10 Cool Security Startups To Watch
Cool Startups Using Analytics, Monitoring For Threats
Hacktivists and nation-state sponsored cybercriminals carrying out cyberespionage operations all use some common tools and techniques to infiltrate organizations. Some of the latest security startups are attempting to identify those similar traits to detect and contain threats in corporate networks. Others are focusing on emerging threats, such as those posed by unauthorized wireless use in a facility or social media activity that could signal signs of a rogue employee or an attacker impersonating employees. The security industry is focusing on a variety of new ways to defend against internal and external threats. Behavioral analysis is taking a snapshot of employee, application and system behavior to find anomalous activity that could signal a threat. Here are 10 interesting firms providing new technology and services for mitigating risks in private- and public-sector firms.
Sentinel Labs
Israeli endpoint security startup Sentinel Labs, founded in 2013 to develop a "next generation" endpoint security platform, raised a Series A round of $10 million this month. The company plans to use the financing for research and development activities. Sentinel said its host-based technology can detect and prevent malware from executing on endpoint systems. It uses an execution modeling engine rather than a traditional signature-based approach to threat detection. Sentinel Co-Founder and CEO Tomer Weingarten said he hopes to shake up the antivirus industry with the product, directly competing with traditional AV vendors by the end of 2014. The product runs on Windows, Mac OSX and Android. The firm is working on support for iOS and Linux systems.
Sookasa
SaaS-based secure file-sharing startup Sookasa, based in San Mateo, Calif., encrypts data in Dropbox, Gmail and other cloud services popular with end users. The firm said it encrypts data before files are shared to help businesses meet regulatory mandates, such as HIPAA and FERPA. It also encrypts the information in transit and creates a folder to synchronize files across all the data owner's devices. Sookasa also monitors files and keeps an audit trail on file-sharing activity. The Israeli startup's co-founder and CEO Asaf Cidon formerly worked as an engineer in Google's Web search arm.
TextPower
Forget two-factor authentication as a way to defend against system access from cybercriminals. San Juan Capistrano, Calif.-based TextPower said it has created a way to use seven factors of authentication to help employees gain access to a website or login to a VPN. TextPower claims its SMS text message authentication uses a unique way to prevent unauthorized access to the correct verification PIN. TextPower CEO Scott Goldman said the process is easier to implement and a more secure way to implement additional authentication. The verification begins with the password, but the service also checks the unique device identifier, a key verification, validates the mobile number, and checks the cellular carrier's destination code. It also provides an optional PIN and link option to view a key.
Luminal
Baltimore-based Luminal is building a cloud infrastructure security and monitoring platform. The company closed a $3.8 million Series A financing round and plans to use the funding to expand its engineering staff to continue product development and make its product, currently being tested by early adopters, to be generally available for Amazon Web Services users. The company said its platform embraces the DevOps movement by combining operational and software development activities to simplify operations and improve security. Luminal's Founder and CEO Josh Stella previously was principal solutions architect at AWS and served eight years as a lead application architect at Dell.
RedOwl Analytics
Baltimore-based RedOwl Analytics was the Innovation Sandbox winner at the 2014 RSA Conference, the security industry's largest annual conference. The company's product, Reveal, attempts to detect patterns in interoffice behaviors by monitoring and detecting subtle changes in the communication trails of employees. It aggregates and analyzes other data to detect internal threats or determine if an employee simply needs recognition or other attention. RedOwl CEO Guy Filippelli said the product was designed to harvest the human layer of data collection to help managers better understand their people.
ThreatStream
Redwood City, Calif.-based ThreatStream raised $4 million in Series A funding in February led by Google Ventures. The company’s SaaS-based platform, Optic, aggregates threat intelligence data to identify connections and give businesses visibility into how threats could impact them. It integrates its findings into an organization's existing security infrastructure, the company said. Founder and CEO Greg Martin is a network security expert and has a background in security information event management systems. The goal is to give security teams the ability to detect and respond to targeted attacks by providing accurate and actionable data based on real-time awareness. Other participating investors include the Paladin Capital Group, Hugh Njemanze, former CTO and founder of ArcSight and Tom Reilly, former CEO of ArcSight who currently is CEO of Cloudera, Apache Hadoop big data platform provider.
Cybereason
Israeli startup Cybereason, which opened up offices in Cambridge, Mass., raised $4.6 million in Series A funding in February for its platform, which monitors systems for the warning signs that indicate a cyberattack in progress. The company's founders, Lior Div, Yonatan Striem-Amit and Yossi Naar, are all former Israeli intelligence agency experts. Div's expertise is in digital forensics and malware analysis, Striem Amit's focus is analytics and visualization technologies and Naar is a software architect. Div, who serves as CEO, said the firm focuses on malicious indicators it has dubbed Malops, which describes the specific threat actions associated with an advanced attack with the goal of detecting it in the early stages of a network infiltration.
Threat Stack
Cloud incident response system maker Threat Stack, formerly called Packet Stash, raised $2.6 million in venture round funding this month for its platform that provides monitoring over cloud-based systems. Its platform records logins, processes and file changes, and other system activity and alerts. It uses a lightweight agent to profile normal application behaviors and gives IT teams a view of the risk posture of the systems being used. The company said its recording system acts as a DVR, enabling incident responders to identify and trace specific threats to hosted applications. It also adds a mechanism to create custom firewall rules based on its alerts. Co-Founder and CEO Dustin Webber (pictured) is a former software engineer at Tenable Network Security. Richard Bejtlich, chief security officer at Mandiant (recently acquired by FIreEye), and Chris Wysopal, CTO and co-founder of Veracode, are on the company's advisory board.
ZeroFox
Baltimore-based ZeroFox provides a platform that monitors the Internet for social threats that could impact businesses. The platform attempts to identify active and ongoing cyberattacks targeting the company, its employees and end users taking place through social media. It can spot and prevent potential social engineering attacks designed to impersonate key executives within an organization. When it detects suspicious activity, it provides an email alert and gives security teams the ability to address the issue through the platform. Formerly called Riskive, the firm received $2.2 million in funding in 2013. Company Founder and CEO James C. Foster was previously CEO of Ciphent, a software security assessment firm that was acquired by Accuvant in 2010.
Integrata Security
Baltimore-based wireless intrusion detection system maker Integrata Security attempts to weed out and eliminate unauthorized wireless activity at security-conscious enterprises. The company said its technology, developed for the National Security Agency, can detect the operation of 802.11 Wireless Local Area Networking infrastructure and prevent it from operating. The company's appliance provides businesses with a central management console that ties into up to 50 sensor-detection devices within an organization to control wireless activity and prevent threats. Integrata was founded in 2012, and CEO Mike Geppi and his team are aiming it at businesses that need to protect industrial, commercial and government assets.