Risk
9/11/2008
12:15 PM
Connect Directly
LinkedIn
Google+
Twitter
RSS
E-Mail
50%
50%

Startup Of The Week: Trusteer

A new approach to security focuses on protecting online banking and e-commerce.

The major flaw of most security software is it can't keep pace with new malware. Trusteer doesn't even try. "We assume the desktop is compromised," says CEO and co-founder Mickey Boodaei. Trusteer's software protects passwords and account numbers rather than trying to seek and destroy infections.
--Andrew Conry-Murray

TRUSTEER


Mickey Boodaei, co-founder and CEO, Trusteer

Boodaei tackles online banking security
HEADQUARTERS: Tel Aviv, Israel

PRODUCT: Rapport

PRINCIPALS: Mickey Boodaei, co-founder and CEO; Amit Klein, co-founder and CTO; Shmulik Regev, co-founder and chief architect

INVESTORS: Private investors

FUNDING: $4 million

EARLY CUSTOMERS: ING Direct, Muriel Siebert


HOW IT WORKS
Rapport is a desktop agent that performs multiple functions, including encrypting all the keystrokes from the keyboard driver to the browser to thwart keyloggers. It also restricts access to the browser and browser APIs. Any attempt by a browser add-on to interact with the browser must be allowed by the software's rule set. Finally, the software authenticates the e-commerce server, whether by checking a trusted list of IPs, by reverse DNS lookup, or by using a secure DNS server hosted by Trusteer.

WHAT'S DIFFERENT?
Trusteer's security software doesn't try to identify malware. Instead, it protects Web transactions by monitoring browser processes so malware can't log keystrokes, redirect the browser, or inject transactions. In addition, Trusteer doesn't sell to end users. It contracts with banks and e-commerce companies, which in turn offer the software to their customers.

OUR TAKE
Trusteer faces a couple of major hurdles. First, its software has to be nearly flawless, both in operation and construction. Second, banks usually don't provide security software to customers because they risk liability if something goes wrong. But the pain inflicted by criminal malware may now outweigh the risk. Trusteer's product is compelling enough to get in the labs of potential customers, where it will be pounded mercilessly. If it can run the gauntlet, look for an acquisition within two years.

LEADERSHIP
CEO and co-founder Boodaei was VP of EMEA sales at Imperva, a Web and database security vendor. CTO and co-founder Klein was chief scientist at security vendor Cyota, which was acquired by RSA.

TIMELINE
Timeline Chart

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-6628
Published: 2015-05-28
Aruba Networks ClearPass Policy Manager (CPPM) before 6.5.0 allows remote administrators to execute arbitrary code via unspecified vectors.

CVE-2015-1389
Published: 2015-05-28
Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote attackers to inject arbitrary web script or HTML via the username parameter to tips/tipsLoginSubmit.action.

CVE-2015-1392
Published: 2015-05-28
Multiple SQL injection vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allow remote administrators to execute arbitrary SQL commands via unspecified vectors.

CVE-2015-1550
Published: 2015-05-28
Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote administrators to execute arbitrary files via unspecified vectors.

CVE-2015-1551
Published: 2015-05-28
Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.4 allows remote administrators to read arbitrary files via unspecified vectors.

Dark Reading Radio
Archived Dark Reading Radio
After a serious cybersecurity incident, everyone will be looking to you for answers -- but you’ll never have complete information and you’ll never have enough time. So in those heated moments, when a business is on the brink of collapse, how will you and the rest of the board room executives respond?