By George Hulme
At the RSA Conference 2017, Feb. 13-17, there was a lot of speculation about upcoming consolidation among security vendors. It’s the natural evolution of the market, after all: Startups can be nimble and innovative, whereas larger, more-established suppliers must purchase that innovation to enter new markets, serve new technology areas or fill gaps in existing portfolios. The M&A cash is there — Gartner famously predicted that global information security spending will reach $170 billion by 2020, up from $76.9 billion in 2015. I heard many attendees at RSAC talk as if the pending and inevitable next wave of consolidation will mean an end to the vibrancy of the security market.
In fact, anyone who thinks the information security market is going to consolidate to a few (or even a few hundred) big vendors certainly didn’t visit the inaugural Early Stage Expo, held at the Marriott Marquis. At the Expo, 40 startups pitched the solutions they’re bringing to market to some of the 43,000 RSAC attendees — an audience comprised of influencers, customer decision-makers, investors and partners.
To be sure, many of the startups here are focused on tackling old problems. But they each contended that they’re bringing a new twist to areas including email security, Web content security, software and code security. Of course, there were also more than a few early-stage ventures trying to solve relatively new challenges, such as securing DevOps organizations, containers and IoT.
As for RSAC overall, the official tally was 15 keynote presentations, more than 700 speakers across 500-plus sessions and more than 550 companies on the expo floors, all visited by a record 43,000 attendees. Keynoters included Microsoft president Brad Smith, former MI5 Director Dame Stella Rimington and Dr. Neil deGrasse Tyson.
For the first few hours of the Early Stage Expo kickoff, it was standing room only. Channel Partners was there to capture the highlights for you, so click through the image gallery to see the seven startups that stood out to us.
The Sixth Flag provides desktops as a service with an additional secure twist. For companies in need of remote desktop management capabilities, The Sixth Flag provides a web-based, secure, throwaway desktop. This cloud-based DaaS offering requires no dedicated hardware to deploy, and corporate desktops can be accessed from anywhere and on most any device. Because no data is ever stored locally, loss of a device is never a security concern.
Pete Kofod, founder and CEO, explained how his company’s dewdrop.tsf, a patent-pending watermarking technology, overlays an entire screen session with a unique hash. This way, insiders with bad intentions are at great risk of being identified should they try to take photos of, or screen capture, protected data. According to Kofod, the unique pattern enables organizations to significantly hinder data theft and unauthorized data sharing because each watermark contains user and timestamp information.
Some of the biggest hacks in recent years – think Snowden, the Sony breach, Chelsea Manning – have involved the movement of massive data that the organization obviously wished to protect.
Holonet Security and its OnFire software provide real-time contextual visibility across all sensitive business data as it moves throughout networks and applications using data-behavior analytics. The idea is to spot abnormal movement of data, in much the same way as a credit-card company might flag an anomalous charge. This way, if someone tries to move sensitive data to an unauthorized devices, you’ll know.
Chunqing Cheng, chief architect of Holonet Security, told us that OnFire automatically learns ownership for every application accessed, every device connected, and every file moved without any agent needing to be installed.
When it comes to protecting websites from malware and botnets, George Deen, business development lead at SafeDNS, told us that continuous machine learning and behavior analysis are superior to static blacklists. The SafeDNS service analyzes data from its filtering services to identity bad actors and malicious systems. This way, bad behaviors, such as a sudden spike in activity that could indicate an attack, can be identified and blocked.
SafeDNS is a cloud service, so no hardware is required.
Websites are continuously ranked based on attributes fed into the SafeDNS database, and this intelligence continuously informs the company’s web-filtering service. Users of the service can also access this information through SafeDNS’s open API, so integration with other security technologies is possible. SafeDNS provides its service to about 4,000 home users, businesses, educational institutions, telecos, ISPs, MSPs and VARs.
David Sokolic, CEO at CyKick Labs, explains how the company’s Telepath product combines behavioral analysis, machine-learning algorithms and data analytics to identify, mitigate and investigate attacks against Web applications.
According to Sokolic, Telepath comes to understand normal website visitor behavior, and vets web-application transactions against rule sets and machine learning to spot bad actions. Sokolic says Telepath can improve website security to guard against fraud, intellectual property theft, account takeover and other risks. The company just came out of stealth mode on Feb. 13.
White Hawk Software knows that software security is serious business, and even more so as more devices become Internet-connected. White Hawk’s mission is to protect organizations, through its code-tamper-proofing technology, from loss of assets and capital, intellectual property, and even potentially lives caused by unauthorized access to software and applications.
Chris Jacoby, founder and CTO at White Hawk Software, says the technology protects code at run time by tamper-proofing and pre-linking native object files. According to Jacoby, when code is protected not at the source level but at the binary level, the security isn’t limited to the nature of the programming language. Thus, individual components in complex, multi-vendor software systems – think IoT, including SCADA and industrial control systems – can be locked down.
NeuVector wants to bring some sanity and security to containers, which can become a quick mess if not properly managed.
Deployed as a container itself, the NeuVector technology adapts to changing environments and secures containers during run time and enables applications to automatically scale up or be spun down.
According to Glen Kosaka, VP of product management and marketing, NeuVector identifies normal connections and behaviors, then builds a security policy that will protect container services. Any connections that don’t meet that policy can be logged or blocked without disrupting good container sessions. NeuVector will also scan containers and hosts for vulnerabilities, and detect and blunt application-level attacks.
As Brian Krebs writes, since January 2015, the FBI has seen a 270 percent increase in identified victims and losses from scams targeting CEOs (thus the “whaling”).
Today, such attacks are likely to come from any number of communication and collaboration platforms, not just email. Startup GreatHorn aims to protect companies from being scammed. The GreatHorn technology integrates directly with cloud communication platforms, including Microsoft 365, G Suite and Slack, but organizations can protect any cloud-connected system (proprietary and in-house systems) through the API-driven GreatHorn Threat Platform.
Chris Fraser, VP, strategic accounts, told us that the data that GreatHorn continuously collects increases intelligence on both emerging and historical threats.
Please click here for more Channel Partners galleries.