Portshift Platform Looks to Secure Application Identity in the Cloud

Cyber-security accelerator Team8 is helping to launch Portshift, in an effort to provide a new form of application identity-based security.

Portshift

Assigning identity to applications has long been a challenge for organizations, and it's one that startup Portshift is looking to help solve.

Portshift officially launched on Nov. 20, backed by Israeli cyber-security accelerator Team8 and $5.3 million in seed funding. Portshift's core technology uses digital signing techniques within the development and deployment phase to validate and authenticate applications, in an effort to improve security.

"We believe that it's time for a new paradigm shift when talking about the application security in the cloud," Ran Ilany, Portshift’s CEO and founder, told eWEEK. "What we're doing is building a method, a solution which intertwines security and operations together, essentially from the get-go, from the CI/CD, the very beginning of the development life cycle."

Team8 is led by Nadav Zafrir, former commander of Israel's Technology and Intelligence Unit 8200, which is similar in many respects to the U.S. National Security Agency (NSA) and was founded in 2013. In a 2016 interview with eWEEK, Zafrir defined Team8 as a cyber-security foundry that creates new companies to fill perceived gaps in the marketplace. Among the companies that Team8 has created are Illusive Networks, Claroty and Hysolate.

How Portshift Works

Ilany said that the way Portshift works is via APIs that integrate with any continuous integration/continuous development (CI/CD) system. CI/CD systems, including Jenkins and Jira among numerous others, are used by developers to build and deploy applications.

With Portshift, application identities are generated through CI/CD with information embedded within the system, Ilany said. The embedded identity information can define where a given application is allowed to run and what other services the application is allowed to communicate with.

"What the Portshift platform does is takes information from the CI/CD and generates an identity, digitally signs the application and then deploys it out to the cloud," he said. "So when two different applications are communicating in the cloud, they have the context of who signed the applications."

The digital signing of the application identities is done via standards-based x.509 digital certificates and the TLS (Transport Layer Security) protocol. Ilany explained that Portshift checks the certificate to make sure the signature is valid and then allows the traffic stream to continue.

"You can think of it as a proxy, but essentially Portshift is something that is distributed with the actual host images in the cloud and it's actually part of the CI/CD cookbook or recipes that are integrated with DevOps tools," Ilany said. "We are very much a solution that is tightly bound with DevOps orchestration tools, so this is will be very natural for DevOps to deploy."

A core vision for Portshift is to provide threat prevention capabilities for cloud applications, Ilany said. As such, when a policy violation is found with an improperly signed application, Portshift can isolate the offending application, so that it can't communicate with other applications by blocking the process so it can't run in a certain environment.

The use of Role Based Access Control (RBAC) is often recommended to help provide identity-based access to cloud applications. Ilany sees Portshift's technology as being complementary with an organization's existing RBAC deployment.

"Our platform can actually import an identity of the user, translate it to the identity of a machine, then from there the access between processes will be authenticated based on the RBAC," he said.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.