Emerging Vendors 2014: Security Vendors

Security Hotshots Of The Year

CRN's Emerging Vendors for 2014 looks at the hot tech startups rising in the channel and making their presence known through the technology industry as a whole. With never-ending threats to a company's IT operations and data, it's no surprise that this year's list includes a number of security vendors touting everything from cloud security solutions to authentication systems. CRN is highlighting startups that are mixing unique technologies and reliable services with a strong channel presence. Here we present to you the security vendors that made the Emerging Vendors list for 2014.

Adallom

Menlo Park, Calif.

Top Executive: Co-founder and CEO Assaf Rappaport

Adallom’s founders believe that pre-existing defense mechanisms are ineffective at protecting information in Software-as-a-Service environments. So they created technology that extends the boundaries of enterprise security into the cloud, moving control, visibility and detection directly into SaaS, away from devices and perimeters.

AlephCloud Systems

Sunnyvale, Calif.

Top Executive: CEO Richard Gorman

AlephCloud develops technology for enforcing security and privacy policies relating to the sharing of data and documents through public cloud services. The company's Content Canopy software is a cloud-based secure file sync-and-share application for sharing documents with external parties.

Appthority

San Francisco

Top Executive: CEO Paul Stich

Appthority provides the Mobile App Risk Management Service that automates the discovery, analysis and approval of applications present on employee mobile devices. The service combines a database of millions of previously analyzed applications with a policy management engine.

BitSight Technologies

Cambridge, Mass.

Top Executive: CEO Shaun McConnon

BitSight provides an automated risk rating metrics service on the information security effectiveness of businesses and organizations, similar to consumer credit scores. Customers use the service to gauge the security of business partners with whom they may be sharing sensitive data.

Bluebox Security

San Francisco

Top Executive: Co-founder and CEO Calem Sima

Bluebox develops a scanning platform used to secure corporate data as it interacts with employee-owned mobile devices, applications and services. Bluebox made headlines last year when it discovered a serious flaw in the Android security model that let attackers modify Android applications without Google's review.

Bromium

Cupertino, Calif.

Top Executive: Co-founder and CEO Gaurav Banga

Bromium is pioneering a new endpoint security model with its hardware-based "micro-virtualization" technology that protects against malware from the Web, email or USB devices. The technology automatically isolates each user-task at the endpoint in a hardware-isolated micro-VM, preventing theft or damage to any enterprise resource.

Co3 Systems

Cambridge, Mass.

Top Executive: CEO John Bruce

Co3 Systems provides an automated incident response toolkit that can generate detailed incident response plans and provides a platform for threat investigations. The software also provides management workflow for incident entry and assessment, with customizable dashboards and reporting capabilities.

Confer Technologies

Waltham, Mass.

Top Executive: CEO Mark Quinlivan

Confer Technologies provides a cyberthreat prevention network used to protect servers, laptop computers and mobile devices from advanced threats. The company watches for tactics, techniques and procedures used by attackers, and collects and analyzes that data within a secure cloud.

CrowdStrike

Irvine, Calif.

Top Executive: Co-Founder, President and CEO George Kurtz

CrowdStrike provides security technology and services that identify advanced threats and targeted attacks. The company's CrowdStrike Falcon Platform uses big data technologies, cloud-based machine learning and endpoint security using advanced threat intelligence to identify unknown malware, detect zero-day threats and prevent damage from targeted attacks in real time.

Cybereason

Cambridge, Mass.

Top Executive: Founder and CEO Lior Div

Founded by elite Israeli-Intel cybersecurity experts, Cybereason has developed a technology platform that automatically uncovers malicious operations and reconstructs them to provide a clear image of a cyberattack. That allows businesses to discover sophisticated targeted threats at an early stage and disrupt them to significantly reduce costs and damages.

CyberSense

Menlo Park, Calif.

Top Executive: Co- Founder and CEO Yaniv Alfi

CyberSense provides cloud-based and on-premise cybersecurity products to reduce the risk of disruptive security compromises, data breaches and compliance violations. The flagship CyberSense360 platform detects and analyzes zero-day and undetected malware, builds threat profiles, blocks attacks and remediates damage.

Cylance

Irvine, Calif.

Top Executive: CEO Stuart McClure

Founded by former McAfee executives, Cylance removes the "human element" from security with its enterprise endpoint security platform that uses mathematical analysis to detect threats. Cylance's Infinity solution relies on data mining, algorithms and machine learning to collect, classify and learn what is a threat and what isn't.

Cyphort

Santa Clara, Calif.

Top Executive: President and CEO Manoj Leelanivas

Cyphort develops advanced threat protection software that provides a defense against advanced persistent threats such as targeted attacks, next-generation malware and zero-day vulnerabilities. In June the company debuted version 3.0 of its platform that automatically prioritizes threats based on business risk.

Delfigo Security

Boston

Top Executive: CEO and Chief Innovation Officer Ralph Rodriguez

Delfigo Security provides mobile, tablet and cloud technology for identity and access management. The Delfigo products provide a multifactor, risk-based authentication platform using a patented artificial intelligence-based architecture. Delfigo reduces risk of identity theft and fraud for enterprises and ensures regulatory compliance.

Druva

Sunnyvale, Calif.

Top Executive: Founder and CEO Jaspreet Singh

Druva develops the inSync endpoint data protection and governance software for PCs, laptops, tablet computers and smartphones. The product provides backup, IT-managed file sharing and data loss prevention capabilities. Earlier this year Druva said it would focus on channel sales and transition away from its direct sales model.

eCert

San Francisco

Top Executive: Founder and CEO Kelly Wanser

eCert provides critical protection against email fraud, phishing and other threats to enterprises, governments and other major organizations and their customers. eCert’s Email Protection Identity Cert service supports open standards-based email authentication for blocking malicious traffic.

Elastica

San Jose, Calif.

Top Executive: President and CEO Rehan Jalil

Elastica emerged from stealth mode earlier this year and released Cloud Security Operations Center for securing cloud applications and services, remedying IT managers' lack of visibility into the security of their SaaS applications. Elastica also develops applications that run on CloudSOC for auditing cloud service operations, detecting security threats and enforcing security policies.

ERPscan

Amsterdam, The Netherlands

Top Executive: CEO Ilya Medvedovsky

ERPScan develops security software for ERP and business applications, particularly SAP, and software that prevents cybercrime and internal fraud by identifying and correcting system vulnerabilities.

FireHost

Dallas

Top Executive: CEO Jim Lewandowski

FireHost stands out among Infrastructure-as-a-Service providers by focusing on security. Its secure cloud hosting offers servers in Dallas, Phoenix, London and Amsterdam starting at $350 a month. The company has increasingly focused on securing private clouds and can provide IP reputation management. Its platform blocks most common Web-based attacks, including SQL injection, cross-site scripting and cross-site request forgery.

Fortscale

New York

Top Executive: Co-Founder and CEO Idan Tendler

Fortscale uses big data analytics to help its customers protect themselves from cybersecurity attacks. The company, founded in 2012, develops enterprise security solutions and touts its Fortscale 1.0 solution's ability to uncover "under-the-radar" security threats and identify malicious user behavior.

Hytrust

Mountain View, Calif.

Top Executive: CEO John De Santis

HyTrust calls itself the cloud security automation company. Its virtual appliances provide an essential foundation for cloud control, visibility, data security, management and compliance, mitigating the risk of catastrophic failure -- especially given the concentration of risk that occurs within virtualized and cloud environments.

Integrata Software

Baltimore

Top Executive: CEO Mike Geppi

Integrata Security provides complete enterprise-level protection for 802.11 wireless networks. The company offers a complete protection solution for wireless networking, using technology exclusively licensed from the Department of Defense.

iSheriff

Redwood City, Calif.

Top Executive: CEO Paul Lipman

iSheriff solves the security point-product problem for SMEs by delivering an integrated security solution, delivered through the cloud, with single pane-of-glass visibility for policy management and control. The Security-as-a-Service solution protects against multi-vector threats and helps address compliance challenges.

ITADsecurity

Natick, Mass.

Top Executive: Founder and CEO Robert Rinaldi

ITADSecurity offers The Watchdog, an application that reduces data breaches associated with an organization’s physical devices. While significant efforts are made to mitigate risk of cyberattacks at the network and application levels, there is a lack of useful tools focusing on the integrity of data protection at the physical device level.

JumpCloud

Boulder, Colo.

Top Executive: Co-Founder, President and CEO Rajat Bhargava

Security startup JumpCloud automates the maintenance, monitoring and security of cloud-based servers. The vendor provides patch management capabilities and monitors for configuration changes that signal an attack and unauthorized file access. The SaaS-based offering is aimed at DevOps and IT pros and can be quickly installed on physical, virtual or cloud servers.

Lastline

Redwood City, Calif.

Top Executive: CEO Jens Andreassen

Lastline provides a best-in-class malware protection platform to detect and stop advanced persistent threats, zero-day exploits and evasive malware. Lastline’s next-generation sandboxing technology inspects common network protocols and files to identify and stop advanced threats that bypass traditional signature-based systems.

LightCyber

New York

Top Executive: CEO Gonen Fink

LightCyber uses behavioral analytics to detect malicious activity early in an attack life cycle. Its technology analyzes network and endpoint information and develops profiles of normal behavior of network users and their devices to help spot suspicious behavior.

LockPath

Overland Park, Kan.

Top Executive: Co-Founder and CEO Chris Caldwell

LockPath's Keylight software platform offers insight into a company's governance, risk management and compliance efforts by correlating security information from various data sources and pairing it with regulations and policies to measure risk. LockPath's applications are built on its patent- pending Dynamic Content Framework technology.

Luminal

Frederick, Md.

Top Executive: CEO Josh Stella

Luminal is a startup that's addressing security and control in the cloud through DevOps. Its Luminal Conductor helps address the deficiencies and vulnerabilities in the way computing is normally architected. Instead, Luminal is working to use the cloud, starting with Amazon Web Services, to its advantage to give control, cost efficiency and security to its clients.

Mojave Networks

San Mateo, Calif.

Top Executive: Co-Founder and CEO Garrett Larsson

Security startup Mojave Networks sells a cloud-based mobile security service that can support custom policies for users of all smartphone platforms. It scans apps for malware, phishing and data theft and can be configured to approve only white- listed mobile apps for end users.

Netpeas

Palo Alto, Calif.

Top Executive: Co-Founder and CEO Rachid Harrando

Netpeas is the developer of COREvidence, a cloud-based system that provides a range of vulnerability management, regulation assessment, IT monitoring, application assessment, and malware detection and reduction capabilities.

Netskope

Los Altos, Calif.

Top Executive: CEO Sanjay Beri

One of the biggest nightmares faced by IT managers is the security and regulatory liabilities due to the unknown number of cloud applications brought inside the corporate firewall by "Shadow IT." Netskope can help CIOs get a handle on Shadow IT by bringing visibility to apps brought into businesses without IT oversight.

Nok Nok Labs

Palo Alto, Calif.

Top Executive: President and CEO Phillip Dunkelberger

Nok Nok Labs developed a unified authentication infrastructure system the vendor markets as an alternative to traditional username and password authentication. The company says its technology, based on the Online Secure Transaction Protocol, is better suited to meet today's cloud computing and mobile computing needs.

NopSec

Brooklyn, N.Y.

Top Executive: CEO Lisa Xu

NopSec offers cloud-based vulnerability risk management tools to protect applications and IT infrastructure. The company's Unified VRM helps businesses manage IT security vulnerabilities in both on-premise and cloud computing systems.

Norse

San Mateo, Calif.

Top Executive: Co-Founder and CEO Sam Glines

Norse is a key player in the "live threat" security technology area, marketing its IPViking platform that's designed to provide actionable threat intelligence. The IP traffic monitoring tool collects data from a global network of sensors to create a blacklist of high-risk IP addresses that are sources of cyberattacks and fraud.

Okta

San Francisco

Top Executive: Co-Founder and CEO Todd McKinnon

Okta develops a cloud-based platform for secure identity and access management tasks. With the vendor's software, organizations can manage system access across applications, people or devices using Okta's directory service, single sign-on, strong authentication, provisioning, workflow and reporting capabilities.

OneLogin

San Francisco

Top Executive: Founder and CEO Thomas Pedersen

OneLogin providesa cloud-based single sign-on and enterprise identity management platform. The technology offers secure single sign-on, user provisioning and multifactor authentication capabilities, and is integrated with common directory infrastructures such as LDAP and Active Directory.

PacketSled

Del Mar, Calif.

Top Executive: Co-Founder and CEO Matthew Harrigan

PacketSled develops a next-generation security analytics platform that leverages big data to detect, contain, respond to and analyze advanced, targeted security threats in real time.

PerSpecSys

Toronto

Top Executive: President and CEO David Canellos

PerspecSys' AppProtex Cloud Data Control Gateway replaces data with a random token or encrypted value, making the information meaningless to anyone intercepting the data while in transit or in a cloud-based service. PerspecSys supports Salesforce.com, ServiceNow and other Web services, as well as Box and Dropbox file storage and sharing services.

Pindrop Security

Atlanta

Top Executive: Founder, CEO and CTO Vijay Balasubramaniyan

Pindrop Security develops "acoustical fingerprinting" technology that detects fraudulent calls and authenticates legitimate callers. The company's caller- ID software identifies key attributes of any phone call, including the device, call path and geographic point of origin, and extracts the acoustical fingerprint for analysis.

Porticor

Hod Hasharon, Israel

Top Executive: Founder and CEO Gilad Parann-Nissany

Porticor's Virtual Private Data system combines encryption with key management to protect data in public, private and hybrid cloud environments. With split-key encryption technology, Porticor Virtual Private Data ensures keys remain under customer control and are never exposed in storage.

PortSys

Marlborough, Mass.

Top Executive: CEO Michael Oldham

PortSys markets its Total Access Control suite of information security and access control software, including the Saferoom application to control and secure desktops and devices browsing the Internet from within a corporate network. The company also develops the PortSys Unified Access Gateway appliance.

PrivateCore

Palo Alto, Calif.

Top Executive: Co-Founder and CEO Oded Horovitz

PrivateCore provides full memory encryption that secures applications and data on standard x86 servers. The company's PrivateCore vCage software virtualizes physical security and protects data-in-use using virtualization inside the CPU to encrypt data in memory. The company's software can securely run any application in outsourced, hosted or cloud environments.

RedOwl Analytics

Baltimore

Top Executive: Co-Founder and CEO Guy Filippelli

RedOwl Analytics was the Innovation Sandbox winner at the 2014 RSA Conference. The company's product, Reveal, attempts to detect patterns in interoffice behaviors by monitoring and detecting subtle changes in the communication trails of employees, aggregating and analyzing data to detect internal threats.

Risk I/O

Chicago

Top Executive: Co-Founder and CEO Ed Bellis

Risk I/O has developed what it calls the first "vulnerability intelligence platform" that collects global attack data from repositories like RiskDB, third-party threat information feeds, other Risk I/O users, and a business' own IT systems. That information is scrutinized using big data technology and predictive analytics to prioritize vulnerability assessments.

Silent Circle

National Harbor, Md.

Top Executive: Co-Founder and CEO Mike Janke

Silent Circle is a global encrypted communications service that provides cutting-edge encrypted text, e-mail, mobile phone and video teleconferencing services through a secure, proprietary network, software and mobile apps.

Skycure

Tel Aviv, Israel

Top Executive: Co-Founder and CEO Adi Sharabani

Skycure provides agent-based security software for iOS and Android devices that it says does not impede device performance. The agents interact with Skycure's cloud security service to provide intrusion prevention and detection capabilities for mobile devices. The software uses behavioral analysis to detect threats and is designed to take action if it detects suspicious activity.

Skyhigh Networks

Cupertino, Calif.

Top Executive: Founder and CEO Rajiv Gupta

Cloud security software vendor Skyhigh Networks addresses problems that come with the viral, uncontrolled adoption of cloud services by employees. The platform lets IT and security administrators identify cloud services running on their networks and receive a detailed risk rating for each service. The company secured $40 million in Series C financing in June.

Sookasa

San Mateo, Calif.

Top Executive: Co-Founder and CEO Asaf Cidon

SaaS-based secure file-sharing startup Sookasa encrypts data in Dropbox, Gmail and other popular cloud services. The company's technology encrypts data before files are shared to help businesses meet regulatory mandates, such as HIPAA and FERPA. It also encrypts information in transit, synchronizes files across data owners' devices, and keeps audit trails on file-sharing activity.

Spotflux

Brooklyn, N.Y.

Top Executive: Co-Founder and CEO Chris Naegelin

Spotflux's VPN service sends an individual's encrypted Internet traffic through its analytics to remove ads, tracking cookies and malware that could pose a threat to a user's data or identity.

Threat Stack

Cambridge, Mass.

Top Executive: CEO Doug Cahill

Cloud incident response system developer Threat Stack provides continuous security monitoring for IT infrastructure, recording logins, processes, file changes and other system activity and alerts. It uses a lightweight agent to profile normal application behaviors and gives IT teams a view of an IT system's risk posture.

ThreatStream

Redwood City, Calif.

Top Executive: Founder and CEO Greg Martin

ThreatStream's SaaS-based Optic platform maps relationships between adversaries and targets and provides threat intelligence data to support risk management decisions. The ultimate goal is to build out the platform to provide real- time awareness of targeted attacks by analyzing unstructured data, such as chat activity in underground hacking forums with malware and threat indicators.

ThreatTrack Security

Clearwater, Fla.

Top Executive: President and CEO Julian Waits

ThreatTrack Security specializes in helping organizations identify and stop advanced persistent threats, targeted attacks and other sophisticated malware designed to evade traditional cyberdefenses. The company's products include its ThreatAnalyzer malware behavioral analysis sandbox, VIPRE business and consumer antivirus software, and ThreatIQ real-time threat awareness service.

Trustev

Cork, Ireland

Top Executive: Founder and CEO Pat Phelan

Trustev's real-time, online verification software for e- commerce companies helps prevent fraud by validating the identity of online shoppers. The system validates individual identities using social, behavioral and transactional information, the latter using "digital fingerprinting" technology that matches a user's transaction, device and browser data against records in Trustev's database.

vArmour

Mountain View, Calif.

Top Executive: CEO Tim Eades

vArmour, which remains in stealth mode, is targeting data- defined perimeter security to address security issues created by the adoption of mobile, virtualization and cloud computing that has moved threats beyond the traditional security perimeter.

Vaultive

New York

Top Executive: CEO Elad Yoran

Vaultive develops encryption technology that tackles the issue of cloud data protection. The vendor's cloud encryption gateway helps businesses take advantage of cloud services while maintaining ownership and control of their data by holding the encryption keys.

Vectra Networks

San Jose, Calif.

Top Executive: President and CEO Hitesh Sheth

Vectra Networks is a leading innovator in real-time detection of in-progress cyberattacks. The company delivers continuous automated cyberattack detection and reporting that instantly identifies attacks while they are happening and prioritizes attacks that pose the greatest business risk.

Votiro

Tel Aviv, Israel

Top Executive: Co-Founder and CEO Itay Glick

Votiro's Secure Data Sanitization Device secures data coming in to or going out from an organization's networks, performing a "sanitation process" on attached files to protect businesses against zero-day attacks.

Watchful Software

Medford, N.J.

Top Executive: CEO Charles Foley

Watchful Software is a leading provider of data-centric information security solutions. Its products include the RightsWatch data-centric security and TypeWatch e-biometrics security software.

White Ops

New York

Top Executive: Co-Founder and CEO Michael Tiffany

White Ops uses JavaScript to detect attempted click fraud on Web advertisements. Its technology uses behavioral analysis to take fingerprints of known click fraud techniques and uses that information to detect fraudulent ad impressions. Current anti-click fraud technologies rely on predictive analysis or whitelists and blacklists to provide protection.

ZeroFox

Baltimore

Top Executive: CEO James Foster

ZeroFox provides a security platform that monitors the Internet for social threats that could impact businesses. The platform attempts to identify active and ongoing cyberattacks targeting a company and its employees through social media. It can even spot and prevent potential social engineering attacks designed to impersonate key executives within an organization. When it detects suspicious activity, it provides an email alert and gives security teams the ability to address the issue through the platform.

Zscaler

San Jose, Calif.

Top Executive: Founder and CEO Jay Chaudhry

Zscaler’s Security Cloud lets organizations replace multiple security products with a single, cloud-delivered service to deliver application control, data traffic inspection, and bandwidth allocation to core business applications and user protection, allowing safe Internet access.