Attacks/Breaches
1/21/2014
10:29 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Israeli Cybersecurity Start-Up Aorato Emerges From Stealth Mode

Aorato's approach is to focus on Microsoft's Active Directory services activities by observing network traffic between AD servers and active network entities

TEL-AVIV, Israel, January 21, 2014 /PRNewswire/ --

Today, Aorato launches into the international cybersecurity market with the first context-aware, behavior-based Directory Services Application Firewall (DAF). The company's solution profiles, then not only learns, but also predicts entities' behaviors enabling context aware real-time decision making.

Initially coming out of the Cyber Security unit within the Israeli Defense Forces (IDF), historically a source of security technology and innovation, Aorato's founders Idan Plotnik, CEO, Michael Dolinsky, VP R&D and Ohad Plotnik, VP of Professional Services, have spent the last decade in cyber-security.

Previously, co-founding and running Foreity, a Microsoft security subcontractor acquired by a leading IT services firm, and holding the prestigious Microsoft MVP awards for enterprise security, the founders are very much intimate with Directory Services and their cyber-security issues.

Aorato has received approximately $10 million of investments from notable firms and security luminaries including leading global venture capital firm Accel Partners, Mickey Boodaei (co-founder of Imperva and Trusteer), Rakesh Loonkar (co-founder of Trusteer), Innovation Endeavors -VC funded by Eric Schmidt - and Glilot Capital Partners.

"The timing could not be more appropriate to launch Aorato into the cybersecurity market. 2013 showed the world the risks of advanced threats in parallel to the implications of insiders' access to sensitive corporate data.

Both proved the need for a technology like Aorato to make a difference within the enterprise security posture," said Idan Plotnik, CEO of Aorato.

Kevin Comolli, the Partner who led the investment for Accel Partners, said:

"Accel is excited to be partnering with a world-class team building a pioneering product. Aorato's Directory Services Application Firewall is a unique solution for a very important part of enterprise infrastructure, and the founders'

cyber-security expertise is second to none."

Aorato's approach is to focus on Microsoft's Active Directory (AD) services activities by observing the network traffic between AD servers and the active network entities (users, devices etc.). The technology uses the interactions identified in this traffic to create the Organizational Security Graph[TM] (OSG), a model of the observed relationships over time. Aorato monitors AD traffic comparing activities against the OSG model looking for anomalies that could represent attack behavior or security policy violations (e.g., cleartext/simple passwords, AD protocols violations, deleted/disabled users /computers activities etc.). The DAF alerts on suspicious activities inserting them into an Attack TimelineTM, providing security professionals with the needed means to identify the steps in the attack chain from the seemingly harmless individual events.

"In today's world of persistent threats, malicious insiders, and Single Sign On leveraging account access, paying attention to Directory Services' activity is key to an organizations' security. Aorato's creation of the Directory Services Application Firewall and OSG to focus on Active Directory provides a new level of needed insight within enterprises," said David Monahan, Research Director, Enterprise Management Associates.

Aorato's advisory board includes:

- Gil Kilkpatrick: Gil Kilpatrick is a Microsoft MVP for Directory Services

from 2005 and was the Chief Architect of Quest Software for Active Directory and

identity management solutions. Today he is the CTO of ViewDS, an identity solutions

provider. Gil has founded and chaired The Experts Conference, the premier conference

for Microsoft identity and access technologies.

- Harry Sverdlove: Harry Sverdlove is the CTO for Bit9. Prior to joining Bit9

Harry was principal research scientist for McAfee, Inc., where he supervised the

overall architecture of crawlers, spam detectors and link analyzers.

- Prof. Gil David: Prof. Gil David brings to Aorato over 17 years of

governmental, industrial and academic experience in the data analysis and cyber

security fields, both in Israel and the USA.

- Neil W. Book: Neil Book serves as the President & CEO of Jet Support Services,

the world's largest provider of hourly cost maintenance programs for business jets.

Previously, Neil was VP at Juniper Networks, leading their mobile security business

unit.

To learn more about Aorato, please visit: http://www.aorato.com

About Aorato

At the core of Aorato's founding was the acknowledgement that Active Directory is exposed - by default and by design. Combining the company's intimate knowledge of Active Directory and cyber-security, Aorato has filled in this blind spot with their Directory Services Application Firewall (DAF). DAF protects Active Directory and leverages its central role in the network to protect organizations from advanced targeted threats. DAF automatically learns the behaviors of all entities engaging directly, or indirectly, with Active Directory. By profiling the entities, DAF builds an interaction graph between all entities in order to detect in real-time suspicious entity behavior. Today, Aorato is a strong financially-backed company and boasts several enterprise customers.

About Accel Partners

Founded in 1983, Accel Partners has a long history of partnering with outstanding entrepreneurs and management teams to build world-class businesses.

Accel today invests globally using dedicated teams and market-specific strategies for local geographies, with offices in Palo Alto, London, New York City and Bangalore, as well as in China via its partnership with IDG-Accel.

Accel has invested in over 500 companies, many of which have defined their categories, including Angry Birds (Rovio), Atlassian, Cloudera, ComScore, Dropbox, Facebook, Groupon, Imperva, Kayak, Playfish, QlikTech, Spotify, Supercell, and Wonga. For more information, visit the Accel Partners web site at http://www.accel.com find us on Facebook at http://www.facebook.com/accel.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-0334
Published: 2014-10-31
Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source.

CVE-2014-2334
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

CVE-2014-2335
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

CVE-2014-2336
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335.

CVE-2014-3366
Published: 2014-10-31
SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka Bug ID CSCup88089.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.