By Paul M. Shomo
SAN FRANCISCO--Earlier this month, the top cybersecurity startups traveled to the new and improved Moscone Center to battle it out at the RSA Security Conference’s "Shark Tank"-style competition. These eminent data scientists, cyber warriors and scrappy entrepreneurs delivered three-minute pitches before the judges of Innovation Sandbox.
The resultant Q&As were some of the most entertaining moments at RSAC 2019. More importantly, some of the technologies touted here will drive cybersecurity innovation for years to come.
Cybersecurity Asset Management Vendor Axonius Takes Top Prize
Murphy’s Law was in full effect. Innovation Sandbox winner Axonius experienced an improbable chain of catastrophic flight issues. CMO Nathan Burke’s six minutes of combined presentation and Q&A was a microcosm of the startup experience: wild chaos, coming together as a team, great odds and surprising everyone with a win.
Axonius’s technology surely drove the win as much as its presentation. Axonius finds assets and devices that vulnerability scanners cannot reach; devices that CISOs don’t even know exist. It orchestrates deployment of cybersecurity solutions, sets policy and configurations and integrates with ticketing systems. Axonius does this without an agent; instead, it uses integrations with more than 100 vendors.
Homomorphic Encryption Lands Duality’s Collaboration Platform in Second Place
Duality CEO Alon Kaufman explained that AI and machine learning can “cause major security and privacy concerns. As in many cases, data owners do not have the knowhow or the computational infrastructure to analyze it; hence they need to collaborate.”
Duality’s secure collaboration platform allows companies to share their data with data scientists at third-party organizations. This allows third-party scientists to build models without seeing the sensitive details. Duality accomplishes this with homomorphic encryption. It’s an exotic tech which not only encrypts data in motion but may stand up to a future of quantum computing.
The judges flat out challenged Duality to prove that its encryption works. Cool as a cucumber, CEO Alon Kaufman touted his on-staff Turing Award winner. The Turing Award, is, of course, the Nobel Prize equivalent in computer science. Duality also offers a standard demo process proving homomorphic encryption works as advertised.
Innovation Sandbox’s other eight finalists further highlighted three important new trends in cybersecurity:
Trend No. 1: Every Company is, in Fact, Becoming a Software Company
Sophisticated organizations have always developed their own websites, mobile apps and business software. Today every sizable company is becoming a software company. Labor is being automated, artificial intelligence is on the rise and everyone is building application programming interfaces (APIs). Helping development operations (DevOps) secure this code and these APIs has become a significant trend.
- ShiftLeft: CEO Manish Gupta is a former Chief Product and Strategy Officer at FireEye. He summed up cybersecurity nicely: “Our $110 billion dollar cybersecurity industry largely mitigates issues that arise because of software defects.” ShiftLeft analyzes, protects and audits software code. It analyzes proprietary, third-party and open source code using ShiftLeft’s graph technology.
CEO Manish Gupta acknowledged: “I haven’t met a customer yet who fixes all the vulnerabilities they find.” ShiftLeft’s tech knows precisely where the lines of vulnerable code exist. Besides fixing them, it can also protect vulnerabilities during runtime, something it does by deploying a microengine in production environments.
- Salt Security: CEO Roey Eliyahu pointed out that “APIs are everywhere, with an estimated [market] size of $2.2 billion.” Many of these APIs traffic personal data subject to GDPR and other regulations. Eliyahu provided a stinging example of these challenges, “Facebook could potentially face up to $1.63 billion in fines because of an API breach,” he said.
Salt Security protects the APIs that are at the core of every SaaS, web, mobile, microservice and internet of things (IoT) application. Its AI-powered platform prevents API attacks, using behavioral protection and by baselining these behaviors. It provides both a timeline view for investigations and remediation capabilities.
Trend No. 2: Identity is the New Perimeter, and Sensitive Data is Directly Behind It
We aren’t “The Jetsons” yet, but IoT devices are becoming the backbone of companies and smart cities. This army of bots now work for organizations, alongside users who roam outside the traditional perimeter. These many human and non-human identities need to be discovered, and their access to data in the multi-cloud world must be managed.
- CloudKnox introduced a non-intrusive and automated way to manage human and device identity privileges across hybrid cloud environments. It allows organizations to understand what identities touch and their capabilities. Then it limits them with just enough privileges (JEP).
- Arkose Labs knows stopping fraud is a tough business. Each attack often looks like a fresh user with new client data--and browser heuristics isn’t working. CEO Kevin Gosschalk touted Arkose’s use of global telemetry and a challenge tech which inserts itself into the process. This approach makes attacks more expensive than the value of data that hackers covet. Arkose Labs claim both reduced false positives and reduced friction for users.
- WireWheel CEO Justin Antonipillai led privacy initiatives under the Obama administration. “If your job now includes privacy, you’ve been given an almost impossible task. Find all of your systems, all of your data, all of your vendors,” he said.
WireWheel’s solution operates at the metadata level. It includes data inventory, collaboration and vendor risk management. As Antonipillai said: “It takes people to solve privacy.” The company’s solution leverages an organization’s employees to understand data and allows building privacy portals for an organization's customers or users.
- DisruptOps provides continuous control of cloud infrastructure by detecting and automatically remediating security and operational issues, including encrypting buckets of data as needed. Granular access policy and flexible “guardrails” are used to manage the lifecycle of the cloud.
Trend No. 3: Are Security Analysts Even Able to Observe Malware Anymore?
Until recently InfoSec has had immense visibility into traditional endpoints and servers. Many multi-cloud environments, particularly IoT, are almost black boxes. Hardware housing malicious firmware implants are a major blind spot. The industry badly needs to build out visibility into cloud environments and into firmware.
- Capsule8 offers threat detection and response for cloud-production environments running Linux–whether containerized, virtualized or bare metal. Capsule8 offers real-time threat monitoring and vulnerability scanning, then automatically shuts down exploits.
Capsule8 CEO John Viega responded to judge’s skepticism over cloud provider’s preference to “roll their own” vs. purchasing third-party software, “Providers don’t go anywhere near the workload, they’re mainly integrating threat feeds. We’re stopping container escapes, kernel exploits, and any kind of attack you can imagine,” Viega said.
- Eclypsium touts its ability to analyze static firmware images and detect implants and backdoors. It doesn’t matter whether Bloomberg was correct or not about Chinese chip implants introduced into the supply chain. Firmware is a real threat. This is why Eclypsium CEO Yuriy Bulygin plans to secure firmware in the hardware layer of company’s most critical laptops, servers and network infrastructure.
Cybersecurity has undergone tectonic shifts. Data in the multi-cloud world is one authentication away from theft, and even our hardware chips are a threat. Identity Management must corral these human and non-human identities.
It’s unclear whether the cybersecurity industry can secure all of this, but the 10 finalists of Innovation Sandbox are leading the way. Surely we’ll see great things to come for the finalists, Axonius and Duality.
Paul M. Shomo is Senior Technical Manager at OpenText and an occasional contributor to eWEEK.