Alongside major security players like Symantec and RSA, a host of upstarts are clamouring for attention from the enterprise at RSA Conference 2013 in San Francisco. Here's a look at a handful of promising young companies that have crafted products and services aimed at addressing the most pressing security challenges today, ranging from protecting cloud-based assets to securing all manner of mobile devices.
Bromium vSentry is designed to block malware attacks, even zero-day exploits, using hardware-level isolation. It automatically isolates vulnerable Windows attacks into a micro-VM called a Bromium Microvisor that is incapable of modifying Windows or gaining access to enterprise data or network infrastructure.
Whenever an isolated task attempts to access files, networks, or devices, or when it tries to interact with the user, the hardware interrupts the execution and passes control to the Microvisor. That, in turn, enforces task-specific policies. vSentry works in conjunction with Bromium's Live Attack Visualisation and Analysis engine, designed to provide insights into an attack's origin, techniques, and targets.
CipherCloud provides cloud encryption and tokenisation gateways for an array of cloud applications, including Salesforce, Force.com, Chatter, Box, Gmail, Microsoft Office 365, and Amazon Web Services. The gateways are designed to encrypt sensitive information in real time, before it's sent to the cloud and without affecting application performance.
Beyond the app-specific gateways, the company offers CipherCloud Connect AnyApp and Database Gateway, designed to help organisations extend data protection to hundreds of third-party cloud and private cloud applications and databases.
Nok Nok Labs
Nok Nok Labs offers a trio of multifactor authentication products: a server, a desktop client, and a mobile client. The idea is to provide employees with more secure alternatives to passwords for logging into their hardware and accessing applications, such as fingerprint and face biometrics.
Organisations can integrate server applications with the Multifactor Authentication Server, enabling them to support an array of authentication methods on tablets, laptops, and smartphones. When suspicious events are detected, MFAS enables applications to make use of step-up authentication determined by the risk involved in a transaction. The solution is based on the Online Secure Transaction Protocol.
PrivateCore vCage is a software offering designed to transparently protect any application while in use on commodity x86 servers. It encrypts data during program execution, using full-memory encryption to protect data from unauthorised physical access and malicious hardware devices.
SkyHigh's Cloud Services Manager is a multitenant service designed to give IT admins greater control of which cloud services end-users are accessing. It ingests logs from existing firewalls, proxies, Web security gateways, or SIEM systems to identify all cloud services being used by employees, then provides a risk assessment of those services.
IT can then build statistical and behavioural models based on user, service, device, and data interactions to discover security inconsistencies, identify redundancies, and detect anomalies that might point to a security issue. From there, security admins can reverse proxies to select services to control traffic from devices, control access to services based on contextual policies, or transparently encrypt data
Victrio is aimed at reducing instances of fraud in call centres. According to the company, the offering, which is available as a fully hosted service or an on-premise installation, is capable of silently screening calls, matching a caller's voiceprint and audio characteristics against a fraudster database.
Identity Confidence is scored and reported to the agent or fraud management system.
There's also a Customer Alert Review Tool, which integrates with existing fraud management tools and provides a Web-based console for keeping track of known fraudsters and their activities. It provides trend analysis and fraudster profiles as well.