Going into 2014, a whirlwind of security start-ups are looking to have an impact on the enterprise world. Most of these new ventures are focused on securing data in the cloud and on mobile devices. Santa Clara, Calif.-based Illumio, for example, founded earlier this year, is only hinting about what it will be doing in cloud security. But already it's the darling of Silicon Valley investors, pulling in over $42 million from backer Andreessen Horowitz, General Catalyst, Formation 8 and others.
The cloud's lure is easy to see. More businesses continue to adopt a wide range of cloud services -- whether software-as-service, infrastructure-as-a-service or platform-as-a-service. That means the enterprise IT department needs more visibility, monitoring and security controls for what employees are doing and evidence their data is safe. In addition, employees today increasingly use smartphones and tablets they personally own for work in "Bring Your Own Device" mode, leading to other management and security questions. When there are perceived security "gaps," start-ups see opportunities, as the 12 firms we identify here do.
Security is increasingly delivered not as on premises software or hardware but at least partly if not wholly as a cloud-based service. Gartner is predicting security-as-a-service will grow from about $2.13 billion now to $3.17 billion in 2015.
With all of that in mind, here's our slate of security start-ups worth watching in the near future:
Adallom is based in Menlo Park, Calif., but has its research and development roots in Israel, where its three co-founders, Assaf Rappaport, vice president of R&D Roy Reznik and CTO Ami Luttwak have backgrounds in the Israel cyber-defense forces. Adallom -- a word which means "last line of defense" in Hebrew -- is taking on the problem in monitoring user actions related to software-as-a-service (SaaS) usage. The firm's proxy-based technology announced this month is offered to the enterprise either as a security service in the cloud or server-based software for on premises.
The goal is to provide real-time analysis and a clear audit trail and reporting related to SaaS-based application usage by the enterprise. The monitoring can allows options for automating or manually terminating sessions or blocking content download. Though not wholly similar, its closest competitors could be considered to be two other start-ups, SkyHigh Networks and Netskope. The venture has gotten $4.5 million in funding from Sequoia Capital.
AlephCloud hasn't yet made its software and service called AlephCloud Content Canopy generally available, but its purpose is to provide controlled encryption and decryption of documents transmitted business-to-business via cloud-based file synchronization and sharing services such as Dropbox, SkyDrive and Amazon S3. The company was founded in 2011by CEO Jieming Zhu and CTO Roy D'Souza. Zhu says Content Canopy works by means of the "federated key management" process AlephCloud developed that can use existing enterprise public-key infrastructures used in identity management. For the end user, though, who is permitted to retrieve and decrypt the encrypted document via Dropbox or SkyDrive, it's all transparent. AlephCloud says its "zero-knowledge" encryption process means the company never holds the private encryption key. AlephCloud will first be supporting PCs, Macs, and Apple iOS devices, and Android next year, and specific file-sharing services. Zhu says the underlying technology can be expanded further to other applications as well. AlephCloud has received $9.5 million in venture-capital funding, including $7.5 million from Handbag LLC and the remainder from angel investors.
BitSight Technologies has a simple proposition. It's not uncommon for companies to want to try and evaluate the IT security of another business before entering into an e-commerce arrangement where networks may be interconnected in some way. BitSight, co-founded in 2011 by CTO Stephen Boyer and COO Nagarjuna Venna, has a security "rating" service to do this, though there are limits on how far it can go at this point. The BitSight approach, says vice president of marketing Sonali Shah, relies on an analysis of Internet traffic by BitSight sensors on the Internet to detect if the company's IT assets, such as computers, server or network, have been commandeered by threats such as botnets or denial-of-service attacks. But she acknowledges there's not yet a way for BitSight to determine what security issues might arise in a company's use of cloud services. Cambridge, Mass.-based BitSight has received $24 million in venture-capital funding from investors that include Menlo Ventures, Globespan Capital Partners, Commonwealth Capital and Flybridge Capital partners.
Defense.net is focusing on stopping denial-of-service attacks aimed by attackers at both enterprises and cloud service providers. Founded by its CTO Barrett Lyon, who started another anti-distributed denial-of-service firm called Prolexic in 2003, Defense.net relies on a cloud service without the need for an appliance to mitigate against large-scale DDoS assaults. Many in the industry say DDoS attacks are growing worse in scale and number. For his part, Lyon says he thinks the average DDoS attack is probably 16 times larger and "significantly more sophisticated than it was a year earlier." Defense.net has received $9.5 million in funding from Bessemer Venture Partners.
Illumio, founded by its CEO Andrew Rubin earlier this year, is still in stealth mode, maintaining a discrete silence about its intentions. But the little hints sprinkled across its website indicate the Santa Clara, Calif.-based company's focus is likely to be tackling cloud-based security with an emphasis on virtualization. Illumio has brought in former VMware techies and execs. As for Rubin himself, he was formerly CEO at Cymtec Systems, a security firm providing the means for visibility, protection and control by the enterprise of Web content and mobile devices, plus a means for intrusion-detection analysis. Illumio has received more than $42 million in funding from Andreessen Horowitz, General Catalyst, Formation 8 and others.
Lacoon Mobile Security has come up with a sandboxing approach to detect zero-day malware targeting Android and Apple iOS devices by means of a small lightweight agent that examines mobile applications through behavior analysis and a process tied to the Lacoon cloud gateway. The start-up was founded by CEO Michael Shaulov, vice president of research and development Ohad Bobrov, and Emanuel Avner, the CFO. The company has its R&D arm in Israel and its headquarters in San Francisco. It's backed by $8 million in venture-capital funding led by Index Ventures, plus $2.7 million in angel investing, including from Shlomo Kramer, CEO at Imperva.
Malcovery Security, based in Pittsburgh, was basically spun out in 2012 from research on phishing done at the University of Alabama in Birmingham, according to its CTO Greg Coticchia. Targeted phishing attacks can have disastrous outcomes when devices are targeted to infiltrate organizations and steal data. Coticchia says the Malcovery technologies offered to businesses include ways to identify phishing websites and a service that can detect phishing e-mail. The company's founders include Gary Warner, director of research in cyber forensics at the University of Alabama, and the start-up has received about $3 million in funding from the university.
Netskope wants to help businesses monitor how their employees are using cloud-based applications and apply security controls to it, such as giving IT managers the ability to block data transfers or receive alerts. The Netskope service can apply security controls to about 3,000 different cloud-based applications, whether they be SaaS, PaaS or Iaas. The Netskope service is meant to let IT divisions get a grip on cloud usage and avoid the "shadow IT" issue of business people initiating cloud services without informing IT at all. The Los Altos, Calif.-based start-up was founded in 2012 by CEO Sanjay Beri along with chief architect Ravi Ithal, chief scientist Krishna Narayanaswami, and Lebin Chang, head of application engineering teams, all who bring tech industry experience ranging from Juniper to Palo Alto Networks to VMware. Netskope has amassed $21 million in venture funding from Social+Capital Partnership and Lightspeed Venture Partners.
PrivateCore is a crypto-based security play, focusing on making use of the central processing unit (CPU) as the trusted component to encrypt data in use. PrivateCore has come up with what it calls its vCage software that relies on the Intel Xeon Sandy Bridge CPU for secure processing through means of Intel Sandy Bridge-based servers in cloud environments, first off in IaaS. The challenge in processing encrypted data is "the problem with having to decrypt to do processing," says Oded Horovitz, CEO of the Palo Alto, Calif.-based start-up he co-founded with Steve Weis, CTO, and Cal Waldspurger as adviser. The vCage approach, based on Intel CPU Sandy Bridge, makes use of the Intel Trusted Execution Technologies and Advanced Encryption Standard algorithm to perform the processing in RAM. This can be done with Intel Sandy Bridge because there's now about 20MB of cache available, he points out, enough to get the job done. The data in question is only unencrypted in the CPU. This encryption approach is being tested now by IaaS providers and some enterprises, and PrivateCore expects to have its first product in general release early next year. The start-up has received $2.4 million in venture capital from Foundation Capital.
Skycure is all about mobile-device security, with its initial focus on Apple iOS iPhones and iPads. It recently introduced what's described as an intrusion-detection and prevention package for mobile devices, which Skycure's co-founder and CTO Yair Amit says relies on the Skycure cloud service for security purposes. He says the goal is to prevent and mitigate any impact from attackers exploiting configuration profiles on mobile devices. Skycure, based in Tel Aviv, Israel, was co-founded by CEO Adi Sharabani and the company has received about $3 million in venture-capital funding from Pitango Venture Capital and angel investors.
Synack was founded by two former National Security Agency (NSA) computer network operations analysts, CEO Jay Kaplan and CTO Mark Kuhr. According to them, the Menlo Park, Calif.-based start-up is bringing together security experts with expertise in finding zero-day bugs in software, particularly in websites and applications of Synack customers. "We pay researchers for vulnerabilities found," explained Kaplan last August as Synack officially debuted. He says bug bounty rates typically run a minimum of $500 to several thousand for serious vulnerabilities in databases, for example. Synack says it has cultivated relationships with several bug hunters around the world, including at the NSA, who would be available to take on specific assignments. Synack has received $1.5 million in venture-capital funding from a combination of investors that include Kleiner Perkins Caufield & Byers, Greylock Partners, Wing Venture Partners, Allegis Capital and Derek Smith, CEO of start-up Shape Security.
Threat Stack, founded by CEO Dustin Webber with Jennifer Andre, wants to give enterprises a way to know if hackers are breaking into Linux-based servers that they may use in their cloud services. To monitor for hacker activity, the start-up's Cloud Sight agent software for Linux needs to be installed on the Linux server under administrative control in the cloud environment, says Webber. "We look for the behavior of the hacker," he points out, noting the enterprise will get an alert if a hacker break-in is underway and a measure of forensics about incidents can be obtained if needed. Cloud Sight could also be potentially used by cloud service providers as well but the initial focus is on monitoring for the enterprise, he says. Threat Stack, founded in Cambridge, Mass., in 2012, has obtained $1.2 million in funding from Atlas Venture and .406 Ventures. The start-up is yet another example of why there's new energy directed toward finding ways to provide visibility, monitoring and security for businesses adopting cloud services.
Ellen Messmer is senior editor at Network World, part of IDG, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: [email protected]
Read more about wide area network in Network World's Wide Area Network section.