleges to create curriculums that will train people to take jobs within the cybersecurity company. These curriculums will focus on browser-side and client-side web application security.

The team raised funding last December with a $4.5 million seed round, led by Las Olas VC. The SaaS startup currently has 20 team members and are expected to grow to 50 by 2021.

“Our philosophy is that security is freedom. The freedom for businesses to launch more products more quickly, go to market faster, and for consumers to stay ever connected without fear that they’re going to get compromised in some way,” says Louie.