Application Security

12/29/2014
08:00 PM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

20 Startups To Watch In 2015

Check our list of security startups sure to start (or continue) making waves in the coming year.
Previous
1 of 21
Next

(Image: www.freeimages.com)
(Image: www.freeimages.com)

2015 is shaping up to be another gangbusters year for security startups as industry players hope to help organizations deal with the most difficult problems in security and risk management. We've put together a list of some of the startups most likely to make waves in the coming year. 

Our choices reflect players that have some experience under their belts, that have been wooed heavily by the VC community, that are building their customer bases with products or services that have moved beyond the vaporware stage, or that have founders with a proven pedigree in security.

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Previous
1 of 21
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
SophieBOU
50%
50%
SophieBOU,
User Rank: Apprentice
1/14/2015 | 6:50:08 PM
Re: "Interesting" - perhaps. Startups?
The vast majority of startups don't "make it" within 3 years. Uber has been everyone's example of an especially successful startups until runins with regulation recently, so I'll use them as an example. They were founded in early 2009 and only got big last year, 5 years later. 

There's been much debate, but I'm most convinced by proponents of looking at whether any startup is truly doing something new and with limited resources (tech penchant not required).
GilesR588
50%
50%
GilesR588,
User Rank: Apprentice
1/14/2015 | 5:22:57 PM
3 words to address the world
what3words 

 

what3words is a giant grid of 57 trillion 3m x 3m squares that covers the entire globe.

 

Each square has been been given a 3 word address,  allowing people to find more accurately and communicate more quickly, any location on earth.

 

Poor addressing affects 75% of the world, over 135 counties. It is frustrating and costly in developed nations but life threatening and limits growth in developing ones. 
dnadir
50%
50%
dnadir,
User Rank: Apprentice
1/2/2015 | 4:54:57 PM
"Interesting" - perhaps. Startups?
I wish we had an agreed definition for "startups". Some of these companies are perhaps interesting, or "early stage" and some are what I'd consider successful leaders in a nascent space, but IMHO a "startup" is a new company with seed or perhaps new series A funding. A company 3+ years old with multiple rounds that is still small or a "startup" just sounds like they are struggling to me. 
varunopen
50%
50%
varunopen,
User Rank: Apprentice
1/2/2015 | 6:34:02 AM
Re: Vector Prevalence
very nice list of start ups
will.munroe
50%
50%
will.munroe,
User Rank: Apprentice
1/1/2015 | 9:15:57 AM
Re: Vector Prevalence
Ryan

There is no doubt Crowd Strike is a great product and it was a SINET winner.  They were next to Interset at the event.  As for application security - that is a crowded and fairly mature space, and Cloud Security is the opposite, nacent but it will have its day.  Most Forune 1000 security folks are slow to adopt the cloud while most security companies offer some form of cloud based solution.  My expirience with endpoints is that they are hard to manage for the security teams - often owned by another part of the CIO's team and already paralyzed by agents......

The hope is that by adding intelligence to the security equation we can get smarter at finding the threats we need to focus on - that is the goal of many of these companies and of the behavioral analytics players.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
12/31/2014 | 12:18:23 PM
Vector Prevalence
I am surprised that application security and cloud security are not more prevalent. I speculate that by 2016, cloud security will be everywhere due to the rapidly evolving landscape.

I have seen Crowd Strike's product first hand and can attest to it being a robust product. Real time threat mitigation from an endpoint perspective. I will be interested to get more acquainted with some of the other tool sets referenced in the article.
Devastating Cyberattack on Email Provider Destroys 18 Years of Data
Jai Vijayan, Freelance writer,  2/12/2019
Up to 100,000 Reported Affected in Landmark White Data Breach
Kelly Sheridan, Staff Editor, Dark Reading,  2/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8354
PUBLISHED: 2019-02-15
An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow.
CVE-2019-8355
PUBLISHED: 2019-02-15
An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c.
CVE-2019-8356
PUBLISHED: 2019-02-15
An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow.
CVE-2019-8357
PUBLISHED: 2019-02-15
An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference.
CVE-2013-2516
PUBLISHED: 2019-02-15
Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user supplied url variable that is passed to the shell.