Since September 2015, Gaurav Banga has been working on a new security company called Balbix to help calculate cyber-resilience and breach risk, though few details about the effort have been publicly disclosed. That changes today as the Balbix platform and the company are now officially emerging from stealth mode.
Balbix isn't Banga's first cybersecurity startup, he previously was the co-founder and CEO of Bromium from April 2010 until May 2015. While Bromium's core promise is about using virtualization technology to isolate systems and minimize risk, Balbix works in a different area.
"When I was at Bromium interacting with some of the really great customers we had over there, one thing that kept coming up were questions about the ability to actually see and understand risk," Banga told eWEEK.
What Balbix's technology platform provides is a sensor network that is deployed across an enterprise's IT assets that continuously looks for risk factors and things that can potentially go wrong. The data from the sensor network is all sent to the Balbix backend that uses a machine learning analytics model to predict potential breaches and estimate the resiliency of the organization to defend against attacks. Based on the predictive breach risk analysis, the Balbix platform is also able to recommend potential remediations to limit risk and improve resiliency.
Banga said that Balbix provides a macro-view of risk providing an overall heat map showing the various areas of potential weakness within an organization.
"Ultimately what we are trying to do is give organizations all the visibility they need to make the right prioritization decisions for operations, as well as security projects that are being worked on," Banga said. "Instead of being rule based and reactive, we are predictive and we try to self- learn as much as we can."
The technology stack that enables Balbix's predictive model makes use of seven different algorithms to help provide analysis. Banga noted that the machine learning backend his company has built is based on Google's open-source TensorFlow project.
"We're using multiple machine learning techniques in parallel, combining analysis of both labelled and un-labelled data," Banga said.
Categorization of data, users and applications is one of the key problems that Balbix machine learning helps to solve. Once the data is categorized, Banga said it's critical to understand the impact of data and devices and what would happen in the event of a breach.
"We have what is effectively a variant of Google's PageRank algorithm, written in an AI (artificial intelligence) manner," Banga said.
The ranking algorithm helps to calculate the business impact and value of a given set of data and devices. Another algorithmic model that Balbix has built aims to determine why a device or its data might be at risk from a breach. Beyond just the AI model, Balbix has also developed a visualization layer to enable users to make sense of the data analysis.
The name Balbix is synthetic word that Banga and his team created, and it is related to the geometric shape known as a balbis, which is the same shape as the letter H. With the name Balbix, the idea is that the company is breaking down security problems into smaller components, that on the surface might not have a regular pattern.
"Balbis shapes are commonly found all around us, even if you don't realize it" Banga said. "Even a square is composed of a couple of balbis shapes put together."