I’ve been attending the RSA security conference for years, and I always look forward to meeting security vendors — large, small, and all sizes in-between — to learn about their new (and updated) security products and services. Last year I wrote up a list of what I thought were some of the best security vendors to watch from RSA Conference 2013, and I’ve decided to do the same this year.
What follows is a list of 10 security vendors that I think are worth watching in the coming year. In my opinion, all of them have something unique to offer, are approaching an existing security problem in a new way, or have decided to take a direction that doesn’t follow the rest of the vendor herd when it comes to the latest buzzwords or hype cycle. I met with most of these vendors during (or after) RSA, but I also solicited feedback from other journalists, show attendees, and security analysts for their feedback as well.
1. Barracuda Networks
While a vocal number of IT vendors are loudly proclaiming the benefits of cloud services and pushing IT professionals to adopt them, the approach taken by Barracuda Networks should be music to the ears of any IT department not so eager to throw their infrastructure into the hands of an offsite datacenter. Barracuda isn’t against the cloud, but they’re convinced that their customers — who are primarily small- to medium-sized businesses (SMBs) — want options, ranging from on-premise hardware to off-premise cloud solutions.
Barracuda CEO William “BJ” Jenkins told me as much during our on-site interview when I asked him about IT professionals who aren’t so ready to hop on the cloud bandwagon. “We love those customers,” Jenkins said. “To me, that’s a customer choice…in almost every one of our solutions you’ll see a physical appliance, you’ll see a virtual appliance, and you’ll see a cloud-connected option, so we don’t have a preference. We’ll go where our customers want to go.”
Barracuda’s announcements from the conference underlined that multi-platform approach, led by news that the Barracuda NG Firewall was now available for Windows Azure, and the recent Q1 2014 launch of the hardware-based Barracuda NG Firewall F280.
One of the most time-consuming and challenging tasks for many IT professionals at mid- to large enterprise is keeping up with the increasing number of compliance and regulatory frameworks, from FISMA and FedRAMP to Sarbanes-Oxley, NIST, and HIPAA. To get more info on that trend I spoke with Catbird CTO Randal Asay and VP of business development Chris Tamblyn at RSA, who explained that Catbird is focused on providing policy-based security for virtualized and cloud environments via their Catbird application suite.
“Automation is an important part of keeping today’s virtualized environments in compliance with all of these regulations,” says Asay. “We’ve developed products that can give customers the same benefits to compliance and security automation that they’re realized with compute virtualization.” Catbird 6.0 is now available and supports Microsoft Hyper-V and VMware hypervisors, as well as VMware (vCloud) and Cisco (VSG) networking and firewall applications.
Business and organizations of all sizes generate colossal amounts of digital information these days, and making sense of all of that information is a next to impossible task. That’s why Security Information and Event Management (SIEM) has become such a hot topic over the last few years, and one of the leading companies in the SIEM market — which is coincidentally filled with industry titans like Intel Security, IBM, and HP Arcsight — is LogRhythm.
David Pack, the Director of LogRhythm Labs, told me during a sit-down interview at the LogRhythm offices in Boulder, CO, that SIEM allows IT managers and security professionals to turn data into intel via analytics. Pack also said that while the security industry as a whole may have become overly-enamored with the phrase “big data” — see the Xzibit meme being applied to big data as an example — the value of being able to sift through reams of enterprise data to spot vulnerabilities and track breaches is becoming readily apparent. LogRhythm has been making waves on the partner front, was recently positioned in the leader’s quadrant of a recent Gartner SIEM report, and is clearly a security vendor to watch for 2014 and beyond.
Another company that has drawn the attention of security analysts is Mocana, a firm that specializes in mobile security. More specifically, Mocana provides protection for applications on mobile devices directly, and has achieved some significant inroads into the enterprise thanks to some impressive partnerships, namely with SAP for their mobile application protection technology.
“[Mocana] isn’t a new startup, but it’s in some interesting areas,” says Heidi Shey, an analyst at Forrester Research for security and risk. “[Most] notably with embedded security for the internet of things, in addition to mobile app security.”
I first covered NetIQ years ago — way back in 2008 or so — when they were first launching their NetIQ Aegis IT process automation (ITPA) product. NetIQ’s parent company Attachmate acquired Novell in 2011, and that brought a host of new security and identity products under the NetIQ umbrella. I spoke with NetIQ identity and solutions strategist Travis Greene and director of solution strategy Geoff Webb at RSA this year about what’s new for NetIQ, and we discussed how cloud and mobile security — as well as identity — were hot topics these days. Identity has been getting a lot of attention lately, and NetIQ’s Identity Manager 4 has been winning awards and generating accolades. Other new products include NetIQ CloudAccess 2.0 and NetIQ Mobile Access.
In discussing the security risks of the cloud and mobile devices, Webb suggested that the “…real risk of mobile devices is is not necessarily what data is on the device, but what the apps on the device have access to.” NetIQ Mobile Access and CloudAccess give IT admins additional tools to make sure that sensitive data isn’t viewed by those who shouldn’t have access, and the fact that NetIQ has a strong portfolio of products that deal with identity, cloud, and mobile security seems to leave them positioned well for future growth.
There are lots of companies with cloud security products, and one of the standout companies is Qualys. Cloud computing and cloud security first emerged as buzzwords years ago, and Qualys is one of the companies helping turn what was once marketing hype into reality. Their QualysGuard cloud platform was recently updated with a continuous monitoring feature, and the QualysGuard web application firewall (WAF) can now protect apps in Amazon EC2 as well as on-premise environments.
I spoke with Qualys CTO Wolfgang Kandek at RSA, and he mentioned a new Qualys offering called Top 4 Critical Security Controls — just like their BrowserCheck service — is a free, easy-to-use way to check vulnerabilities. Developed in partnership with the Council on CyberSecurity and SANS, the Top 4 controls lets admins check their environment for the four most common attack vectors. “The Top 4 can evaluate the PCs in your IT environment to see if your OSes are patched, applications are up to date, only approved software is running, and what the admin privileges are for those machines,” Kandek says. “The Council on CyberSecurity found that most IT security threats come from weaknesses in those four areas.”
7. Red Owl Analytics
Perhaps the most talked-about vendor was Red Owl Analytics, a new security startup that emerged victorious as the winner of the RSA Conference Innovation Sandbox competition. Red Owl was also the company that I heard mentioned most often as a company to watch, based on the informal discussions with attendees and analysts. “Their product simultaneously fascinates me and scares me,” Adrian Sanabria from 451 Research said. “Red Owl essentially does data analysis on people…and can give employers risk assessments based on the communication patterns of employees, who they communicate with, etc.”
The key technology behind Red Owl’s offering is called Reveal, and is software that teams behavior analysis with the mountains of communications data that employees can generate. Red Owl describes Reveal as a tool that can “…help your compliance team understand who your employees interact with, which outside firms or expert networks they communicate with most frequently and whether there are unusual shifts in communication patterns prior to specific transactions.”
One of the companies that seemed to be everywhere at RSA was Splunk, a company that provides software that lets system administrators and security professionals monitor, search, analyze, and otherwise sift through and parse the massive amounts of data that a modern IT infrastructure can generate. Splunk is available in both free and not-free (Splunk Enterprise) offerings, and it can be used to sort through data that is on-premise on physical hardware or virtualized, as well as in the cloud. Splunk is also well-known for their humorous tag-lines and T-shirt designs, with “Finding your faults, just like your mom” as one of the most apt.
Splunk’s demonstrated ability to derive useful information from internal IT data is why so many other vendors were touting their integration with Splunk, which provides a handy API (dubbed REST) that gives developers the ability to “…programmatically index, search, and visualize data in Splunk from any application.” The Splunk partner list is filled with a who’s who of the IT industry, and that trend will likely continue.
I’d imagine that the vast majority of system administrators reading this have IT environments filled with a number of disparate cloud apps, from the marketing team using SurveyMonkey, the sales team using Salesforce, and the everyone using Dropbox and Google Apps to share files and documents. Bit what happens when a user leaves your organization, and still has separate files and documents in those disparate cloud services.
That’s where Symplified comes in. Not only does Symplified provide a unified single sign-on for all of your cloud apps, it also integrates with your on-premise user directories like Active Directory. It also supports provisioning and de-provisioning, so when a users leaves you can no only shut down and remove his access to on-premise IT resources, but to all cloud-based resources as well.
In an industry filled with security giants, Titus has steadily made a name for itself by primarily establishing expertise in a narrow (but vital) category of IT security: email and content classification. If you work in the defense or health care industries, you know that certain information is privileged and has specific distribution requirements. Titus specialized in the easy classification of those important messages and documents to make sure that they don’t get received or read by the wrong people.
Titus used the RSA Conference to announce improved integration between their products and McAfee Enterprise Security Manager, as well as to roll out mobile device improvements to their SharePoint Security Suite. “Data should be protected wherever is goes,” says Stephane Charbonneau, the founder, CTO, and VP of product development for Titus. “Companies can lose their brand reputations with one email sent to the wrong recipient…we give them the tools to identify and protect those communications.”
Have any security companies or products that exhibited at RSA this year that you think deserve a place on this list? Drop me an email with your favorites.