The willingness to invest in new security start-ups is continuing at such a breakneck pace that start-ups still in stealth mode are getting snapped up by more established players before they even publicly introduce their security products and services.
That's what happened in early January in the case of Morta Security, acquired by next-generation firewall maker Palo Alto Networks. Morta, founded by former employees of the National Security Agency who came up with a method for detecting and remediating malware outbreaks, was quietly absorbed by Palo Alto, which has yet to disclose what role the Morta technology will play.
Don't call it an impulse purchase, but security vendor Imperva in February snatched up start-up Skyfence for $60 million just a month after Skyfence officially debuted with its Skyfence Cloud Gateway for monitoring software-as-a-service applications. The Skyfence service was already being used by companies that include airline carrier Virgin America.
The attention among these young security companies and their clientele is often on finding new ways to secure corporate data assets in the cloud and the mobile devices that corporate employees use in "Bring Your Own Device" (BYOD) style. It typically involves handling the security filtering and monitoring directly through a security cloud service rather than on premises.
Some enterprises are in the vanguard in adopting it. Take AMAG Pharmaceuticals, for instance, where chief tech Nathan McBride has convinced five of these young security firms -- Bitglass, Okta, Identropy, CloudLock and Secure Access technologies -- to work together this year to support AMAG's plan for certificate--based authentication of smartphones and laptops for access and single-sign on provisioning to the many cloud-based services AMAG uses. The goal is to eliminate the need for re-usable passwords altogether at AMAG, which migrated its infrastructure entirely to cloud software-as-a-service about three years ago.
Another big area for security start-ups is threat detection and response, because there's the realization that there is going to be malware or targeted attacks that get through, and the ability to discover, investigate and remediate is sorely needed after various defenses fall.
Last November we unveiled our list of the hottest start-ups to watch going into 2014. So far, we haven't been disappointed. Some of these small firms, such as Skycure, have begun to be heard at conferences and the like contributing to the dialog on mobile-device vulnerabilities.
Here's the latest line-up of security start-ups to watch that we'll be keeping an eye on. The Israelis seem to be working overtime, judging by the list below. Dorit Dor, vice president of products at Check Point Software, one of the most successful IT security start-ups Israel has had, says that's not surprising because Israel faces constant threats as a nation and improving defenses is an ever-present concern.
Aorato, based in Israel with its U.S. headquarters in New York City, has introduced what it calls a firewall designed to protect Microsoft Active Directory shops. It works by monitoring network traffic between Active Directory servers and the users and identifying attacks. "This is anomaly detection for Active Directory," says co-founder and CEO Idan Plotnik, who started the firm with his brother Ohad Plotnik, vice president of professional services, and Michael Dolinsky, vice president of research and development.
As an appliance or virtual-machine form factor for VMware or Hyper-V, the start-up's Directory Services Application Firewall is intended to detect and block suspicious events. For many enterprises, Active Directory remains the central point of authentication and authorization in Windows-based networks, including handling requests associated with cloud services. Aorato has received $10 million in funding from investment firms that include ACCEL Partners, Innovation Endeavors, Glilot Capital Partners as well as angel investors.
Bitglass was come up with a novel "watermarking" technology for enterprise security that can identify who has used applications and who may have leaked data, even involving cloud-based applications and mobile devices. The company was founded by CTO Anurag Kahol, who was formerly director of engineering in Juniper Networks' Security Business Unit, CEO Nat Kausik and chief scientist Anoop Bhattacharjya. Bitglass has picked up $10 million in funding from New Enterprise Associates and Norwest Ventures.
Bluebox Security jumped into the mobile-device management arena this February with its "data-wrapping" technology for Apple iOS and Android that acts like a container on the device so that enterprise IT managers can have visibility and control over corporate apps but at the same time separate out personal apps so employees can use them unencumbered. "It lets employees use whatever apps they want," says Caleb Sima, CEO, who co-founded Bluebox with Adam Ely, COO. Netflix and Zion's Bank are among the early adopters of its mobile-device policy-enforcement software that can require security controls such as encryption. Bluebox has picked up $27.4 million in funding from Tenaya Capital, Andreessen Horowitz, and Sun co-founder Andreas Bechtolsheim, among others.
Confer is offering what it calls a "cyberthreat prevention network" as a cloud-based threat-intelligence platform for sharing attack data based on an open protocol developed by Mitre called "Structured Threat Information Expression" (STIX) championed by the federal government and the financial services industry. Confer's basic pieces include lightweight software for Windows, Macintosh and Android devices that work to analyze the behavior of applications and processes to watch for malicious intentions. If the Confer "sensor" agent software detects sufficient risk, it can "terminate that process, or quarantine the application to the device," says Paul Morville, vice president of products. "We do a good job of characterizing what's on the endpoint -- was the attack successful -- and what it did." Confer was founded by Morville and two other co-founders, CTO Jeff Kraemer and CEO Mark Quinlivan. Confer has received $8 million in funding from Matrix Partners and North Bridge Venture Partners.
Cybereason came out of stealth mode in March with software for Windows PCs that works to collect and centralize information that might be related to a stealthy cyberattack aimed at stealing corporate data. This agent software collects information about potential compromises through an ongoing analysis of user activity and relationships. Future development plans call for developing similar software for Apple Mac, Linux and mobile devices platforms. Cybereason is based in Boston but co-founders, CEO Lior Div, CTO Yonatan Striem-Amit and Yossi Naar, chief vision officer, managing research and development, have roots in Israel. Cybereason has received $4.6 million from Charles River Ventures.
Cyphort exited stealth mode in February with its Advanced Threat Detection Platform designed to copy enterprise tariff streams in order to examine executables such as PDFs to find indications of attacks or compromise through its sandboxing process. Founded by Ali Golshan, CTO and Fengmin Gong, chief architect, the firm has picked up about $22.7 million in venture funding from sources that include Foundation Partners, Matrix Partners, and Trinity Ventures.
Elastica is a cloud security start-up that launched this year with the goal of providing visibility into software-as-a-service applications, including Salesforce, Google Drive, and Box, that corporate employees might access from anywhere, including their mobile devices. Elastic monitors SaaS usage and lets IT security managers receive alerts or even block traffic that violates security policies. Elastica competes with two other cloud-security start-ups, Netskope and Bitglass. Elastica was founded by CEO Rehan Jalil and has received $6.3 million from Mayfield Fund.
Forter debuted in March with a cloud-based fraud detection service for e-commerce sites that evaluates customer transactions and card submissions to flag suspicious purchases at the websites. According to COO Liron Damri, who founded the Tel Aviv-based company with Michael Reitblat and Alon Shemesh, the fraud-detection service can begin to work after simply installing a single line of supporting code from Forter on the merchant website to be protected. Forter hasn't disclosed venture-capital funding.
Niara, still in stealth mode, was founded in October of last year by co-founders Sriram Ramachandran, its CEO, and Prasad Palkar, vice president of engineering. The start-up, which draws from the founders' experience at Aruba Networks and Juniper, appears to have raised about $9 million from sources that include Index Ventures, NEA and angel investors. Niara, based on the brief description it gives of itself, seems to be focusing its efforts on threat detection in order to "detect breaches across a company, and analyze where, when and how a company has been compromised," such as what internal documents were downloaded. "Stay tuned," they say.
Shape Security came out of stealth mode in January with an appliance called Shapeshifter that sits in front of a website to ward off attempts to compromise it or bring it down through scripted code attack through a novel kind of technical camouflage. The method is unusual: Shapeshifter makes subtle changes to the underlying programming of each HTML page before presenting every page to any web visitor. "The key is not to change anything to the naked eye but everything the programmers cares about," explains Shape Security's vice president of strategy, Shuman Ghosemajumder. The idea is never to give the attacker a clear shot to undermine the site through attacks such as cross-site scripting or application denial-of-service attacks. The hard part in all this could be maintaining processing power to do all of it. Shape Security was founded by CEO Derek Smith, vice president of product management Sumit Agarwal, and chief technology officer Justin Call. Agarwal was formerly senior adviser of cyber innovation at the U.S. Department of Defense as well as former deputy assistant secretary to the department, and before that, head of mobile products at Google. Shape Security has attracted $26 million in venture capital from Kleiner Perkins Caufield & Byers, Google Ventures, Wing Ventures, Venrock and individuals that include former Symantec CEO Enrique Salem.
Spikes Security bears the name of its founder, CEO/CTO Branden Spikes, whose bio describes him as having served as "the technology right hand of Elon Musk for over 15 years at Zip2, PayPal, Tesla and SpaceX." The Spikes product is called AirGap, also offered as an online service, and it's designed to protect browsers used by corporate employees from malware-based cyberattacks. The company says it's received about $2 million in funding from Javelin ventures.
Zimperium is an Israel-based start-up that conducts research and development out of its Tel Aviv office with U.S. headquarters in San Francisco. Zimperium has developed software to protect smartphones and tablets from cyberattack by using a kind of machine-based learning technology that Zimperium developed, says Zuk Avraham, CEO who co-founded the firm with Elia Yehuda. First available for Android devices, the Zimperium software detects malware or attacks such as traffic re-direction. The company has received $8 million in funding from Sierra Ventures as well as individual investors including Stephen Northcutt and Raymond Liao.
Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: [email protected]
Read more about wide area network in Network World's Wide Area Network section.