must-watch security startups for 2013Security ventures target cloud computing, mobility, malware detection, catching stealthy attackers
We'll see -- but how far can anyone legally go anyway to pursue an adversary across the Internet or even strike back? Alperovitch says CrowdStrike has had intelligence and response services available that have been used by large corporations and government agencies since the second quarter 2012. CrowdStrike is also developing what it calls a "big-data analytics platform" to identify and prevent damage from targeted attacks in real-time by monitoring, sharing and mitigating the adversaries' tactics, techniques and procedures. The technology is currently in beta and expected to be launched this year.
Fun fact: Knowing there are legal questions surrounding the topic of pursuing attackers to stop them, CrowdStrike likes to note that last April it hired Shawn Henry, retired executive assistant director of the criminal, cyber, response and service branch of the FBI, as president of its CrowdStrike Services.
Headquarters: San Francisco
Founded: 2009 in Oslo, Norway
Funding: $7 million from Accel Partners, and an undisclosed sum from Sun co-founder Scott McNealy
Leader: Mike Ellis, CEO (former senior exec with SAP, Oracle, i2 Technologies) and Lasse Andresen, CTO (former Sun exec)
Why we're watching it: ForgeRock's software, Open Identity Stack, can be used to tie together a centralized provisioning and access-management system for enterprise, mobile and software-as-a-service applications. The company says it already has about 130 corporate customers for its subscription-based services. The startup has its roots in the open-source model, making use of the identity-management code base at ForgeRock.org community developer site to sell commercial products available at ForgeRock.com. ForgeRock vets the open-source code it uses for inclusion in its commercial products. The startup will be bumping up against the likes of IBM, Symplified and Symantec, among others in the identity-management space.
Fun fact: Much of the engineering and sales talent hail from careers in the open-source identity and access management division at Sun Microsystems, acquired by Oracle in 2010. ForgeRock's product finds its origins in the open-source IAM from the Sun era that was developed to adapt to a cloud environment.
Headquarters: Santa Barbara, Calif.
Founded: 2009 by university researchers Giovanni Vigna, Christopher Kruegel and Engin Kirda
Funding: $3 million, including $1 million from E.ventures
Leader: Jens Andreassen, CEO (previously with Fortinet)
Why we're watching it: Lastline in November made its official debut with an anti-malware product and service called Previct which aims to prevent malware infections from entering the enterprise and also inspects and analyzes outgoing traffic. Though there's plenty of competition in malware detection today, the three university researchers (from UC Santa Barbara and Northeastern University) who developed it claim it's a better anti-malware mousetrap.
The technique Lastline came up with gets out in front of malware by using code emulation to securely analyze what effect the malware is trying to have rather than try to detect malware based on signatures as traditional antivirus would, says Christopher Kruegel, co-founder and chief scientist. In terms of competition, Lastline regards its approach as somewhat similar to that of FireEye, an earlier startup that's gotten plenty of attention for its anti-malware detection process.