10 Security Innovators to Watch
Startups in the RSA Conference Innovation Sandbox competed for the title of "Most Innovative."
April 30, 2018
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt77b2bb1e1e3d64ce/64f0d742a0be2765e31e86e6/Image_1.jpg?width=700&auto=webp&quality=80&disable=upscale)
"What did you see that was really innovative?"
That's the question everyone who goes to a trade show hears on returning to the office. At the RSA Conference this month, one answer to the question comes in the annual Innovation Sandbox Contest. The ten finalists this year ranged from cloud offerings to RF security to software connectors, and each presented its unique vision of what companies most need to be secure.
At the end of the presentation, a panel of judges chose the most innovative, and at the end of the article you can see which company took home the trophy.
One thing that's worth noting is that the security industry is similar to the rest of the computer industry in that acquisition is a chief business model for those starting companies. Of the ten companies participating in the contest, two have already been acquired by other firms — and that number could change by the time you read this.
Here are the 10 young companies that vied for the title of "Most Innovative" in 2018 at RSAC - and a look at the one that came away with the title.
Product/Service Highlights: Acalvio's Shadowplex is based on the principle of deceiving an attacker, actively engaging a threat actor rather than simply observing their actions. By offering "alternative realities," Shadowplex seeks to trick malware, exploits, and attacks into showing themselves and giving up their secrets. In order to scale this activity, Acalvio has developed autonomous deception, which combines deception with AI and SDN technologies.
Year Founded: 2015
Key Executives: Ram Varadarajan, founder, chairman, and CEO, was formerly senior vice president and general manager at CA. Prior to that, he was founder, chairman, and CEO of Arcot Systems. Nat Natraj, co-founder and president, was formerly senior vice president, sales, at Apigee, Calypso, and CA. Raj Gopalakrishna, co-founder and vice president, architecture, was formerly distinguished engineer and senior vice president at CA. Sreenivas Gukal, co-founder and vice-president, engineering, was formerly senior architect at CA Technologies.
Product/Service Highlights: Protecting personal information starts with knowing how much you have and where it sits. Each of those can represent difficult information to gather, and no security or regulatory compliance can be complete without them. BigID uses an agent-less search across a wide variety of data types to discover where information lives, then applies machine intelligence to identify which parts of a data store are actually personal information. Cloud connectors and rich APIs allow applications and actions to be built based on BigID results for cataloging and protecting enterprise data.
Year Founded: 2016
Key Executives: Dimitri Sirota, co-founder and CEO, was previously senior vice president of security strategy at CA Technologies, which he joined when CA purchased Layer 7 Technologies, which he co-founded. Nimrod Vax, co-founder and chief product officer, was the owner of HooIM. Prior to that he was vice president of product management at CA Technologies, where he was responsible for the company's identity management portfolio.
Product/Service Highlights: Fundamental security hygiene has to include the security of third-party applications and components that make up parts of an enterprise infrastructure. Companies are no longer self-contained; their attack surfaces extend to their entire application ecosystem. CyberGRX works to build a security exchange model, where information is validated once and shared widely. When a company joins the exchange, it can get information on a supplier or partner, regardless of size. The company's analytics use AI to walk the entire kill chain looking for new or existing threats.
Year Founded: 2015
Key Executives: Fred Kneip, CEO, held senior management roles at Bridgewater Associates, including head of compliance and head of security. Previously, he was an associate principal at McKinsey & Co. Bryan Gale, chief product officer, was vice president of product and technical marketing for Cylance. Prior to that, he held product leadership roles at McAfee.
Product/Service Highlights: Fortanix believes that it's time to de-couple security from infrastructure. The company's runtime encryption engine protects data at rest, in motion, or in use. To do this, Fortnix runs applications inside protected envelopes, away from the organization infrastructure. The envelope travels with the application, protecting it regardless of where the application is executing.
Year Founded: 2016
Key Executives: Ambuj Kumar, CEO and co-founder, was lead architect at Cryptography Research Inc. Previously, he worked for NVIDIA. Anand Kashyap, co-founder and CTO, previously worked at Symantec and VMware as a researcher and an engineer in the areas of security and networking.
Product/Service Highlights: Firmware running on IoT devices can't be directly protected, so it has become a favorite target of hackers. The Centrifuge platform rapidly analyzes and continuously monitors the entire fleet of IoT devices sitting on an enterprise network. The agentless system can detect cryptographic keys, password hashes, known vulnerabilities and potential zero-day attacks.
Year Founded: 2017
Key Executives: Terry Dunlap, CEO and co-founder, was previously founder & CEO of Tactical Network Solutions. Prior to that he was a global network vulnerability analyst with the National Security Agency. Peter Eacmen, CTO and co-founder was previously co-founder and CTO of Tactical Network Solutions.
Product/Service Highlights: ShieldX is a cloud security platform that allows companies to protect applications deployed on multi-cloud architectures. ShieldX performs discovery for enterprise data and then uses machine learning to place the assets in logical groups. Policy definitions are created, and together the policy definitions and assets make up the intention of the application. Containerized microservices are used to build the intention package, allowing protection to scale. The microservices are orchestrated to turn the intention into actions that implement security policies.
Year Founded: 2015
Key Executives: Ratinder Paul Singh Ahuja, founder and CEO, previously founded Internet Junction, Webstacks and Reconnex, which were acquired by Cisco Systems, Extreme Networks and McAfee, respectively. He served as CTO and vice president of the Mobile and Network Security Business Units at McAfee.
Product/Service Highlights: StackRox begins with the assumption that security must be built and deployed like applications. The security stack must be configurable, modular, and highly scalable. At each layer, the security components must also avoid creating lock-in for developers so that it can adapt to changing circumstances. StackRox abstracts all the building blocks using the distributed sensory model. With this, they capture visibility and insight at every layer of the stack. The company continues the abstraction with the adversary intent model that breaks every step an attacker must take into its components. Security personnel sees the security risk from the perspective of the business risk rather than the minutia of the attack.
Year Founded: 2014
Key Executives: Sameer Bhalotra, co-founder and CEO, worked in cybersecurity at Google and as COO at Impermium. He served as senior director for cybersecurity on the National Security Council staff at the White House, cybersecurity & technology lead for the Senate Select Committee on Intelligence, and in various roles in the intelligence community. Ali Golshan, co-founder and CTO, was the Founder & CTO of Cyphort. Previously, he advised numerous Fortune 100 companies and worked with government intelligence agencies and defense contractors.
"What did you see that was really innovative?"
That's the question everyone who goes to a trade show hears on returning to the office. At the RSA Conference this month, one answer to the question comes in the annual Innovation Sandbox Contest. The ten finalists this year ranged from cloud offerings to RF security to software connectors, and each presented its unique vision of what companies most need to be secure.
At the end of the presentation, a panel of judges chose the most innovative, and at the end of the article you can see which company took home the trophy.
One thing that's worth noting is that the security industry is similar to the rest of the computer industry in that acquisition is a chief business model for those starting companies. Of the ten companies participating in the contest, two have already been acquired by other firms — and that number could change by the time you read this.
Here are the 10 young companies that vied for the title of "Most Innovative" in 2018 at RSAC - and a look at the one that came away with the title.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024