8 Older Companies Doing New Things in Security
These organizations have been around for a while but aren't slowing down on security releases.
The security space is growing with startups building game-changing technologies in identity management, training, privacy, and other niche areas to drive the future of security.
This year is a big one for new companies trying to make a name for themselves in the industry. From a security investment standpoint, the first two quarters of 2017 were the most active in the past five years. Numbers show 2017 will be a record-breaking year for security funding.
It's easy to see why. Major global cyberattacks, combined with evolving security threats for businesses and consumers, have heightened the demand for new tools and services.
While the up-and-comers are getting their fair share of attention, let's not forget older security-focused companies have continued to explore new technologies. Many of them have come out with interesting updates in the last few months, a sign we should still keep an eye on them.
Here, we catch up with some players who have been around the industry for a while and see what they've been up to. Any companies you'd like to add to the list? Feel free to share your contributions in the comments.
IBM, which has been around for over 100 years, stepped up its security game when it announced plans to combine cybersecurity with the power of its Watson supercomputer. Watson, created in 2010, is built on cognitive technology that uses natural language processing and machine learning to dig through data and answer questions. The idea is to take pressure off teams struggling with the talent shortage by giving analysts a tool to help make decisions.
In October 2017, IBM announced a new feature called pervasive encryption in its newest z14 line of mainframes. Pervasive encryption lets businesses store sensitive core data in-transit and at-rest so only authorized users can access it when decrypted. This makes it easier to encrypt data at scale, and the z14 platform puts a protective wall around data.
McAfee was founded in 1987 and recently became a standalone security company. Intel bought McAfee for $7.6 billion in 2010 and decided to spin off its McAfee unit in a $4.2 billion deal in 2016. Since then, the independent McAfee has focused on new technologies like machine learning and automation, intended to help security teams cope with the skills gap. It has also revamped its consumer security lineup to protect connected devices in the home and online privacy.
CA has been around since 1976 and has recently undergone several changes as it tries to accommodate increasingly agile and cloud-based businesses. The company is slowly phasing out of its focus on legacy systems and switching gears toward software development, bringing DevOps and security into the development process.
To that point, CA has made several acquisitions to gain technologies it needs to move forward. These include Veracode, Automic Software, Rally, and Blazemeter. Earlier this month, the company announced a new release of its privileged access management (PAM) tool so companies can scale PAM across departments and managed service providers, and admins have more visibility in monitoring and controlling users.
HP, founded in Palo Alto in 1939, is strengthening its focus on printer security. Most businesses don't pay attention to printers, often forget to update their firmware, or mismanage settings and ports, leaving devices with vulnerabilities that expose them to attackers.
Most recently, the company rolled out several updates to secure printers in modern enterprise environments. One, Connection Inspector, analyzes outbound network connections frequently targeted by malware. It detects anomalous behavior and, if it needs to, triggers a reboot to return to a known version of the BIOS. HP Roam, a Pull Print tool built in the cloud, lets mobile workers hand off documents and print them before erasing the job from the device.
Cloud and mobile security were far-off problems when Symantec was founded in 1982, but that's where the company's focus is now. Back in October, it built on its existing endpoint protection platform with a new endpoint tool for cloud environments. This tool combines deception technology, mobile threat defense, and endpoint detection and response. Admins monitor and manage threats without navigating complex environments.
A couple of summer acquisitions show where Symantec's long-term thinking is headed. In July it bought Fireglass, which builds isolation technology to defend against ransomware, malware, and phishing. The same month, it snapped up mobile threat defense company Skycure, which has predictive threat detection capabilities that should prove useful in a mobile workforce.
Tenable, founded in 2002, is on the younger end of the spectrum. It became famous for its vulnerability management tool, Nessus, but has since changed its strategy and is growing fast. Now, it has broadened its focused to include vulnerability management, web application scanning, and container security in the Tenable.io platform. This broadens the scope from identifying bugs and misconfigurations to discovering flaws across all assets.
In late October, Tenable launched an ecosystem called Cyber Exposure to help customers reduce risk by finding and securing tools on their networks. The idea is to help customers address points of exposure, which are common as their ecosystems contain both new and legacy technologies.
Following the McAfee spinout, Intel published a commitment to continuing its focus on security without the cybersecurity company under its umbrella. Its specific focus is on the Internet of Things, which it reports will have 200 billion connected devices by 2020. Intel argues its hardware-based approach to security can better protect hardware, firmware, operating systems, applications, networks, and the cloud, compared with a software-based approach.
Since then, Intel and Microsoft joined up to focus on business privacy and security with an enterprise blockchain service. The "Coco Framework" integrates hardware-based Intel Software Guard Extensions so developers can build more secure blockchain applications. In October, Intel began shipping the Intel Stratix 10SX FPGA, which has a quad-core ARM Cortex A53 processor. The company explains how in secure applications, integrated processors protect data by making it harder to spy on software operations.
Microsoft made security a focal point when it announced Windows 10 in early 2015, and has since expanded security efforts across all its products and services. Its most recent announcements include the addition of automation into Windows Defender ATP and a wide range of new security tools in the Windows 10 Fall Creators Update.
It's not only Windows getting security updates. Microsoft is also strengthening Azure security as part of its broader focus on cloud computing. Azure "confidential computing" is the product of the Azure team, Microsoft Research, Windows, the Developer Tools group, and Intel, all of which have been working on the technology for four years. Confidential computing lets users process data in the cloud, knowing it's under their control. Encryption of data while in use had so far been absent from the public cloud prior to this announcement.
To help companies find bugs in their own software, Microsoft rolled out Security Risk Detection earlier this year. The cloud-based tool was designed to catch software flaws before companies release or use it. SRD automates fuzz testing, which many businesses outsource -- if they do it at all.
Microsoft made security a focal point when it announced Windows 10 in early 2015, and has since expanded security efforts across all its products and services. Its most recent announcements include the addition of automation into Windows Defender ATP and a wide range of new security tools in the Windows 10 Fall Creators Update.
It's not only Windows getting security updates. Microsoft is also strengthening Azure security as part of its broader focus on cloud computing. Azure "confidential computing" is the product of the Azure team, Microsoft Research, Windows, the Developer Tools group, and Intel, all of which have been working on the technology for four years. Confidential computing lets users process data in the cloud, knowing it's under their control. Encryption of data while in use had so far been absent from the public cloud prior to this announcement.
To help companies find bugs in their own software, Microsoft rolled out Security Risk Detection earlier this year. The cloud-based tool was designed to catch software flaws before companies release or use it. SRD automates fuzz testing, which many businesses outsource -- if they do it at all.
The security space is growing with startups building game-changing technologies in identity management, training, privacy, and other niche areas to drive the future of security.
This year is a big one for new companies trying to make a name for themselves in the industry. From a security investment standpoint, the first two quarters of 2017 were the most active in the past five years. Numbers show 2017 will be a record-breaking year for security funding.
It's easy to see why. Major global cyberattacks, combined with evolving security threats for businesses and consumers, have heightened the demand for new tools and services.
While the up-and-comers are getting their fair share of attention, let's not forget older security-focused companies have continued to explore new technologies. Many of them have come out with interesting updates in the last few months, a sign we should still keep an eye on them.
Here, we catch up with some players who have been around the industry for a while and see what they've been up to. Any companies you'd like to add to the list? Feel free to share your contributions in the comments.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024