Edge Articles

Trinity Cyber

Focus: Managed threat prevention service
Funding: $23 million
Founded: 2016

Trinity Cyber's technology — offered as a managed security service — is essentially an intrusion prevention system on steroids. It operates as a bidirectional man-in-the-middle proxy between an organization's network and the Internet. It works by inspecting incoming and outbound traffic for signs of malicious activity and offers organizations multiple options for responding to detected threats. For example, in addition to simply blocking malicious files, the service allows organizations to alter or replace them to impede adversaries or to fool them into thinking an attack is working.

Trinity's founder, Steve Ryan, is a former deputy director of the NSA's Threat Operations Center. Tom Bossert — former US Homeland Security advisor to the White House in the Trump administration and co-author of the "2007 National Strategy for Homeland Security" — is president of the startup. The company secured $23 million in a funding round led by Intel Capital in 2019. In September 2020, Gartner listed Trinity as a "cool vendor" in the network and endpoint security space for the way in which the company's managed service "sanitizes traffic in flight." 

"Seemingly a hybrid between a scrubbing service and a 'man in the middle,' Trinity Cyber provides an internet-based service where network traffic invisibly transits high-throughput data centers where malicious content is actively replaced with benign content from full bidirectional network sessions," Gartner said.

Because the service only inspects traffic traversing the internal network boundary and the Internet, it is not a fit for use cases such as detecting insider threats or lateral movement, the analyst firm noted.

Image: Trinity Cyber

9 of 12