This content is part of the Conference Coverage: RSA Conference 2015 special coverage: News, analysis and video
News Stay informed about the latest enterprise technology news and product updates.

Waratek grabs RSA Innovation Sandbox honors

Runtime application self-protection startup Waratek wins coveted RSA Innovation award.

SAN FRANCISCO -- Startup companies from across the spectrum of security approaches delivered three-minute pitches to a capacity crowd of several hundred attendees at the RSA Innovation Sandbox awards on the eve of the 2015 RSA Conference. A panel of industry luminaries scored the pitches and any other information they could glean from the contestants, and as 5 p.m. rolled around they declared Waratek, a maker of runtime application self-protection (RASP) for Java, the winner.

In an unplanned move, judges declared a runner-up: smart identity badge maker Ticto. This company's product looks like a regular ID badge, but a bit thicker. The secret sauce is that when you use your badge to gain access to a particular area, the display on the front shows a random pattern that changes periodically, along with an LED that changes color at each pattern change. Every badge in that area displays the same color and pattern, so anyone who has a counterfeit badge will immediately stick out.

Another favorite, at least from speaking with audience members following the presentations, was Bugcrowd. A software engineer named Rob (he didn't give his last name) said he "liked the idea of crowdsourcing -- it's an interesting concept. They said there were other companies out there that do this, but I've never heard of them. If they are out there, they haven't done a good job of marketing it."

Cybrew Cafe at RSA Conference 2015
Attendees at the RSA Innovation Sandbox listen to three-minute pitches by startups.

Patrick Heim, head of trust and security at Dropbox, served as one of the judges. He felt there was an unusual amount of innovation this year. "This year we had 93 companies that applied to be part of this. … It's fabulous to be exposed to that much innovative thinking."

Of those participating, 10 were selected to present at the event. In addition to the companies already mentioned, this included user behavioral analytics company Fortscale and several contenders who were offering various approaches to improving threat and breach detection: Vectra Networks, SentinelOne and SecurityDo. Endpoint security company Cybereason claimed it was bringing data analytics to the desktop. NexDefense presented an anomaly detection system for industrial control systems. Static-scanning startup TrustInSoft was offering that holy grail of the discipline: mathematically proven security.

This was the tenth year of the program, initially called Innovation Station. Past winners include the now well-established Sourcefire and Imperva.

Next Steps

Read about Microsoft's security priorities for 2015.

Check out this RASP primer from searchSecurity

This was last published in April 2015

Dig Deeper on Microsoft Windows security