Meet Some Of The Emerging Israeli Cybersecurity Firms
Many are borne out of the entrepreneurial spirit of the Israel Defense Force's Cyber Intelligence Unit 8200. Could any other nation keep up?
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt033c4c4023b7f5eb/64f0d99d465245967ffb4d7f/israelflag.jpg?width=700&auto=webp&quality=80&disable=upscale)
If it seems to you like a hot new cybersecurity company springs out of Israel every week, you're not far off. Israel is now the world's second-largest exporter of cybersecurity products and services--second only to the US--with exports that grew from $3 billion to $6 billion in just a few years. The secret to its success: military experience. While the technology varies, many if not most of the newest companies have one thing in common: they were founded by veterans of the Israel Defense Force's (IDF) elite cyberintelligence Unit 8200.
"Last year, there were 16 Israeli companies on the Cybersecurity 500 list of the world's hottest and most innovative cybersecurity companies. This year there are 26, and we are expecting more in 2017," says Steve Morgan, founder and CEO at Cybersecurity Ventures. "VC firms and corporate investors have put around a half-billion dollars into Israel cybersecurity startups over the past few years."
Israel's main cybersecurity market is the US, according to Morgan. Many have offices, even corporate headquarters, in the US.
"With regards to Silicon Valley, that is a favorite spot for Israeli cyber firms to set up U.S. offices due to its proximity to [venture capital] firms who invest into cybersecurity startups," says Morgan. "Sand Hill Road is the Wall Street of cyber-funding and the Israeli company founders are smart enough to know the value of being there."
Regardless of where corporate HQ is, most of these companies' R&D operations remain firmly in Israel.
"Israel is the place where you can hire people who 'get' the problem," says Lior Div, CEO and co-founder of Israeli start-up Cybereason. "They add value almost from day 1."
Why do they "get it"? Military experience.
Div says the secret to the recent boom in Israeli cybersecurity companies is a combination of both a change in the market and the nature of Israel and Unit 8200, which he linked together. Div himself won an IDF Medal of Honor for outstanding achievements as a commander of a cybersecurity team in the 8200.
Div says the market changed in 2010 when Stuxnet awoke people to what cyberattacks could truly achieve. "It's kind of a war. Some people say when I use the word 'war' that it's too much. If you really understand what's going on out there, it's not too much.'"
"You needed people with a different mindset," he says. "People who were actually creating the problem, if I may." In other words, cyberdefense experts who have offensive hacking skills as well.
Representatives from several other Israel-based companies say military experience -- and Unit 8200 specifically -- in a post-Stuxnet age have played a significant role in the boom of Israeli start-ups, as well as other attributes and skillsets.
Maya Schirmann of DeepInstinct mentions the support of earlier giants in the industry that were founded in Check Point, founded by three ex-8200 members, and CyberArk. (In fact, one of Check Point's co-founders, Shlomo Kramer, has been on a spree, co-founding or funding several of the newest companies to come out of the country as well.)
Schirmann and Guy Nizan, co-founder of IntSights, both note that the innovation is a function of necessity. Nizan says "our country is under continuous cyberattacks that force us to invest and develop new and innovative technologies to protect ourselves."
Here is a rundown of 37 cybersecurity companies that have sprung out of Israel in just the past four years.
Founded: subsidiary of defense electronics firm Elbit Systems. Elbit was founded in 1966; CYBERBIT was founded in 2015.
Products/Services: SCADA and IP security; communications intelligence technology for law enforcement, intelligence agencies, and signals intelligence
Claims to Fame: CyberShield Suite tools for IP & SCADA networks use kernel-based endpoint agents, big data analytics and machine-learning algorithms, and decision-support as well as mitigation and response SOC tools. Intelligence tools include prison monitoring, location tracking, satellite interception, WiT collaboration center, and a mass detection center. Listed at No. 45 on the Cybersecurity 500 by Cybersecurity Ventures.
Website: http://www.cyberbit.net
Founded: 2012
Founders: Shimon Becker and Moti Ram, both former senior IT leaders in the Israeli Prime Minister's Office
Products/Services: security management platform; breach detection
Claims to Fame: Offers real-time infographic view of the security status, performance and preparedness across security domains, and identifies deviations from predefined thresholds, according to the company.
Website: http://www.cyber-observer.com/
Founded: 2014
Founders: Gadi Evron, former officer in Unit 8200 and Chairman of the Board of the Israeli CERT
Products/Services: "threat deception"; network obfuscation
Claims to Fame: Cymmetria says its MazeRunner threat deception tool intercepts attackers during the reconnaissance phase, leads them through a path to a controlled location, monitoring them the whole time to collect information about their tools and techniques, and behavior -- thus defeating them not just the first time, but learning about their behavior to better detect them next time. Listed at No. 493 on the Cybersecurity 500 by Cybersecurity Ventures.
Website: https://www.cymmetria.com/
Founders: Guy Caspi, Dr. Eli David (heading the deep learning research group), Doron Cohen, Nadav Maman, and Yoel Neeman. Caspi served in an elite technology unit of the IDF, but has not disclosed whether or not it is the 8200.
Products/Services: "deep learning," a kind of machine learning, for threat detection and response
Claims to Fame: DeepInstinct applies deep learning to cybersecurity. Threat detection based on deep learning differs from traditional signature-based methods, because it operates more like a human mind, the company says. A deep learning system is first fed enormous amounts of data and told simply 'this is malicious' and 'this is not malicious' until it can differentiate between the two without necessarily needing to know the definitive parameters of what makes it malicious. Once it has "learned," the system can recognize something as malicious even if has never seen it before -- making it possible to identify and respond to zero-days. DeepInstinct won the IT World Awards Bronze Award for Start-up of the Year. Winner of "Most Innovative Start-up" in 2016 Best of Black Hat Awards.
Website: http://www.deepinstinct.com
Founded: 2013
Founders: Ariel Peled and Itay Reved
Products/Services: document and data security
Claims to Fame: DocAuthority automatically discovers and identifies unprotected sensitive documents, the company says. Can integrate with existing DLP, audit, and access control tools, and understand SIEM alerts, so that organizations can prioritize sensitive documents.
Website: http://www.docauthority.com
Founded: 2013
Founders: Avner Mor, Yehuda Lindell, Guy Peer, Nigel Smart
Products/Services: encryption key management; "software-defined cryptography"
Claims to Fame: The Dyadic vHSM is a software virtual Hardware Security Module that can be embedded into any device or platform. The two complementary solutions -- distributed key protection and software-defined encryption -- protect against rogue admins, stolen credentials, device compromise, and malware, the company says.
Website: dyadicsec.com
Founded: 2014 (emerged from stealth in Feb. 2016)
Founders: Guy Guzner and Dan Amiga
Products/Services: "threat isolation platform" to protect endpoints from web-borne threats
Claims to Fame: Fireglass says its technology virtualizes web browsers on a dedicated platform, thus creating a secure execution environment between users and the web so that all potentially malicious content is executed remotely. The only thing sent to the endpoint is a visual representation of the actual Web content. Listed at No. 97 on the Cybersecurity 500 by Cybersecurity Ventures. Named "Cool Vendor" by Gartner.
Website: https://fire.glass/
Founded: 2013
Founders: Yair Grindlinger, who was a reserve captain in the IDF Tech Division, and Doron Elgressy
Products/Services: policy-based, device-agnostic, cloud application security gateway on every device
Claims to Fame: FireLayers provides control over homegrown cloud apps and popular public apps like Salesforce, Office 365, SuccessFactors, NetSuite, and Okta. It monitors for regulatory compliance violations, deploys context-based controls (like extra authentication when higher risk factors are detected), and other services.
Website: https://www.firelayers.com/
Founded: 2012
Founders: Amit Cohen, Amir Naftali, Noam Singer
Products/Services: Network security-as-a-service
Claims to Fame: FortyCloud says it blends software-defined networking and software-defined security. This "overlay network," lets organizations both isolate and interconnect their cloud deployments. Organizations can see who is accessing cloud VMs, update access policies quickly, encrypt data in transit, collect audit trails, etc., according to the firm.
Website: http://fortycloud.com
Founded: 2012
Founders: Pavel Gurvich, Ariel Zeitlin, Dror Sal'ee. Gurvich and Zeitlin each spent over 10 years in IDF intelligence leading cybersecurity and research teams.
Products/Services: process-level visibility, semantics-based analysis, "threat deception", and automated response
Claims to Fame: Guardicore says its solution is a lightweight, distributed component across the data center that covers all internal traffic looking for suspicious activity within the cyber kill chain -- like lateral movement across the network. It then reroutes those communications into an "interactive honeypot." Listed at No. 328 on the Cybersecurity 500 by Cybersecurity Ventures.
Website: http://www.guardicore.com
Founded: 2013
Products/Services: industrial control systems security
Claims to Fame: Not to be confused with the professional organization (ISC)2, ICS2 means "intelligent cyber security for industrial control systems." Led by a team with both IT and OT experience, ICS2 developed the OnGuard IIDS -- an appliance that uses machine learning and data analysis to both detect intrusions on cyber-physical systems and improve plant productivity, according to the firm.
Website: http://ics2.com/
Founded: 2014
Founders: Barak Perelman, Mille Gandelsman, Ido Trivizki. Each served for over a decade at the IDF leading defense projects.
Products/Services: industrial control systems cybersecurity
Claims to Fame: Indegy has developed a cybersecurity platform that provides visibility into the control-plane of operational technology networks, as opposed to just the data-plane, according to the company. It allows them to detect and monitor the engineering activities used for managing and updating the critical industrial controllers that handle industrial processes. Indegy's patent-pending technology monitors all OT activities, including changes to controller logic, configuration and state, and provides holistic, vendor-agnostic asset management, configuration control and cyber protection, the company says. Listed at No. 425 on the Cybersecurity 500 by Cybersecurity Ventures.
Website:http://www.indegy.com
Founded: 2014
Founders: Ofer Israeli
Products/Services: "threat deception"
Claims to Fame: Founded out of the Team8 incubator, Illusive uses threat deception to show attackers faulty data that damages their ability to make decisions. Their "Attacker View" product shows their network from the attacker's point of view, and the Ransomware Guard product detects ransomware before it has had a chance to encrypt any files, the company says.
Website: http://www.illusivenetworks.com
Founded: 2013
Founders: Co-founder Avi Rosen
Products/Services: mobile cyber defense
Claims to Fame: Kaymera combines hardened security on the endpoint itself with encrypted communications and a cyber command center. The goal is to deliver security without sacrificing usability, Kaymera says.
Website: https://www.kaymera.com/
Founded: 2012
Founders: Gonen Fink, Michael Mumcuoglu, Giora Engel, all members of IDF intel unit
Products/Services: behavioral attack detection
Claims to Fame: Behavioral analysis tool to detect threats accurately, reducing the number of false positives, according to LightCyber. The solution requires neither endpoint agents nor external storage and it integrates with other remediation tools. Listed at No. 313 on the Cybersecurity 500 by Cybersecurity Ventures. Read LightCyber Research Team Leader Yoni Allon's latest story on Dark Reading: The Secret Behind the NSA Breach: Network Infrastructure is the Next Target and more about LightCyber here.
Website: http://lightcyber.com/
Founded: 2014
Founders: Ronen Yehoshua and Dudu Mimran
Products/Services: application security that puts polymorphism to the good guys' use, with "Moving Target Defense"
Claims to Fame: Emerging from Israel's national cybersecurity center, Morphisec's real-time investigation tools identify attack and attacker fingerprints so organizations can identify when a familiar attacker is making another attempt on them, even if they are using an unfamiliar tool to do so, like a zero-day.
Website: http://www.morphisec.com
Founded: 2014
Founded: 2014
Founders: Guy Bejerano and Itzik Kotler
Products/Services: cyberattack simulation platform; "continuous security validation"
Claims to Fame: Rather than simply having periodic red team exercises or penetration tests, the idea behind SafeBreach is to deploy attack simulators in critical segments of the network that regularly, continuously test the organization's defenses. These simulators regularly play the role of the hacker, running through the entire kill chain to test out how secure the organization still is, without putting the company at any real risk. SafeBreach was listed at No. 117 on the Cybersecurity 500 by Cybersecurity Ventures. Finalist for "Most Innovative Start-up" in 2016 Best of Black Hat Awards. Top 10 Finalists in the Innovation Sandbox "Most Innovative Startup" Contest at the RSA Conference 2016.
Website: http://www.safebreach.com
Founded: 2012
Founders: owned by Kibbutz Sasa
Products/Services: data security -- content sanitization, malware removal
Claims to Fame: Owned by a collective kibbutz, Sasa Software specializes in content sanitization, threat neutralization, and deep malware removal from email, Internet downloads, file transfers, and external devices.
Website: http://www.sasa-software.com
Founded: 2015
Founders: Yoni Shohet, Ofer Shaked
Products/Services: security for SCADA/ICS and manufacturing industries
Claims to Fame: SCADAFence was developed by a combination of both operational technology and cybersecurity professionals, including Joel Langill, a.k.a. SCADAhacker. It provides passive network monitoring solutions for manufacturers, particularly focusing on the chemical, pharmaceutical, food & beverage, and automotive industries, the company says.
Website: http://www.scadafence.com
Founded: 2014
Products/Services: SOC management, triage platform
Claims to Fame: Because the cybersecurity skills shortage is so severe, SecBI's goal is to optimize the SOC operations. Using machine learning and big data analytics, its solutions prioritize incidents with the goal of improving and speeding up triage, the company says. SecBI is already deployed in production by Fortune 500 companies.
Website: http://www.secbi.com/
Founded: 2014
Founders: Yair Finzi, head of cybersecurity intelligence corps, IDF, and Ran Shulkind
Products/Services: biometric authentication via mobile devices
Claims to Fame: SecuredTouch is a "frictionless" identity verification platform for mobile apps and mobile websites. As opposed to a fingerprint scanner, this tool builds an identity by capturing data about finger size and length and also the way a person interacts with the touchscreen -- like their gestures and pressure with which they touch the screen.
Website: http://www.securedtouch.com
Founded: 2013
Founders: Tomer Weingarten and Almog Cohen
Products/Services: behavior-based endpoint threat detection
Claims to Fame: SentinelOne uses dynamic execution inspection to detect and protect devices against targeted and zero-day threats in real-time, according to the firm. Made waves by offering a $1 million guarantee to mitigate ransomware -- something it felt confident doing because of its ability to see the execution of certain tell-tale scripts all ransomware runs early in its lifecycle. Discovered a vulnerability in Blackphone earlier this year.Listed at No. 421 on the Cybersecurity 500 by Cybersecurity Ventures. Finalist for "Most Innovative Emerging Company" in 2016 Best of Black Hat Awards.
Website: http://sentinelone.com
Founded: 2012
Founders: Adi Sharabani and Yair Amit, both Unit 8200 veterans
Products/Services: predictive mobile threat defense
Claims to Fame: Skycure puts security applications on the device itself, and uses crowd-sourced threat intelligence collected from Skycure mobile apps across the globe and an active honeypot in order to protect devices from network-borne threats. It can provide native MDM functionality or integrate with other MDM solutions. Listed at No. 202 on the Cybersecurity 500 by Cybersecurity Ventures. Skycure also regularly publishes Mobile Threat Intelligence Reports.
Website: https://www.skycure.com/
Founded: 2012; acquired in 2016 by Harman International Industries
Founders: Saar Dickman, Yuval Weisglass (who served in Unit 8200), and Guy Ruvio
Products/Services: automotive cybersecurity
Claims to Fame: TowerSec makes on-board embedded security software and an IPS for in-vehicle networks, based on their anomaly detection algorithms, for the auto OEMs, suppliers and the aftermarket telematics manufacturers. Listed at No. 125 on the Cybersecurity 500 by Cybersecurity Ventures. Awarded Hottest Startup in 2015 at the North American International Auto Show and Frost & Sullivan's North America Automotive Software Cyber Security New Product Innovation Award.
Website: http://tower-sec.com
Founded: 2015
Founders: Ben Bernstein, who served in the "Israeli Intelligence Corps," and Dima Stopel
Products/Services: container security and cloud security platform
Claims to Fame: Agentless solution for discovering vulnerabilities on container images. Specifically built for container environment, for development through production.
Website: http://www.twistlock.com
Founded: 2015
Founders: Guy Nizan, Alon Arvatz and Gal Ben-David, veterans of elite intelligence and cybersecurity units in the Israeli Defense Forces
Products/Services: threat intelligence and remediation
Claims to Fame: IntSights says it mines data from the open, deep, and dark web, and draws intelligence from it using machine learning and other techniques. It feeds that data into dashboards that are customized and prioritized for each organization with suggested remediation actions.
Founded: 2015
Founders: Guy Nizan, Alon Arvatz and Gal Ben-David, veterans of elite intelligence and cybersecurity units in the Israeli Defense Forces
Products/Services: threat intelligence and remediation
Claims to Fame: IntSights says it mines data from the open, deep, and dark web, and draws intelligence from it using machine learning and other techniques. It feeds that data into dashboards that are customized and prioritized for each organization with suggested remediation actions.
If it seems to you like a hot new cybersecurity company springs out of Israel every week, you're not far off. Israel is now the world's second-largest exporter of cybersecurity products and services--second only to the US--with exports that grew from $3 billion to $6 billion in just a few years. The secret to its success: military experience. While the technology varies, many if not most of the newest companies have one thing in common: they were founded by veterans of the Israel Defense Force's (IDF) elite cyberintelligence Unit 8200.
"Last year, there were 16 Israeli companies on the Cybersecurity 500 list of the world's hottest and most innovative cybersecurity companies. This year there are 26, and we are expecting more in 2017," says Steve Morgan, founder and CEO at Cybersecurity Ventures. "VC firms and corporate investors have put around a half-billion dollars into Israel cybersecurity startups over the past few years."
Israel's main cybersecurity market is the US, according to Morgan. Many have offices, even corporate headquarters, in the US.
"With regards to Silicon Valley, that is a favorite spot for Israeli cyber firms to set up U.S. offices due to its proximity to [venture capital] firms who invest into cybersecurity startups," says Morgan. "Sand Hill Road is the Wall Street of cyber-funding and the Israeli company founders are smart enough to know the value of being there."
Regardless of where corporate HQ is, most of these companies' R&D operations remain firmly in Israel.
"Israel is the place where you can hire people who 'get' the problem," says Lior Div, CEO and co-founder of Israeli start-up Cybereason. "They add value almost from day 1."
Why do they "get it"? Military experience.
Div says the secret to the recent boom in Israeli cybersecurity companies is a combination of both a change in the market and the nature of Israel and Unit 8200, which he linked together. Div himself won an IDF Medal of Honor for outstanding achievements as a commander of a cybersecurity team in the 8200.
Div says the market changed in 2010 when Stuxnet awoke people to what cyberattacks could truly achieve. "It's kind of a war. Some people say when I use the word 'war' that it's too much. If you really understand what's going on out there, it's not too much.'"
"You needed people with a different mindset," he says. "People who were actually creating the problem, if I may." In other words, cyberdefense experts who have offensive hacking skills as well.
Representatives from several other Israel-based companies say military experience -- and Unit 8200 specifically -- in a post-Stuxnet age have played a significant role in the boom of Israeli start-ups, as well as other attributes and skillsets.
Maya Schirmann of DeepInstinct mentions the support of earlier giants in the industry that were founded in Check Point, founded by three ex-8200 members, and CyberArk. (In fact, one of Check Point's co-founders, Shlomo Kramer, has been on a spree, co-founding or funding several of the newest companies to come out of the country as well.)
Schirmann and Guy Nizan, co-founder of IntSights, both note that the innovation is a function of necessity. Nizan says "our country is under continuous cyberattacks that force us to invest and develop new and innovative technologies to protect ourselves."
Here is a rundown of 37 cybersecurity companies that have sprung out of Israel in just the past four years.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024