The need to share security information to help defend against attacks is often considered a best practice, but how do you share that information in a safe, secure and anonymized way? That is the focus of security startup TruStar, which announced a new $2 million seed round of funding led by Resolute Ventures.
The security information-sharing specialist plans to use the new capital to fund continued development efforts as well as sales and marketing.
"The basic idea we had when we started the company is that companies really need to be able to share incident data anonymously while also protecting privacy," Paul Kurtz, co-founder and CEO of TruStar, told eWEEK. "We think we're at a terrific point to take in some seed funding, we have a product, and we have several companies that are beginning to share information."
TruStar is actively working with a few companies and organizations, including Rackspace and the Cloud Security Alliance (CSA). "The CSA is establishing an incident-reporting center for cloud providers, and users and we're central to that effort," Kurtz said.
From a technology perspective, Kurtz explained that the data is sent by companies though an encrypted channel and then TruStar's technology correlates the information for analysis. The technology that enables the encrypted anonymous transfer currently has patents pending on it.
"The technology allows us to know enough about a company that is sending something to us, so we can confirm they are a part of our effort, but not enough to determine who they are," Kurtz said. "It's basically a complex token exchange between the providers of information and TruStar."
The TruStar platform includes the Orion and Pulsar technologies. Orion is TruStar's open-source information pull where the system is looking for similar reports to ones submitted by users. Pulsar is an encrypted end-to-end chat capability that enables secured conversations.
The idea of threat intelligence sharing is not unique to TruStar; multiple vendors in the market are attempting to solve the challenge is different ways. Verizon has its VERIS (Vocabulary for Event Recording and Incident Sharing) framework, which helps inform its annual Data Breach Investigations Report (DBIR). AlienVault has a platform called the Open Threat Exchange (OTX), which enables threat sharing.
TruStar is taking a different approach due to its privacy techniques and provides a platform that can connect organizations, Kurtz explained, adding that his goal is for his company to be to the security industry what the Bloomberg terminal is to the financial services industry.
"Bloomberg brings in all kinds of data feeds together to help traders make good decisions about buying and selling; the system also includes chat," Kurtz said. "That's where TruStar will go, being a data exchange platform with real incident data, correlated with other threat feeds, so enterprises can make better decisions to protect themselves."
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.