RSA Innovation Sandbox highlights threat detection, AI

This year's RSA Innovation Sandbox will highlight several startups in the threat detection, cloud security and artificial intelligence and machine learning spaces.

The RSA Innovation Sandbox, a long-standing tradition at the annual RSA Conference, features  10 cybersecurity startups that compete for top honors as "Most Innovative Start Up."

The event was first held in 2005, when the first winner was Sourcefire, a next-generation cybersecurity appliance and service vendor that was bought out by Cisco in 2013 for $2.7 billion. Other notable winners include cybersecurity software and services company Imperva (2006); Appthority (2012); Waratek, maker of runtime application self-protection for Java (2015) and last year's RSA Innovation Sandbox winner, authentication platform provider UnifyID.

Innovation Sandbox finalists each take three minutes to present their pitches before a panel of veteran judges who will select the winner. The judging panel includes Asheem Chandna, partner at Greylock Partners; Gerhard Eschelbeck, vice president of security and privacy engineering at Google; Niloofar Razi Howe, tech investor and entrepreneur; Patrick Heim, operating partner and CISO at ClearSky and Paul Kocher, IT security expert and investor.

The 2018 RSA Innovation Sandbox finalists, listed alphabetically, include:

Acalvio Technologies, the threat detection and response company based in Santa Clara, Calif., was nominated for its ShadowPlex product. ShadowPlex uses "autonomous deception" as a defense against threats that have already breached perimeter defenses and can be deployed in public cloud as well as on-premises networks to detect intrusions quickly and engage with even advanced threats. According to the RSAC Innovation Sandbox announcement, "ShadowPlex deploys scalable, authentic deceptions to detect successful attackers, analyze their behavior, automatically respond to stop attacks, and prioritize threat hunting and remediation activities."

Awake Security, the threat detection company based in Sunnyvale, Calif., was nominated for its Security Investigation Platform. The Security Investigation Platform helps security teams "to detect threats, including fileless malware, malicious insiders, credential abuse and lateral movement," according to Awake. The platform applies machine learning to network data to create a data model "that correlates, profiles and tracks entities encompassing devices, users and domains. Awake then codifies into this model procedural knowledge that today sits just in the brains of individual analysts."

BigID, a privacy protection company with offices in New York and Tel Aviv, aims to help enterprises protect and govern data in light of the European Union's new General Data Protection Regulation and similar privacy protection regulations. The BigID software platform is designed to assist organizations in responding effectively "to GDPR requirements centered on individuals' data privacy rights, including the right to be forgotten; expedite breach response notification; ensure conformance with consent agreements and limit data collection to the defined purpose of use," the company stated.

BluVector, the real-time threat detection startup based in Arlington, Va., was nominated for BluVector Cortex, its AI-driven security platform, designed to "accurately and efficiently detect, analyze and contain sophisticated threats including fileless malware, zero-day malware, and ransomware in real time," the company said.

CyberGRX, based in Denver, offers what it calls the world's first third-party cyber risk exchange through which it delivers a stream of third-party data, as well as advanced analytics. "The CyberGRX Exchange is a central hub where enterprises and third parties can easily access, order and share dynamic, risk-based assessment data," the company stated, adding that "assessments are offered as a managed service and include a corresponding level of validation."

Fortanix, the runtime encryption startup based in Mountain View, Calif., offers its Self-Defending Key Management Service (SDKMS) next-generation hardware security module product for cloud applications. The product uses Intel Software Guard Extensions to protect keys, applications and data during use. "Runtime Encryption allows general-purpose computation on encrypted data without exposing sensitive information," Fortanix stated.

Hysolate, an endpoint security company with offices in Tel Aviv and New York, offers enterprises a completely rebuilt endpoint platform layered below the operating system that is intended to provide both a high level of security and increased productivity. According to the company, Hysolate's product lets enterprises "convert legacy endpoints of any hardware model into fully virtualized Software-Defined Endpoints," and keeps attack vectors separate from enterprise systems. "Everything the user interacts with -- including all applications and the operating systems -- is virtualized, running in one of the virtual machines."

ReFirm Labs, based in Fulton, Md., has developed a method for vetting and validating firmware in internet of things devices, and is applying this method to detecting and mitigating security flaws in connected devices in its Centrifuge platform. Centrifuge scans firmware and is able to detect hidden private firmware signing keys, weak or hard-coded passwords and insecure code third party incorporated in firmware drivers or object code.

ShieldX Networks, a cloud security startup based in San Jose, Calif., was nominated for its cloud security platform, Apeiro, which helps companies determine how much priority to assign to security, performance and cost. According to the company, "Apeiro meets business requirements for all three by elastically scaling up and down over commonly used virtualization platforms that the enterprise either already owns -- or uses on a subscription basis."

StackRox, the cloud container security company based in Mountain View, Calif., addresses the need to protect containerized, cloud-native applications with a distributed architecture for collecting and analyzing data "throughout the application lifecycle to detect and thwart malicious actors," the company stated. "StackRox delivers continuous detection through its unique combination of distributed sensors and centralized analysis and machine learning to provide context and correlation at container speed and scale."