Avanan Boosts SaaS Application Security With Cloud-Native Approach

Avanan expands its efforts to protect SaaS-based email and collaboration apps by building its own AI and user behavior analytics capabilities to help protect enterprises.

Avanan

Cloud security services startup Avanan announced on Dec. 17 that it has raised $25 million in a Series B round of funding that will help the company expand its capabilities.

Avanan is in the business of providing enterprises with security for cloud-based email and collaboration services. The company's platform provides both a marketplace that enables third-party security technologies and a growing capability of its own custom-developed enhanced capabilities. The core Avanan platform makes use of the open-source Kubernetes container orchestration system, which enables the system to rapidly adjust to meet different demands.

"While originally everything we did at Avanan was everything was third-party and security app store, we found that some of the technologies weren't adapting well to cloud environments," Gil Friedrich, CEO of Avanan, told eWEEK. "Specifically, things like UEBA [User and Entity Behavior Analytics] and the ability to detect unsecured configurations in the cloud or compromised accounts were lacking, so we developed our own technology there."

Avanan, which translates from Hebrew as "cloud of clouds," emerged from stealth in November 2015 with the promise of helping organizations be secure in the cloud. The new round of funding is the first since the company announced its $14.9 million Series A round of funding in May 2016.

Originally, Avanan simply provided customers with the ability to choose from a variety of third-party security technologies to help secure cloud assets, according to Friedrich. Over the last year, the company has shifted to also providing bundles of complementary services. There are now bundles for phishing and malware prevention as well as data loss protection (DLP), among others, he said.

"Within the bundle we incorporate some of our technology and some third-party technology," Friedrich said.

How It Works

The Avanan bundle for phishing protection includes Avanan's artificial intelligence (AI) capability. Friedrich explained that the AI system looks at several hundred different indicators within every email to help make a determination if any malicious activity could be occurring. Indicators include items such as past correspondence between the sender and the receiver, as well as natural language analysis on the subject and content of the email. Friedrich said that all the indicators are fed into an algorithm that was trained on Avanan's data set.

"Generally, with AI, what you train the machine on is what it's going to catch," he said. "So we trained specifically on the things Microsoft misses and specifically on the attack methods that people use in order to bypass Microsoft."

Avanan has its own active security research group, which works to uncover new attack techniques that are used to further improve the company's AI engine. Friedrich said that part of the research efforts involves the creation of fake accounts that are purposefully vulnerable that easily fall prey to phishing attacks. The Avanan research team then tracks how attackers are able to exploit the victim accounts in order to uncover different attack methods.

Cloud-Native Kubernetes

Avanan bills itself as a cloud-native technology platform, running all of its infrastructure components on the Amazon Web Services (AWS) cloud, making extensive use of the open-source Kubernetes container orchestration engine. When Avanan sees a new attack, its analysts can push new code immediately to help protect customers, according to Friedrich.

"There's a whole process we have with Kubernetes, including staging and then releasing new code," he explained. "Being able to do that just gives us a faster, quicker way to respond to emerging attacks."

Looking forward, Friedrich said that the new funding will enable Avanan to accelerate its growth and enhance its security technology. In particular, he expects that there will additional enhanced capabilities rolled out by his company around phishing protection.

"Hackers are very advanced, and we constantly see new attacks around malicious links and emulating URLs," he said. "There's just a lot of work to be done there from an R&D perspective, and we would have done it anyway, but we'll do it faster now."

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.