Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Security Management

9/28/2017
03:35 PM
Simon Marshall
Simon Marshall
Simon Marshall
50%
50%

Fortanix Has Series A Funding for Run-Time Encryption

Fortanix has introduced new technology for run-time encryption to protect sensitive data.

Private data can be protected when it's at rest. It can be protected when it's in transit. But what about when it's being accessed by applications?

Run-time encryption is a solution to this problem, and it's the latest technology to emerge in cloud-based security. Essentially, it is aimed at protecting applications and data during use and computation. The clever part of this is that it allows general computation tasks to be executed on encrypted data.

At the moment, such tasks end with the data being decrypted and it is at that moment that hackers can swoop in and exploit this as a weakness that offers up control over free private data. "Without run-time encryption, once the hacker gets inside, the game is over," Ambuj Kumar, CEO and co-founder of Fortanix, told SecurityNow, "They take control of the data immediately, and can either analyze it there and then or send it to a remote server for analysis."

Ambuj Kumar, CEO and co-founder of Fortanix
Ambuj Kumar, CEO and co-founder of Fortanix

In short, the data then belongs to them and can't be accessed any more by the host target. The answer of course is not to make sensitive data available to any untrusted operating systems, root users, cloud providers or insiders in the first place.

"We set out to create a means to protect applications directly, regardless of the trustworthiness of the computing infrastructure," said Kumar. Welcome to an era of securing data-in-use. Kumar -- previously chief architect at Cryptography Research and Anand Kashyap, CTO and co-founder, formerly an engineer at Symantec and VMWare -- spotted this weakness, and in 2016, and the company was born.

Fortanix exemplifies the new security paradigm of accepting that at some point, systems will be hacked: it's no longer good enough to try and hold the perimeter. It's a case of not if, but when. As hackers break into a server, they may have penetrated security to get there, but the data with run-time encryption is still scrambled and therefore unreadable. It's a technology which natrually comes into its own when it provides the security for applications which are in the cloud.

Kumar believes the run-time encryption concept could apply to many other systems and applications where this functionality would be a plus. Currently, Fortanix leads with a product it launched last week called SDKMS (Self-Defending Key Management Service), which is its application of run-time encryption that the firm holds pending patents to. Kumar says it has emerged from beta and is now under limited GA since his company is still developing the sales resources to serve the apparent demand. SDKMS is a key management service, based in the cloud, which the company claims is the first one to be Intel SGX-based, offering data enclaves, the protected areas of execution in memory.


Want to learn more about how LTE-A Pro and Gigabit LTE will impact the 5G market? Join us in San Francisco for LTE Advanced Pro and Gigabit LTE: The Path to 5G event -- a free breakfast collocated at Mobile World Congress Americas with a keynote address by Sprint's COO Günther Ottendorfer.

"Our key market is the financial properties because they have important data to protect, and they can afford new systems," jokes Kumar. Included too is the government sector, because it holds state secrets but importantly is the target for the most advanced hackers.

Fortanix has to date taken two rounds of funding, one a seed round from an undisclosed source, the other -- closed in early June -- a series A round for $8 million from Foundation Capital and NeoTribe Ventures. Fortanix' first two publicly announced customers are Lending Club and IBM.

It's a brand-new technology, so was it hard to convey the technical aspects to potential investors? What was the VC community's reaction to Fortanix?

"Initially, no one understood," said Kumar. "Many folks in the VC community claim to find funding for technologies with new angles. Most of them understand the money, but not technology."

Related posts:

— Simon Marshall, Technology Journalist, special to Security Now

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
Edge-DRsplash-10-edge-articles
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23394
PUBLISHED: 2021-06-13
The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.
CVE-2021-34682
PUBLISHED: 2021-06-12
Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.
CVE-2021-31811
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812
PUBLISHED: 2021-06-12
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-32552
PUBLISHED: 2021-06-12
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.