Cyber-security startup Awake Security announced its flagship technology platform on Nov. 19, providing organizations with a network-based approach for discovering potential cyber-risks.
The Awake Security Platform is network traffic analysis (NTA) technology that analyzes data packets to identify malicious and unauthorized activities. The platform’s automated triage capabilities provide risk ratings for security operations center analysis; it can be integrated with third-party endpoint security and IT orchestration tools.
“What we’re trying to do at Awake Security is build what I like to call the Alexa for network security,” Rahul Kashyap, CEO at Awake Security, told eWEEK. “We have built a device which passively listens to everything that’s going on in the network, and then we ingest that and convert data into advanced skills for the security operators to look at how devices are behaving.”
Kashyap was named CEO of Awake Security in July and is no stranger to the IT security market, having previously worked as the CTO of Cylance, which BlackBerry acquired on Nov. 16 for $1.4 billion. Kashyap is also a co-founder of E8 Security, which VMware acquired on March 28. Plus, he spent five years at next-generation cyber-security vendor Bromium as that company’s CTO.
Awake Security was founded in 2014 and has raised approximately $30 million in funding to date. Kashyap said Awake Security as a company has largely been in stealth mode; the Awake Security Platform is the company’s first real product launch. That said, he noted that it’s still early in the company’s development and a full formal launch is set for the RSA Security Conference in 2019.
How It Works
The Awake Security Platform looks at all data packets that traverse an enterprise, data center or cloud network, Kashyap said. He added that Awake is able to extract high-fidelity metadata, from which analysis is made.
“We are capturing the past, monitoring the present and looking into the future using machine learning and AI,” he said.
Awake integrates with multiple third-party tools including endpoint security from Carbon Black and orchestration from Demisto, among others. Kashyap said data from the third-party tools can be used to provide insight from different elements of an enterprise network.
There are multiple modes that the Awake Security Platform has to detect anomalies. With the similarity analysis mode, each type of device is grouped together and based on the behavior, so it’s possible to identify the outliers, he said.
SOAR
Kashyap emphasized that Awake itself is not a SOAR (Security Orchestration Automation and Response) vendor, though it can help to enable other vendors’ SOAR approaches.
“SOAR is an enabler; it basically takes stuff and connects the dots,” he said. “Our core focus and DNA at this point is network traffic analysis. We know everything happening from a network perspective.”
Awake can integrate with SOAR technologies, providing intelligence and valuable insights that are coming from the network, according to Kashyap. He noted that Awake can provide value quickly to users, looking to better understand what is running on their networks. Looking forward, Kashyap said Awake will be looking to further innovate in the area of encrypted traffic analysis.
“We will be heavily focused on innovating and really making sure that the platform stands out,” he said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.