|Founder||Merrick Furst, Wenke Lee, David Dagon, Richard Lipton|
|Headquarters||Atlanta, GA, United States of America|
|David Scholtz; Tom Savini; Stephen Newman; Paul Rolfe; Ron Wilson; David Fortune; Julie Preiss|
|Products||Advanced Threat Protection|
|Slogan||Automated Breach Defense|
Damballa is an American computer security company focused on advanced cyber threats such as zero-day attacks and advanced persistent threats (APT). The company’s system uses massive data sets and machine learning to identify malicious activity based on network behavior, content analysis and threat intelligence. The system constantly “trains” on new data, which enables it to detect previously unknown threats. Damballa was acquired by Core Security in July 2016 for $US 9 million, a significant loss on the $US 60 million in funding it had received.
Damballa was founded in 2006 in Atlanta, Georgia by Merrick Furst, an associate dean in the Georgia Institute of Technology (Georgia Tech) College of Computing; he was joined by two Georgia Tech colleagues, Wenke Lee, and David Dagon. The company is named after Damballa, a Vodou snake god that protects against zombies, with the implication that Damballa protects against “zombie” computers operating as part of botnets. According to its site, Damballa now seeks primarily corporate clients and ISP.
In April 2014, Damballa secured $US 13 million from its existing investors to grow sales and marketing efforts along with global expansion. Since the company was founded in 2006, Damballa has raised a total of $US 57.5 million in venture capital funding led by the following firms: Sigma Prime Ventures; InterWest Partners; Palomar Ventures; Paladin Capital Group; and, Adams Street Partners. Additional investors include: GRA Venture Fund; Noro-Moseley Partners; and, Imlay Investments.
Damballa’s current product offerings are:
Advanced Threat Protection
Damballa's advanced threat protection solution for enterprises, Damballa Failsafe detects successful infections with certainty, terminates their threat activity, and gives incident response the intelligence needed to rapidly prevent data breaches. Damballa Failsafe is able to detection malicious files (malware) and track suspicious behavior over time in the network, delivering actionable information about known and unknown threats regardless of the infection’s source, entry vector or OS of the device. It provides incident responders with definitive evidence so they can rapidly prevent loss on high-risk devices while blocking activity on the rest. It was recommended on the Advanced Threat Protection shortlist buyer's guide for 2015. 
ISP Subscriber Protection
Damballa CSP, which is designed for service providers and ISPs, identifies malicious activity originating from subscriber’s devices, whether PC, tablet or mobile. Damballa CSP sits out-of-band inside the service provider’s network and monitors DNS requests (non-PII traffic) from the subscriber’s IP address, which enables it to identify subscriber devices infected with advanced malware.
In 2013, Damballa was granted its first two patents, related to detecting advanced threats. Patent 8,566,928 describes methods for detecting a first network of compromised computers in a second network of computers, while patent 8,578,497 describes methods for analyzing domain names that are not registered that are collected from an asset in a real network.
In February 2014, the company was granted a third patent, # US20120198549, for its "Method and system for detecting malicious domain names at an upper DNS hierarchy", which describes a methodology for identifying potential malicious domain names used to propagate threats.
- Asset (computing)
- Computer security
- Countermeasure (computer)
- IT risk
- Threat (computer)
- Vulnerability (computing)
- Markoff, John (2007-01-07). "Attack of the Zombie Computers Is Growing Threat". The New York Times. Retrieved 2007-01-07.
- "Enterprise Botnet and Malware Detection". Damballa, Inc. Retrieved 2007-01-07.
- "Startup Aims to Detect and Thwart Botnets". Nerd Twilight. 2006-08-17. Retrieved 2007-01-07.
- Wilson, Tim (2006-08-15). "Startup to Challenge Botnets". Dark Reading. Retrieved 2007-01-07.
- Rubner, Justin (April 7, 2006). "Tech spinoff gets $2.5M to go after 'zombies'". Atlanta Business Chronicle. Retrieved 2007-01-07.
- "Atlanta Internet security firm Damballa raises $13M". The Atlanta Business Chronicle. 2014-06-02. Retrieved 2014-06-01.
- "Internet Security Firm Lands $6M in New Financing". WRAL.com. 2007-08-29. Retrieved 2007-09-01.
- "The Daily Start-Up: Damballa Locks Down $15M Series E to Fight Cyberattacks". The Wall Street Journal. 2012-09-17. Retrieved 2013-09-05.
- Jacques, Couret (2014-01-07). "Damballa adds two patents". Atlanta Business Chronicle. Retrieved 2 June 2014.
- Google, Patents. "Patent Search". Google. Retrieved 2 June 2014.
- Google, Patents. "Method and system for detecting malware". Google. Retrieved 2 June 2014.
- "Damballa Granted Third New Patent For Detecting Advanced Threats". Dark Reading. 2014-02-04. Retrieved 2014-06-02.