The 10 Coolest Security Startups Of 2013 (So Far)
Information Security Startups Are Solving New Problems
Information security startups are finding new ways to inspect files for suspicious activity to detect malware. Firms are developing new technologies to encrypt machine-to-machine communication for critical infrastructure protection. Mobile protections are addressing the security of text messages, making them self-destruct after a time period or securing VoIP calls from eavesdroppers.
The battle against cybercrime is focusing more on ways to make it costlier to conduct attacks. New defensive mechanisms are isolating applications using virtualization technology. They're also going deeper, using hardware-based security to get underneath the operating system to increase visibility over the processes that run the entire system.
Silent Circle
CEO: Mike Janke
Based in Washington, D.C., Silent Circle develops software that encrypts communications on mobile phones and video teleconferencing services. The company was one of 10 security firms that debuted at RSA Conference 2013. With its iOS and Android apps, Silent Phone provides peer-to-peer encryption for VoIP calls and Silent Text encrypts text messages between users.
The company also provides encrypted email service, encrypted voice and video calls from laptops and desktops, and supports encrypted calls between Silent Phone subscribers and nonsubscribers. This year, the company introduced a secure website for administrators to manage licenses for employees using the software.
Silent Circle was co-founded by Mike Janke, former Navy SEAL and best-selling author, and Phil Zimmermann, the creator of Pretty Good Privacy email encryption software.
GridCOM Technologies
CEO: Stan Ellis
San Diego-based GridCOM Technologies uses quantum encryption to secure machine-to-machine communications. The goal is to build a secure Internet pipeline connecting electric grid automation equipment.
With an increasing emphasis on securing critical infrastructure, GridCOM and companies like it are getting attention. The company feeds laser-generated photons into a server to produce random encryption keys used to encrypt and decrypt commands between components within industrial control systems.
Light Point Security
CEO: Beau Adkins
Based in Baltimore, Light Point Security protects users by creating a virtual machine on its servers, running a web browser of its own that can be controlled by the end user. The virtual machine prevents website code from running on its computer, preventing drive-by attacks and other attempts to infect a system with malware through the browser. The company said it supports Mozilla Firefox 3.6 and later, and plans to support Google Chrome and Microsoft Internet Explorer in the future.
Light Point was selected to compete in the Wall Street Journal Startup of The Year documentary, which will follow its executives over five months. The company currently aims its product at consumers, but is readying Light Point Web enterprise for businesses.
Remotium
CEO: Sinan Eren
San Mateo, Calif.-based Remotium has created technology that it says addresses the bring-your-own-device phenomenon in the enterprise by making users tap into a virtual client to access work data. The company uses virtualization to run mobile applications in public or private clouds and then streams the data to mobile devices.
Email, calendar, contacts, browser, Salesforce, Box, Workday and others are instrumented on run-time to prevent data loss, intrusion and malware, the company said. Data is never stored on the employee's device.
Security4SOA
CEO: M. Ariel Evans
Security4SOA works to secure the service-oriented architecture environment, the underlying services used to support large applications in the middleware layer.
The company has developed its first product, MQSentry, at IBM’s WebSphere MQHursley Lab. MQSentry provides compliance reporting for PCI, HIPAA and other regulations and works with WebSphere MQ. The company said it can identify and remediate previously unseen vulnerabilities. It can roll back changes, conduct event monitoring in real time and provide a firewall for the SOA environment.
Bromium
CEO: Gaurav Banga
Cupertino, Calif.-based Bromium introduced its first product, vSentry, in September 2012, and it is quickly gaining attention of security experts. The company uses strong hardware-based container technology called micro-virtualization. The Xen-based hypervisor isolates each vulnerable or untrusted user task. The goal is to neutralize attacks and detect advanced persistent threats.
The company's leadership team consists of virtualization experts. CTO and co-founder Simon Crosby founded and was CTO of XenSource prior to the acquisition of XenSource by Citrix. The company also has experts formerly of VeriSign and McAfee on its team.
Cylance
CEO: Stuart McClure
Irvine, Calif.-based Cylance describes itself as a technology and services company. It was founded in late 2012 by Stuart McClure, the former CTO of McAfee. The company recently announced that it raised $15 million.
The firm's services include penetration testing and incident response. Cylance created a threat detection system that runs in the background and detects attacks using a mathematical approach. Threat intelligence information is shared with other users in real time. The company said it is developing a suite of products for enterprises for threat detection and data collection.
Secure Access Technologies
CEO: Ben Ayed
Secure Access Technologies enables companies to wrap mobile applications to provide multifactor authentication with no dependency on the device location. The company uses adaptive authentication technology that evaluates location, proximity and behavior risks. It can log out users from wrapped applications when they are away from the device and provides keyless entry to those apps when they return.
The Menlo Park, Calif.-based company has landed a partnership with mobile device management vendor Good Technology. Its CEO Ben Ayed holds several patents on the technology. It also has the inventor of SSL Taher Elgamal on its Board of Advisors.
Lastline
CEO: Jens Andreassen
Santa Barbara, Calif.-based Lastline is a channel-friendly, behavioral-based security firm headed by CEO Jens Andreassen, a Fortinet sales executive who set up the company's international sales operation. Its Previct line of appliances conducts threat analysis and forensics, analyzing the behavior of suspicious files in a virtualized sandbox, and inspecting every executed instruction to detect targeted attacks.
The company's founders are university researchers Engin Kirda, Christopher Kruegel and Giovanni Vigna, who created Anubis and Wepawet, cloud-based malware analysis tools with a user base of tens of thousands corporations, government institutions and security vendors. The company launched in 2011 but announced in June that it raised $10 million in Series B financing.
Shape Security
CEO: Derek Smith
Based in Mountain View, Calif., Shape Security is attempting to address web application vulnerabilities. The company remains in stealth mode, so not a lot of information has been made available about its technology. Shape Security said it plans to release a new type of web security technology.
In January, Shape Security announced that it raised $20 million in Series B financing from investors. The company's executives include Google’s former click-fraud czar, Cisco’s former vice president of application delivery and Walmart’s former chief information security officer.