The information security market is in a continuous state of consolidation, yet it is never fully consolidated. Over and over, we see security startups with clever technologies thrive, grow and then get purchased by one of a handful of Infosec giants, only to be replaced by the next bunch of innovative security startups.
In the last few months alone, McAfee, which was itself acquired by Intel in 2011, bought next-generation firewall vendor Stonesoft; Cisco purchased security vendor Sourcefire, the company behind the open source Snort intrusion prevention system; and IBM acquired anti-malware vendor Trusteer.
Plenty of new technologies are being developed by companies in Silicon Valley and around the world right now, and many of them are bound to end up being integrated into the security offerings of larger companies.
Among the hottest areas are application and data virtualization/containerization, data encryption and tokenization and secure authentication. Paul Rubens, writing for eSecurity Planet, has identified some of the most exciting startups to keep an eye on.
Click through for 13 hot security startups to keep an eye on.
Armor5 is a cloud service that virtualizes applications, data and content such as Office documents and PDFs on any mobile device with no configuration and zero data leakage. This reduces the possibility of the mobile device being infected by documents embedded with malware or confidential corporate data being cached on the device where it can later be compromised.
The Averail Access mobile app combines with a cloud-based management console to create a trusted environment to protect files, regardless of where they are stored.
Bromium‘s vSentry uses Intel CPU features for virtualization and security to hardware-isolate each user task that accesses the Internet or untrusted documents. Its architecture is designed to defeat advanced targeted attacks and automatically discard malware when the task is completed.
CipherCloud delivers security controls including encryption, tokenization, cloud data loss prevention and cloud malware detection. It also includes activity monitoring for cloud applications including Salesforce, Force.com, Chatter, Box, Google Gmail, Microsoft Office 365 and Amazon Web Services.
Cylance‘s Infinity offers intelligent, predictive threat analysis of good vs. bad objects using a non-signature, non-heuristic and non-behavioral based mathematical approach.
FireEye provides automated threat forensics and dynamic malware protection against security threats, including advanced persistent threats (APTs) and spear phishing.
Invincea‘s application can be deployed on Windows endpoints to protect against untrusted content by moving browsers, PDF readers, Office suite, zip files and other chosen executables into a secure virtual container. (Note: Invincea’s technology is used in Dell’s Data Protection – Protected Workspace product.)
NetCitadel‘s threat management platform provides security analytics and threat context for intelligence and incident response.
Nok Nok Labs develops two-factor authentication systems for desktops, mobile devices and servers. The company is also a founding member of the Fido Alliance, an organization developing standards for authentication.
PrivateCore vCage secures server data in use through memory encryption, helping enterprises and service providers deploy applications in untrusted environments while protecting sensitive data.
Skyhigh Networks‘ cloud security software helps businesses secure their data in the cloud by discovering the cloud services employees are using, analyzing risk and enforcing cloud security policies.
Stormpath is a cloud service that helps developers build secure authentication and access control into any application, via a robust REST+JSON API or client libraries.
Trustware’s BufferZone virtualization technology creates a separate environment called a Virtual Zone where all Internet activity and programs from external devices are contained and virtualized.