As seen on TechBeacon
While the IPO market for information security companies has been fallow in recent months, startups continue to attract cash. Sure, there’s plenty of hype—there always is—but there are some interesting ideas out there, too, ideas that can help slow the daily tattoo of bad news about data breaches and ransomware jackpots for hackers. Here is a baker’s dozen of cybersecurity startups worth paying attention to by following them on Twitter.
Better application security means better total security for an organization. Getting better application security, though, requires the use of multiple tools to perform both static and dynamic testing of those apps. Code Dx, recently ranked number 23 on the Cybersecurity 500, simplifies the process by bundling an assortment of static and dynamic testing tools to perform a comprehensive security analysis of an app’s code. Code Dx can automatically determine which tools to run against a code base, run the tools, and find weaknesses and vulnerabilities. Then it can consolidate and remove all redundant results, normalize the consolidated results so they use the same terminology and severity scale and present the whole package in a centralized console with an interface for managing the vulnerabilities.
Cyberhaven is still in stealth mode, but its promise is intriguing. The company, which announced in July that it closed an oversubscribed first round of financing exceeding $2 million, has a cybersecurity solution that focuses on workflows within a business to create a kind of X-ray machine for identifying threats on an organization’s information assets. With seven years of university research and four patents behind it, the technology addresses a number of pain points associated with cybersecurity systems. It’s easy to deploy, offers a simplified security infrastructure, and is invisible to end users. Christopher Lynch, founder and managing partner at Accomplice, the early-stage venture capital firm that led the first-round funding for Cyberhaven, which is a Swiss Federal Institute of Technology spinoff, said, “Cyberhaven has the deepest cybersecurity technology I’ve seen in a long time, excelling through its effectiveness, superior coverage of attack surface, and seamless user experience.”
Trying to squash all the security bugs in an application is a daunting task for a human being. That’s why researchers are feverishly looking for ways for machines to help in the task. ForAllSecure, a startup with ties to Carnegie Mellon University, has created a system it calls Mayhem that can scan code for security holes and plug them without any human intervention. Mayhem recently won the $2 million first prize in the Cyber Grand Challenge sponsored by the US Defense Advanced Research Agency at DEF CON 2016 in Las Vegas. The Challenge is DARPA’s response to the increase in software bugs largely due to the Internet of Things, which is connecting to the Net a deluge of devices built with little regard to information security. In a statement issued following ForAllSecure’s CGC win, CEO David Brumley articulated his company’s laudable goal: “Our vision is to check the world’s software for exploitable bugs so they can be fixed before attackers use them to hack computers.”
As more and more automobiles jack into the Internet, the potential for hackers to hijack a vehicle through its internal computer systems continues to increase. Karamba Security, recently picked by Forbes Israel as one of that nation’s top 10 most promising cybersecurity companies, has an offering that “hardens” a vehicle’s electronic control unit (ECU) from external attacks. The ECU is used by vehicles for communication with external sources of data, such as the Internet, Wi-Fi networks, and Bluetooth devices. With Karamba, which recently received $2.5 million in seed funding from YL Ventures and private investment company GlenRock, an automaker can embed in the ECU detection and enforcement capabilities to ensure that only permitted code and function calls are run on the unit. Karamba also blocks foreign code from executing on the ECU as well as in-memory attacks—all without any false alarms. (@YLVentures tweets about Karamba Security. We expect the @KarambaSecurity handle to be active soon.)
As the number of devices connected to corporate networks has increased, the woes of system defenders have risen. That’s because the more devices, or endpoints, you have connecting to a system, the greater the attack surface for malicious activity. An ideal solution to that problem would be to prevent the malware from reaching the endpoint. And that’s what Menlo Security’s security platform is designed to do. It acts as a sort of traffic cop between an endpoint and Internet nasties, steering safe content to an endpoint and leaving malware to be neutralized in the cloud. For example, if you visit a web page that contains malware or infected links, the platform will analyze the page in a container in the cloud, sanitize it, send a clean page to the endpoint, and destroy the container with the malicious content. What’s especially nice about the system is that it doesn’t require any endpoint agent software or browser modifications, so it has a minimal impact on user workflows. With its emergence from stealth mode in June, Menlo announced $25 million in Series B funding led by Sutter Hill Ventures.
Preempt Security emerged from stealth mode in June. It has military roots—its team is loaded with graduates of the 8200 unit of the Israeli Defense Forces—and has created a security solution that monitors both user and entity behavior. What’s more, it can take the information from that monitoring and use it to respond in real time to threats on a network. The result is an effective way to deal with malicious activity inside an organization’s firewalls. In April, General Catalyst Partners led a funding round for Preempt of $8 million that included Mickey Boodaei and Rakesh Loonkar of Trusteer and Paul Sagan of Akamai Technologies.
“Noise” is a hacker’s best friend. It can send net defenders off toward many dead ends and provide camouflage for an intruder. RiskSense, a spinoff company from the New Mexico Institute of Mining and Technology, has developed technology to sift serious threats from the avalanche of information sent to an organization’s security pros. It takes risk data from sources such as vulnerability scanners and threat intelligence feeds and extracts actionable intelligence from them. It does this by unifying and creating a context for that data and then correlating those findings with critical business needs to identify and remediate the risks that will have the biggest impact on a business. RiskSense’s technology was developed in partnership with the US intelligence community and the Department of Defense. It recently received $7 million in a round of Series A funding led by the Paladin Capital Group.
Using big data to fight security threats sounds like a good idea, but in reality it can create more problems than it solves. Systems that use analytics to combat cyberattacks can be difficult to deploy and require experts who are in short supply to analyze the data streams produced by the systems and to find patterns in them. Sift Security, which exited stealth mode in July and is backed by $3.25 million from angel investors led by the Freeman Group in Dallas, has built a threat and incident hunting platform that combines relational graph data structures, scalable search, and anomaly detection to allow security personnel to visualize what’s happening on their system in near real time. The graphical interface simplifies the investigation of threat activity within an organization and can reduce the time to probe incidents from weeks to hours or minutes.
Businesses need a technology that can be trusted for uses that can include distributed identity directories, online auctions, stock market transactions, cryptocurrencies, and multiplayer games. One of the most promising technologies for those purposes is blockchain, which is used to secure the Bitcoin digital currency. Applying blockchain beyond Bitcoin, though, has proved challenging. Swirlds, which emerged from stealth mode in June and his received an undisclosed amount of seed money from Ping Identity, has developed a distributed consensus platform that’s as robust as blockchain but easier to extend to a variety of applications. Steve Wilson, vice president and principal analyst at Constellation Research, framed the importance of Swirlds this way: “What the community needs is real research and development that will begin to solve [blockchyain’s] challenges—not solutions that arbitrarily jam the blockchain algorithm into every pet problem. This collaboration of Swirlds and Ping Identity is fresh, focused R&D and a very significant advancement for moving identity forward.”
Containers are a way to run single applications in a virtual environment. They are gaining popularity among developers because, without all the overhead of a full virtual machine, running an app in a container can improve performance. As with all new technologies, containers raise security concerns. Insecure containers not only can result in service disruptions, but they can also place sensitive data at risk. It’s those concerns that Twistlock aims to address. The startup’s technology is designed for both small and large businesses. Smaller development teams can take advantage of Twistlock’s free developer’s edition. Larger teams can benefit from an enterprise edition that can meet the stringent requirements characteristic of enterprise settings, with features such as runtime defense, vulnerability management, and smart policies. Twistlock received $10 million in July in a Series A funding round led by TenEleven Ventures. “As we have seen with every technology transition on the scale of today’s cloud, the lack of trust can be the single biggest hurdle for adoption,” TenEleven’s founder, Alex Doll, said in statement. “Twistlock is poised to become the gold standard for securing containers.”
Social media isn’t just a way to share photos and experiences with friends. It’s become a threat to the security of many organizations. The scale, trusted nature, and anonymity of social media can be leveraged by Internet bandits to launch effective attacks that encompass phishing, impersonation, customer fraud, account hijacking, and brand destruction. ZeroFox, which received a $27 million round of financing led by Highland Capital Partners at the end of 2015, addresses those concerns by monitoring social media for security risks and business threats aimed at customers, employees, and organizations. Through intelligent data collection with an automated, scriptable analysis engine, ZeroFox can identify and remediate those risks and threats. However, attempting to secure social media can be a challenging task, as ZeroFox discovered when a report it prepared for Baltimore, its hometown, came to light through a Freedom of Information Act request. In it, ZeroFox identified cybersecurity and public safety threats to the city after the death of Freddie Gray while in police custody. Two Twitter users fingered in the report were high-profile organizers of the Black Lives Matter movement, which put ZeroFox at the center of a social media brouhaha of its own making.