HBGary Founder Launches New Security StartupHBGary Founder Launches New Security Startup
Greg Hoglund's new Outlier Security offers SaaS-based security and IR for endpoints.
October 7, 2014
A new security startup co-founded by former HBGary CEO Greg Hoglund emerged from stealth today with a security-as-a-service based endpoint threat detection and incident response tool that operates without a software agent on the client machine.
Outlier Security's new Agentless Endpoint Threat Detection and Response (ETDR) offering builds on Hoglund's previous experience and work in endpoint forensic investigation. "The endpoint is a treasure trove of forensic evidence... It has all this evidence of what's really going on," says Hoglund, CEO of Outlier. "But there's been this gap where once you have an event, you need to go to the end node and do an investigation to validate that event. That's being done manually and it doesn't scale. Things are being missed, and there are a large number of false positives."
Hoglund says the idea behind Outlier's endpoint offering is to automate much of that filtering and analysis via an algorithm-based system. "We automate the best practices during the first response phase and collect data."
But one of the more unique features of the offering is that it's agentless, meaning no software has to run on the endpoint itself, security experts say. Agent-based analysis is more expensive to operate, as well as heavy on the endpoint -- but it also provides a fairly thorough record of attack information.
Hoglund maintains that the advantage of a more automated and streamlined approach without all of the false-positive analysis outweighs storing a full recording of every event that transpires on the endpoint.
Rick Holland, principal analyst with Forrester, says most of his corporate clients today don't have good visibility into what's occurring at the endpoint. "This is going to give you more visibility and context," he says of the SaaS-based endpoint approach. "But you need across-the-board visibility" in the network as well.
Holland sees Outlier fitting into a similar market as Carbon Black and CrowdStrike for detection and response services.
Meanwhile, Hoglund says his experience at HBGary in investigating advanced persistent threat attacks, rootkits, and advanced malware influenced the Outlier Security offering. "What we're doing here is automating a lot of that knowledge" of how attackers operate, he says.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware