10 more security startups to watch

Startups focus on encryption, endpoint protection event analysis, radio-frequency scanning

security companies to watch

The emergence of cybersecurity startups has continued unabated as entrepreneurs vie for corporate customers seeking new technologies to battle ever increasing and innovative attackers.

The expertise of these new companies range from various improvements to encryption products to analyzing the wealth of security-incident data gathered from networks to gear that detects the potentially malicious wireless activity of Internet of Things devices.

Based on the continued interest in these startups from venture capital investors, these companies will continue to proliferate. Here are 10 more security startups we are watching and why.



Headquarters: Boston
Founded: 2013
Funding: $17 million including seed and Series A financing
Leaders: CEO Mike Duffy and CTO Jack Danahy who worked together at BBN and at IBM
Fun fact: The company name is supposed to remind you of a guard dog waking you to intrusions.

Why we’re following it: In the hot endpoint security space, Barkly promises a lightweight agent to gather data – lightweight in its footprint and in its CPU usage. That makes it less intrusive to end users. Given that its founders promise general availability of its first product by the end of the year and that the company has enough funding for two years, Barkly could be a player. Plus its founders have driven other successful startups, notably OpenPages and Ounce Labs, both bought by IBM.



Headquarters: Atlanta
Founded: 2014
Funding:  $9 million from Bessemer Venture Partners
Leader: Founder and CEO Chris Rouland who also founded End Game
Fun fact: The initial idea for the company stemmed from a system Rouland devised to make pickup time more efficient at schools by mapping children to the unique radio-frequency signatures of their parents’ cars.

Why we’re following it: With the proliferation of wirelessly connected Internet of Things devices inside enterprises, security professionals lack technology to adequately monitor what they are up to or even that they are inside the network. Bastille’s monitoring of corporate airspace for such devices and analysis that reveals when they are acting maliciously is a means to gain that important intelligence and pass it along to existing security tools.



Headquarters: San Jose
Founded: 2013
Funding: $35 million in two round from Norwest Venture Partners, NEA and SingTel Innov8
Leaders: Founders CEO Nat Kausik, CEO of four startups one bought by Cisco, one by CA, and CTO Anurag Kahol, a Juniper alum
Fun fact: The company ran an experiment to track what happens to stolen credit card data and found that once posted on the Dark Net it was opened more than 1,000 times in 12 days.

Why we’re following it: The company’s patented technology makes it safe to store corporate data in the cloud without degrading the speed at which the data can be searched, a common problem with searching encrypted files. Rather than store the data encrypted in the cloud, it stores an encrypted handle representing the data. When the data needs to be retrieved, the handle is downloaded and the full file is pulled from a database stored securely within the corporate network. This allows a high level of encryption (AES 256) as well as speedy search.



Headquarters: San Jose
Founded: 2014
Funding: Digital Arts
Leaders: CEO Gord Boyce, COO Scott Gordon (both formerly with ForeScout)
Fun fact: The company is a spin-out from Japanese email and Web-filtering company Digital Arts which wanted to focus on selling the platform in the U.S. market.

Why we’re following it: FinalCode takes the work out of managing the complex key management that is necessary to encrypt documents and have decryption rights follow the documents around wherever they go. It allows flexibility for where these permissions are stored, either in its cloud or within customers’ firewalls. The platform makes using document sharing services such as Box and Dropbox secure enough to handle corporate information but doesn’t require any changes to the services themselves.


Ionic Security

Headquarters: Atlanta
Founded: 2011
Funding: $78.1 million from Kleiner Perkins Caufield & Byers, Meritech Capital Partners and Google Ventures
Leaders: CEO Steve Abbott, with roots in Symantec, PGP and Network Associates, and CTO Adam Ghetti, named a 2015 Technology Pioneer by the World Economic Forum
Fun fact: The company used to be called Social Fortress.

Why we’re following it: Ionic’s service encrypts documents using symmetric-key encryption, then manages the key, taking a huge burden off its customers. In addition to securing entire documents from anyone but authorized users, it can secure parts of a document so that one group of recipients can see all of it, but others can decrypt only a designated portion. It also monitors who is actually opening up documents.


Menlo Security

Headquarters: Menlo Park
Founded: 2013
Funding:   $35.5 million through Series B funding from Sutter Hill Ventures, General Catalyst, Osage University Partners and Engineering Capital
Leaders:  CEO Amir Ben-Efraim and Chief Product Officer Poornima DeBolle, both formerly with Juniper Networks
Fun fact: The founders are commercializing technology licensed from University of California at Berkeley research.

Why we’re following it: Menlo Security offers a simple service that looks to be effective at stripping malware from email and Web traffic. It does this by proxying all such traffic to the company’s cloud where any code is executed in a container. Only a rendering of the content reaches the user’s browser, so it is free of any potential malware. For upstream traffic, the code in the container proxies back to the servers.



Headquarters: Sunnyvale
Founded: 2013
Funding:  $29.4 million from Venrock, New Enterprise Associates (NEA) and Index Ventures through two rounds.
Leader:  CEO Sriram Ramachandran with executive experience at Aruba, Juniper, Netscreen and Neoteris
Fun fact: The name Niara means haystack in Spanish, and has no particular significance relating to what the company does.

Why we’re following it: The company makes a security-event analyzer that correlates events that could be signs of attack, assigns them severity scores and issues alerts. The upside for customers is the analyzer takes input about events from existing security platforms, enhancing their usefulness. The goal is to provide very necessary screening and prioritizing of events for human security analysts to check out rather than going through them manually – an overwhelming task. This platform could help businesses better deal with the security information they already gather without having to drastically increase hard-to-find security staff.


Red Canary

Headquarters: Denver 
Founded: 2014
Funding:   $2.5 million in seed funding led by Kyrus-Tech
Leaders:  CEO Brian Beyer, head of detection operations Keith McCammon, research and development chief Jason Garman and engineer Chris Rothe who all worked together at Kyrus and, except for Rothe, at ManTech
Fun fact: The company name invokes the proverbial canary in the coal mine that warns miners of poison gasses.

Why we’re following it: The company offers a service necessary to many businesses – human analysts who sort through security alerts to eliminate false-positives before alerting their customers to the danger. The cost and scarcity of qualified security analysts puts in-house staffing beyond the budgets of businesses of varying sizes. Red Canary’s focus is on analyzing security event data and it delegates gathering that data to other vendors - Bit9+CarbonBlack for endpoint sensors and threat intelligence from Threat Recon, Farsight Security and Bit9+CarbonBlack’s Threat Intelligence Cloud, in addition to its own threat intelligence.


Soha Systems

Headquarters: Sunnyvale
Founded: 2013
Funding:  $9.76 million in venture funding from Menlo Ventures, Andreessen Horowitz, Cervin Ventures and Moment Ventures
Leaders:  CEO Haseeb Budhani (Infineta and NET) , Vice President of Engineering Hanumantha Kavuluru (MobileIron, Nortel), and Vice President of Marketing Rob Quiros (Cisco, Riverbed)
Fun fact: Soha it the Arabic name for a star Arabs used to test their vision

Why we’re following it: Soha provides cloud-based security services that reduce the time, cost and expertise required when compared to buying and deploying infrastructure to accomplish the same goals. The service includes authentication, authorization, application firewalling, WAN optimization and server load balancing among multiple application instances. It has a dashboard that shows how accessible their applications are.



Headquarters: Palo Alto
Founded: 2014
Funding:  $14 million from Battery Ventures
Leaders: CEO Ajay Arora has worked at startups acquired by Cisco, Intel and IBM
Fun fact: Arora says if the company were a superhero it would be Violet Parr from The Incredibles because she can generate an invisible shield.

Why we’re following it: Vera software imposes encryption on documents that follows them around until a legitimate recipient authenticates to release the decryption keys. That has security benefits, but this is also done with minimal altering of how users interact with the application whose files are being encrypted. It can be used on any device and in conjunction with other security tools. All this means that the product not only secures information, it is unobtrusively enough that it will hurdle obstacles to adoption.

This story, "10 more security startups to watch" was originally published by Network World.

Copyright © 2015 IDG Communications, Inc.

Make your voice heard. Share your experience in CSO's Security Priorities Study.