This content is part of the Conference Coverage: RSA 2017: Special conference coverage

RSAC 2017 Innovation Sandbox highlights top 10 cyber startups

RSAC 2017: Innovation Sandbox competition pits this year's top 10 cybersecurity startups against each other in a bid to win top honors as most innovative.

The 2017 RSA Conference Innovation Sandbox will take place on Monday afternoon during the biggest cybersecurity conference of the year. And for the 12th year in a row, the top 10 security startups of the year will face a panel of judges and compete for bragging rights as the top technological innovator.

Some previous winners of the Innovation Sandbox have gone on to further glory, including Sourcefire (2005), Imperva (2006), Appthority (2012) and Waratek (2015). Runners-up also often hit it big, including former finalists HyTrust, Cylance, Bromium, Silent Circle and many more.

"Previous RSAC Innovation Sandbox Contest victors have garnered venture capital investment, large company buyout and increased media coverage," according to RSA. "RSAC Innovation Sandbox Contest has rewarded a range of information security solutions, including cloud security, mobile and app security, physical security and analytics."

Finalists have three minutes to make their cases for being the most innovative security startup of the year before a panel of judges drawn from venture capital enterprises, entrepreneurs and large security companies. This year's judges include Asheem Chandna, partner at Silicon Valley venture capital firm Greylock Partners; Gerhard Eschelbeck, vice president for security and privacy engineering at Google; Niloofar Razi Howe, senior vice president and CSO at RSA; Patrick Heim, head of trust and security at Dropbox; and Paul Kocher, president and chief scientist at the cryptography research division of Rambus.

The winner will be chosen on the basis of their pitch, plus a demo of their product, on the day of RSAC 2017 -- Monday, March 13.

Innovation Sandbox finalists

Security startups chosen as finalists this year, in alphabetical order, include:

Baffle Inc. Baffle offers end-to-end encryption as a service to defend against successful data exfiltrations. Once encrypted, data remains encrypted -- even when being processed by the owners of the data, according to Ameesh Divatia, co-founder and CEO at the startup, based in Santa Clara, Calif.

"Our solution offers a approach to data security based on enabling encryption everywhere, without impact to the application," Divatia stated in a press release. "Even in the event of a data breach or in the case of compromised database administrator credentials, Baffle customers can be assured that their data, when stolen, will be useless to hackers."

Cato Networks. With its flagship Cato Cloud product, this startup, based in Tel Aviv, Israel, gives enterprises the ability to securely link data centers, branch offices, cloud and mobile users by moving all networking and security functions into the cloud for easier enforcement of corporate-wide security and networking policies, while at the same time eliminating the need for a distributed network of security appliances and point products.

"Cato Networks has captured the imagination of IT professionals with an all- approach to an age-old problem -- the ever-growing cost and complexity of networking and security point products," Shlomo Kramer, co-founder and CEO of Cato Networks, said in a press release. "We are helping CIOs, CISOs and their teams adapt the IT infrastructure to a reality of accelerated threat velocity coming at an enterprise that is distributed, global, mobile- and cloud-centric."

Claroty. Providing a platform for real-time monitoring and anomaly detection in networks used for operational technology and industrial control systems, the New York-based startup intends "to secure the most important networks in existence," said Amir Zilberstein, CEO at Claroty, in a press release. The Claroty platform "addresses the entire threat by providing extreme visibility into complex multivendor networks and a common operational view that bridges the gap between plant operations and IT security. The system's high-fidelity models and advanced algorithms provide fine-grain anomaly detection -- enabling customers to detect threat activity at any point in the kill chain."

Contrast Security Inc. Taking a new approach to securing software, the Palo Alto, Calif., startup allows developers to build security sensors into their applications, which, in turn, relay continuous sensor data to the Contrast platform. The result is a way for developers to assess vulnerability on software while it is being developed and tested, as well as visibility and accurate defense when deployed software is under attack.

"As companies embrace the cloud, containers, prebuilt libraries and microservices in order to transform into more agile, scalable and competitive businesses, the application security industry has become ripe for disruption and reinvention," said Jeff Williams, CTO and co-founder at Contrast Security, in a press release.

EN|VEIL Inc. EN|VEIL's framework uses homomorphic encryption to allow enterprises to query or do analytics on data without the need to reveal "the content of the interaction, the results or the data itself," according to its website. Taking its name from "encrypted veil," and founded by former National Security Agency employees, the company said it gives customers the ability to securely interact with data in the cloud, provide complete control over sensitive information, maintain privacy while allowing processing of data and reduce attack surfaces while ensuring compliance with privacy and security regulations. The Fulton, Md., startup touts its applicability as a scalable commercial tool for securing data for use in finance, healthcare, cloud security, audit and supply chain applications.

GreatHorn Inc. Cloud security provider GreatHorn, located in Belmont, Mass., uses machine learning and automation to secure cloud collaboration tools like G Suite, Office 365 and Slack from targeted attacks. GreatHorn claimed it is the only "fully automated" inbound email security platform, capable of "detecting and preventing highly targeted email attacks," using its own proprietary detection and mitigation algorithm suite.

RedLock Inc. This cloud security automation company, based in Menlo Park, Calif., offers continuous monitoring and investigation tools for security and compliance teams. Rather than depending on agents or proxies -- which may not be compatible with cloud-native workloads -- RedLock requires only some basic API permissions to deliver faster, simpler deployment, as well as instant visibility into network flows and user activities; continuous, centralized monitoring and easier incident response; and faster security investigations. RedLock even claimed to offer a way to speed up merger and acquisition due diligence efforts, stating "RedLock easily solves the challenge of analyzing their security posture by giving you nearly instant visibility into their workloads, security configurations and policy deviations."

UnifyID. Simplifying user authentication, one of the most important issues facing security professionals, is the goal of San Francisco startup UnifyID, which offers authentication based on implicit authentication through biometric measurements gathered by device sensors.

According to the UnifyID technical overview, "local apps periodically collect sensor data from the local device, process it and communicate with the cloud service." On mobile devices, available sensors can include GPS, accelerometer, gyroscope, magnetometer, barometer, ambient light, and Wi-Fi and Bluetooth signal telemetries; on PCs and laptops, UnifyID looks at keystroke timing, mouse and touchpad movements, as well as Wi-Fi and Bluetooth telemetry. The startup claimed to be able to combine over 100 attributes and achieve a greater than 99.999% "true positive" rate.

Uplevel Security. Offering what it calls the industry's "adaptive response platform," York-based Uplevel Security offers customers a tool for connecting inbound alerts, threat intelligence and open source data, coupled with historical data, to dynamically profile security events.

"Our customers tell us that our ability to correlate their formerly disparate data silos, overlay their threat intelligence and provide a visual view of an actual incident gives them the power to quickly diagnose and respond," Roselle Safran, CEO and co-founder of Uplevel Security, said in a press release. "We apply advanced graph theory to enrich current incidents with historical data and determine whether the incident occurred in the past or if it is still present in their infrastructure."

Veriflow Systems. This startup, based in San Jose, Calif., uses its patented technology for continuous network verification to allow enterprises to "predict all possible network-wide behavior and mathematically verify availability and security, instead of waiting for users to experience outages or vulnerabilities to be exploited," according to its website. Rather than taking a "device-by-device approach" to securing modern networks, Veriflow's continuous network verification technology considers the entire network as a single system for the purpose of preventing outages and mitigating vulnerabilities. "Veriflow enables network and security engineers to use an intent-based approach to segmentation, availability, compliance and incident response."

Next Steps

Learn what you need to know before moving to a multi-tenant cloud

Read more about the top security analytics tools 

Evaluate an organization's need when choosing a web fraud detection system

 

Dig Deeper on Security operations and management

Networking
CIO
Enterprise Desktop
Cloud Computing
ComputerWeekly.com
Close