Skyfence Emerges From Stealth Mode With Cloud Security Gateway


Skyfence Networks emerged from stealth mode Thursday with a new cloud security gateway, joining a growing number of emerging vendors with a platform designed to monitor employee access to Salesforce.com and other Web-based services to protect corporate data.

The Israel-based security startup's cloud application gateway is now generally available following a yearlong pilot program. The gateway sits between the cloud application and the cloud users to provide protection, said Ofer Hendler, Skyfence co-founder and CEO.

Skyfence is looking to leverage the channel with its go-to-market strategy, hoping solution providers can help boost broad adoption of the cloud-based service. The cloud gateway can be deployed as a fully cloud-based service or as an inline proxy or non-inline sniffer.

"We analyze all the different protocols, we understand exactly who are the users, where they are coming from, which devices they use and what data is being accessed," Hendler told CRN. "At the end of the day, the big benefit to the enterprise is cost-effective, out-of-the-box security for all their cloud applications."

[Related: The 10 Coolest Security Startups Of 2013]

"This space is all very much emerging and it's interesting how this whole thing is taking off," said Shaq Kahn, CEO of Fremont, Calif.-based security service provider Fortifire, a Skyfence partner. "Companies now have business units with well-established cloud services, and they need an effective security strategy around that."

Skyfence is coming out the gate with full user monitoring for threat prevention and data access reports. The company said its gateway also provides activity monitoring and reporting features for risk and compliance activities. In addition to identifying suspicious endpoints, the firm can detect brute force attacks on user accounts and man-in-the-middle attacks attempting to shadow user activity. Skyfence plans to add application analysis and risk scoring followed by data loss prevention and data encryption capabilities, according to the company.

Skyfence's service uses a reverse-proxy approach, sending the traffic flow through its servers for inspection. An analytics engine establishes a fingerprint or snapshot of employee behavior over time to uncover any anomalous activity that could signal a security problem. For example, an end user that typically signs into Salesforce.com from San Francisco but suddenly is logging in from Beijing would be flagged as suspicious and locked out of his or her account, depending on company policy.

In addition to Salesforce.com, Skyfence supports a variety of cloud-based services, including Amazon Web Services, Box, Google Apps and Microsoft Office365, among others.

User monitoring, intrusion prevention and insider threat prevention capabilities are enabled by default out of the box. The company's management portal provides administrators with a fairly easy way to set custom policies. For example, it can be set to prevent employees from accessing services via open wireless access points in an airport or cafe or from accessing certain sensitive data that may be restricted to certain group of users. It uses information from Access Directory to provide administrators with detailed information about employee usage, including any files being accessed and changed.

NEXT: Interest In Cloud-Based Protection Is Growing