Crosslayer Labs: Protect, monitor and defend your Internet presence

Protect, monitor and defend your Internet presence

Crosslayer Labs detects impersonation attacks on websites and APIs. We provide "outside-in" monitoring of customer infrastructure, comprehensively discovering and monitoring all Internet dependencies, including DNS, BGP, TLS certs, Javascript. We correlate signals from different layers of the Internet stack to identify attack patterns. Our alerts are actionable and contain root cause analysis/remediation recommendations. Our founding team is world renowned for previously inventing the MPIC standard adopted by all the major CAs including Google, Apple, Amazon. The MPIC standard is securing over 700 million websites via the issuance of over 3 billion digital certificates, and is now a global internet standard that protects every single HTTPS connection.

Active Founders

Henry Birge-Lee

Founder

I am am innovator in web and network security. I invented Multi-Perspective Issuance Corroboration (MPIC) which now secures every single HTTPS connection. I am currently focusing on building the Crosslayer Labs platform for web resource integrity.

Henry Birge-Lee

Founder

I am am innovator in web and network security. I invented Multi-Perspective Issuance Corroboration (MPIC) which now secures every single HTTPS connection. I am currently focusing on building the Crosslayer Labs platform for web resource integrity.

Grace Cimaszewski

Founder

I'm a recent PhD graduate from Princeton and security researcher. I've worked with the CA/Browser Forum to turn my research on TLS certificate security into ecosystem-wide requirements which now improve the security of every HTTPS connection you view in your browser. Before starting Crosslayer with my long-time research collaborators, I was a visiting research at Google and Corelight Labs.

Grace Cimaszewski

Founder

I'm a recent PhD graduate from Princeton and security researcher. I've worked with the CA/Browser Forum to turn my research on TLS certificate security into ecosystem-wide requirements which now improve the security of every HTTPS connection you view in your browser. Before starting Crosslayer with my long-time research collaborators, I was a visiting research at Google and Corelight Labs.

Prateek Mittal

Founder

I am a professor at Princeton University and co-founder of Crosslayer Labs (YC W26). I specialize in the field of cybersecurity/privacy and am the recipient of the ACM Grace Hopper Award. My research has helped secure every single web connection (HTTPS) worldwide and enhanced the security of deployed LLMs (e.g., GPT 3.5 and GPT4V at OpenAI).

Prateek Mittal

Founder

I am a professor at Princeton University and co-founder of Crosslayer Labs (YC W26). I specialize in the field of cybersecurity/privacy and am the recipient of the ACM Grace Hopper Award. My research has helped secure every single web connection (HTTPS) worldwide and enhanced the security of deployed LLMs (e.g., GPT 3.5 and GPT4V at OpenAI).

Company Launches

Crosslayer Labs: We discovered (and can protect you against) a new attack allowing hackers to spoof any website(!)

See original launch post

Tl;dr Crosslayer Labs detects attacks on Internet infrastructure that allow hackers to impersonate websites and APIs. We would know; our team previously invented technology that secures every single web connection (HTTPS) worldwide.

The Problem

Imagine you are visiting brex.com - but you’ve been redirected to an adversary spoofing Brex, while the lock icon on your browser still checks out. Suddenly, all your startup money is drained. Science fiction? No, these are the next generation of security threats.

https://www.youtube.com/watch?v=Z7U3183IJf4

The Solution

Crosslayer Labs protects websites and APIs from hijack attacks. We discover and monitor network dependencies for your domain (across the entire network stack) to detect when someone is impersonating your website. Our approach is unique in the way that it combines data from your entire network stack.

https://www.youtube.com/watch?v=QgYjFO1j08A

Team

We are a team of serious security researchers: we invented a technology called Multi-Perspective Issuance Corroboration (MPIC) that is used to sign digital certificates (over 3 billion and counting) for all websites.

Prateek is a Professor at Princeton, and his research has revolutionized the security and privacy of internet communications and AI systems. He helped secure every single web connection (HTTPS) worldwide and enhanced the security of deployed LLMs (e.g., GPT 3.5 and GPT4V at OpenAI). He is the recipient of the ACM Grace Hopper Award, IEEE Fellow, ACM Distinguished Member, and Distinguished Alumni awards from IIT Guwahati and UIUC.

Henry is a member of the CA/Browser Forum and former research staff at Princeton University. Henry’s research uncovered a fundamental security vulnerability in how TLS certificates are issued to websites. He is an author of the MPIC standard at the CA/Browser Forum and he founded the Open MPIC project that implements MPIC for 1.5 million certificates a day. His work also led to DNSSEC adoption by CAs, and he is a recipient of the IRTF’s applied networking research prize.

Grace just finished her PhD at Princeton, where she performed transformative research on the web PKI, and was named runner up for the Privacy Enhancing Technology Award and the Andreas Pfitzmann Best Student Paper Award. Grace mapped the attack surface of millions of websites to shape how MPIC was deployed by leading CAs, including working with Google Trust Services.

Ask

Know any CISOs or security heads who would lose their job if their website was impersonated? We'd love to meet. Think: crypto exchanges, fintech, banks, health care, tax portals. Email: contact@crosslayerlabs.com