For the enterprise, security will always be a major concern. Threats to data privacy and intellectual property continue to evolve, from garden-variety hackers all the way up to government agencies. The movement in recent years toward virtualization and cloud computing complicates matters—how should enterprises protect their data when it's on a third party's servers, for instance?—but can also provide new solutions. Here are four security vendors who protect the cloud, deliver their services from the cloud, or use virtualization to secure the enterprise in ways once unimaginable but perhaps soon irreplaceable.
1. CipherCloud: Cloud data security is all about control.
Based in San Jose, CA, Andreessen Horowitz-backed CipherCloud aims to provide total protection of cloud-bound enterprise data with its Cloud Information Protection solutions. The company developed its solutions to integrate tightly with popular enterprise SaaS applications like Salesforce, Microsoft Office 365, Gmail, and Amazon Web Services. With technologies like their Strong Searchable Encryption, CipherCloud-protected data can often continue to be processed as if in the clear. CipherCloud can also customize its solutions to work with other cloud applications as well.
CipherCloud's security philosophy revolves around control. Malware detection, DLP enforcement, and activity monitoring tools complement a wide variety of encryption and tokenization options, including AES 256-bit encryption. Customers can apply these options in a granular fashion to different data types as their security needs, regulatory requirements, and DLP policies demand. Being able to pick and choose from different types of protection helps maximize data's functionality in cloud services. In addition, CipherCloud customers retain exclusive access to their encryption keys. Having that control prevents data breaches even if cloud providers are compromised. Frequently mentioned in both mainstream and tech outlets, CipherCloud spokespersons are working hard to make the company a thought leader in the areas of encryption and cloud security.
2. Halon: Virtualized security appliances for virtualized environments.
Jonas Falck, co-founder and CEO of Swedish security company Halon Inc., agrees that encryption methods like AES 256 and tightly controlled key management are vital to enterprise security in the cloud, not the least because of the ongoing government surveillance scandals much of the world is facing. And the cloud, Falck told me, "is one of the toughest environments you can put a security product into and be able to do things like multi-tenancy, integration, and APIs."
Halon addresses the challenges of securing virtualized and cloud environments by providing virtual and software versions of its email security platform, load balancer, and security router for deployment in VMware, KVM, Xen, and Hyper-V environments as well as others. The company recently integrated Domain-based Message Authentication, Reporting and Conformance (DMARC) technology into its email security solution to protect against spoofed emails, phishing attacks, and malware, which continue to pose a threat to enterprise security.
"We had a great opportunity a couple of years ago to have some of the biggest hosting providers in Sweden use our products when they were in an early development phase. We had very good information on how the providers think, how their environments are built up, and what type of requirements they have, and of course today I'm very thankful for that," Falck said.
3. Seculert: Zero-install protection with a cloud-based "elastic sandbox."
Protecting data in cloud and virtualized environments is one thing, but how about using the cloud to more effectively deliver security services? Last year saw Israel-based Seculert raise $10 million in Series B funding, release a major product update, and expand its executive team on the strength of its cloud-based, zero-install advanced threat protection solution. In the fight against malware, zero days, and advanced persistent threats (APTs), companies have historically focused on on-premises protection, according to Aviv Raff, Seculert CTO, but are now moving "some of their detection" to the cloud.
Seculert addresses detection using its elastic sandbox. Customers use the Seculert API to automatically submit suspicious files to the Seculert cloud. Then, Raff said, "What we do there is very different from other sandboxes. Regular sandboxes can only run the malware samples for a few minutes. Because we're elastic and run in the cloud, we allow our customers to run the malware over time. Today's version can run it up to 60 minutes." What that means is that Seculert can watch the malware evolve and perform whatever actions it was designed to do, gathering superior threat intelligence. Most customers, Raff said, use this to enhance their on-premises security infrastructure, such as network access control (NAC), firewalls, and SIEM devices, for enhanced responsiveness to attacks.
4. Bromium: Applying virtualization to the endpoint to neutralize threats.
2013 Gartner Cool Vendor Bromium and its CTO, Simon Crosby, have appeared in our security section before, and for good reason: the Cupertino, CA-based company's vSentry product takes the principles of virtualization and applies them at the micro level to make machines, in theory, unassailable. vSentry does so by using the Bromium Microvisor technology to instantly create a hardware-isolated "micro-VM" within the end user machine every time a user opens a new browser tab or email attachment or performs any other risky task. Within these micro-VMs, anything can happen without affecting the rest of the machine. And once the tab or attachment is closed or the task ended, the micro-VM likewise vanishes, taking with it any malware or threats—but not before Bromium's Live Attack and Visualization Analysis (LAVA) gathers intelligence on the attack.
Like the other vendors on this list, Bromium had a big year in 2013. In addition to the Gartner honor, Bromium picked up several industry awards, $40 million in Series C funding, and a partnership with NAC leader ForeScout.
The cloud and virtualization security landscape is an ever-changing one, evolving to fit new environments and meet new threats as they appear. These four companies look set to take advantage of the changing environment. Which startups do you think will change the space?
Header photo courtesy of Shutterstock.
Jude Chao is managing editor of Enterprise Networking Planet. Follow her on Twitter @judechao.