Americas

  • United States

Asia

Oceania

benrothke
Contributor

CyberTech – The Golden Globes of information security

Feature
Feb 09, 20163 mins
Big DataCloud ComputingCloud Security

So many information security start-ups, so little time. Here’s some of the most interesting firms I met with while at the CyberTech conference.

The Golden Globe awards are considered a predictor to the Academy Awards. Using that analogy, and with some license, the CyberTech conference in Tel Aviv may be the Golden Globes with the RSA Security Conference in San Francisco being the Oscar’s of information security.

Strictly speaking, CyberTech would be the Israeli Golden Globe awards, given the preponderance of Israeli firms at the conference.

[ MORE FROM CYBERTECH: Live from Tel Aviv, it’s CyberTech ]

I attended the CyberTech 2016 conference in Tel Aviv in late January along with a delegation of other U.S.-based bloggers and journalists, courtesy of the America–Israel Friendship League and the Israeli Foreign Ministry. I met a large number of interesting infosec firms, many of them offering cutting edge solutions. Some of the more interesting companies I met were:

HexaTier (formerly GreenSQL) – While I am not a marketing maven, I actually liked the name GreenSQL better, as it lends itself to what the firm does. But since they are moving to a set of cloud solutions, the old name seemingly doesn’t cut it anymore.

They have a set of products around DBaaS (Database as a Service). In the same way Amazon Web Services provides a secure infrastructure; HexaTier has a set of solutions for databases running on Amazon Aurora, RDS or EC2. They claim to offer significant database protections, such as being able to block SQL injections in real time, segregation of duties, full database activity monitoring and more.

ThetaRay is a big data analytics software solution. It has an analytics platform for finding anomalies in massive data sets. Not specifically an information security company, part of their solution set offers assistance in mitigating operational risks and fraud. For organizations with huge amounts of data, ThetaRay seems to be an interesting solution to find needles in their information security haystacks of data.

Morphisec – Polymorphic viruses have long been the bane of information security given their difficulty to detect by traditional scanners, since each copy of the virus looks different than the other copies. Using that as a basis, Morphisec creates a polymorphic defense to hide an application’s internal architecture which, in turn, makes compromise of the app more difficult to carry out.

Minerva Labs has an endpoint prevention platform. Its defensive malware product is an endpoint solution that attempts to trick malware into thinking it has already launched.

Secret Double Octopus was the company with the most off the wall name at the conference. What Tor does for anonymity, they do for data encryption. Their solution sends morphed data via multiple routes across the Internet and it then gets reassembled at its destination. The company claims to solve key management issues as theirs is a keyless system.

BioCatch has a behavioral biometrics solution that detects online fraud. The solution compares cognitive behavior of an authorized user. Over time, that behavior and action patterns can then determine if the action is being performed by a real user or an attacker. Their solution is of particular value to financial services firms and online retailers.

All of these firms will be at RSA in San Francisco at the end of the month. On the very crowded expo floor; you may want to stop by their booths.

In my next and piece about my CyberTech visit, I’ll discuss how Israel has become one of the world’s most important incubators for information security software and hardware solutions. See part 3 of this series.

benrothke
Contributor

Ben Rothke, CISSP, CISM, CISA is a Senior Information Security Manager at Tapad has over 20 years of industry experience in information systems security and privacy. He’s the co-author of the recently published book - The Definitive Guide to PCI DSS Version 4: Documentation, Compliance, and Management.