Avanan Building a Cloud of Clouds for Security

The startup exits stealth mode with a new approach to enabling security in the cloud.

cloud security

There are a lot of vendors with different security technologies, any one of which might be helpful to an enterprise's cloud security aspirations. The goal of security startup Avanan is to enable enterprises to easily make use of any one—or multiple—security technology and apply it to cloud usage.

Gil Friedrich, co-founder and CEO of Avanan, said that the company closed an undisclosed seed round in August 2014 from Magma VC and StageOne Ventures. The company name "Avanan" is intended to be descriptive of what the company's technology is all about. Avanan is a combination of two Hebrew words that together translate to "cloud of clouds."

The basic premise behind the Avanan platform is that it provides its users with cloud versions of more than 60 security technologies from vendors such as Palo Alto Networks, Check Point and Symantec. Friedrich said that the vendor relationships that his company has vary from vendor to vendor.

"With some vendors, we have a very close relationship and we are their cloud go-to-market strategy," Friedrich told eWEEK. "Every time one of their customers needs a cloud solution with their technology, they send the customer to our platform."

With others vendors, Avanan represents a parallel effort to the vendor selling its own solution for cloud. What Avanan is seeing is that if a customer wants just a single vendor for a single software-as-a-service (SaaS) application, the customer may go directly to the vendor, according to Friedrich. However, in many cases, customers want technologies from several security solutions working in sync across multiple cloud apps, he said.

That's where Avanan's data analytics and workflow automation suites come into play, providing a different approach than what can be acquired directly from each individual vendor.

"But in all cases, from the third-party vendor's perspective we are another channel," Friedrich said. "For those vendors that do not offer a cloud solution of their own, we are the only channel into a very large and growing market."

Avanan connects directly to each cloud vendor's infrastructure using their native APIs, Friedrich said. "For each cloud vendor, Avanan has created customized versions of their native products that translate their data center functionality into our standardized security model," he said. "Each integration is unique and done with little or no development effort from the vendor."

The back-end Avanan infrastructure stack runs on Amazon Web Services and makes use of Ubuntu Linux as the operating system, PostreSQL as the database and Nginx as the Web server. The application layer provides data plane and policy automation capabilities that enhance the overall user experience and functionality of running multiple cloud security technologies.

Friedrich explained that the Avanan data plane normalizes all SaaS and security solutions to the same policy language.

"Every cloud policy, user, file and event is combined with the output of each of the security solutions to provide the most comprehensive view of the customer's cloud in one place," he said.

The policy automation piece is enabled by way of Avanan's policy engines that allow for easy policy creation and automated remediation.

"The engine can use real-time metrics from both the cloud or security vendors to enforce compliance policy or defend against real-time threats," Friedrich said. "This brings together all a customer's cloud deployments within their security policy. Information from multiple vendors can be used to monitor and enforce policy."

In Friedrich's view, by providing interoperability across technologies and management features, as well as an easier path to deployment, Avanan is an option over just going directly to any one security vendor.

The real strength of the Avanan platform, he emphasized, is in its governance platform.

"By connecting multiple SaaS applications into one policy engine, companies can now create rules that follow users and data as they move from desktop to data center and from cloud to cloud," Friedrich said. "This platform will expand to offer more powerful tools that will not compete with our vendor partners, but leverage them in a way that makes them each more powerful."

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.