12 must-watch security startups for 2013

Security ventures target cloud computing, mobility, malware detection, catching stealthy attackers

Fun fact: Smith was the co-founder of data-loss prevention vendor Oakley, sold to Raytheon in 2007. He started up Shape Security with CTO Justin Call and Sumit Agarwal, the former senior adviser for cyber innovation at the U.S. Department of Defense.


Headquarters: Cupertino, Calif. Funding: About $2 million in private angel-investor funding Leader: CEO C. Scott Hartz, who brings more than 40 years of strategy and technology consulting, including seven years as CEO of PwC Consulting Founded: 2012 by Shrinivas Kumar, CTO and vice president

Why we're following it: The name "TaaSERA" is said to mean "trust as a service." But the startup will be offering a product as well, known as the TaaSERA Attack Warning and Response Engine (AWARE), that will be out later this month as the company makes its formal debut with its behavior-based malware and attack-detection software. It will include agent software initially for Windows-based computers and the Google Android platform, plus network sensors, that are intended to be installed to monitor and detect signs of malicious behavior from attackers and malware in real time.

The approach, which is likened by company insiders to what security firm FireEye does in malware detection, is also intended to be used in conjunction with other security products to receive additional data feeds -- alliances with Bit9 and HP ArcSight, for example, are underway -- to gain additional evidence of malware and detect zero-day malware attacks. The TaaSERA NetAnalyzer tool, installed as a virtual appliance on the network, is supposed to collect behavioral evidence to analyze malware patterns, categorize threats and provide forensics. Early adopters are said to be in tests with it.

The startup has managed to attract Tom Ridge, former secretary of the U.S. Department of Homeland Security and former governor of Pennsylvania, to join its advisory board. Ridge, who says he does have a "modest" stake in TaasSERA, claims he won't be actively lobbying for the startup, but is convinced TaaSERA's approach represents a "very significant development" in using analysis for security that is needed today. The startup has come up with "sophisticated data analysis to identify in advance potential terrorists and criminals," he says, adding he believes the threat today is greater than it was 10 years ago.

Fun fact: Shrinivas Kumar, the inventor of the core technology, was previously solutions architect at VMware, and TaaSERA's approach is described as optimized for VMware-based infrastructures.


Headquarters: London Founded: 2012 as a joint venture by ARM, Gemalto and Giesecke & Devrient Funding: Undisclosed, although "tens of millions" in investment is being bandied about in the media Leader: Ben Cade, CEO, a former executive of ARM where he led the Secure Services Division

Why we're following it: Trustonic has what's called its TrustZone technology embedded in integrated circuits which it wants to see used for purposes such as secure encryption key storage in mobile devices or electronic payments or television set-top boxes. Debuting in December 2012, Trustonic is a play by techno-savvy Europe-based firms to get the rest of the world to embrace its crypto-based model, essentially an embedded operating system of sorts, as a common platform to roll out new ways to deliver subscriber-based content like video or pay for things or other personalized services on mobile devices. So far, Trustonic is being backed by firms that include Cisco, Samsung, Symantec, Sprint, Nvidia, Good Technology, Wave Systems, MasterCard and 20th Century Fox Entertainment, among others. Though details are sketchy, Stephen Bye, CTO at Sprint, said the carrier expects to make use of the technology in the future to deliver services.

Fun fact: Trustonic's crypto-based technology is already deployed in the latest Samsung Android Galaxy S III and Note II mobile devices.


Headquarters: New York City Founded: 2009 by Ben Matzkel, chief strategy officer, and CTO Maayan Tal, both from McAfee Funding: $10 million from 406 Ventures, New Science Ventures and Harmony Partners, plus a few million in angel-investor funding Leader: Elad Yoran, chairman and CEO, whose 20-year career in cybersecurity includes stints at Riptech (acquired by Symantec) and Sentrigo (bought by McAfee)

Why we're following it: Vaultive's first product out last May allows enterprise security managers to remotely control encryption of email data held in the Microsoft 365 cloud service. The encryption proxy uses the Advanced Encryption Standard to encrypt this cloud-stored data in a way that only authorized individuals can run an encrypted search query at the Exchange Server hosted by Microsoft to present the results in decrypted form that can be read in cleartext.

As Yoran has noted, the approach means businesses encrypting data this way in the cloud can prevent it being accessed or handed over to law enforcement under subpoena without the business knowing about it. New methods of providing cloud-based encryption appear to be something that start-ups and their investors are willing to bet on as businesses demonstrate growing confidence in use of cloud-based services.

Fun fact: Prior to co-founding Vaultive, Maayan Tal was general manager of McAfee's Israeli development operations.

Read more about wide area network in Network World's Wide Area Network section.

This story, "12 must-watch security startups for 2013" was originally published by Network World.

| 1 2 Page 8
ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon