At the RSA Conference, cybersecurity startups compete in the famed Innovation Sandbox competition. This year’s entrepreneurs include authors of popular security standards, founders tied to Google AI gurus, and the contingent of cyberwar veterans. In the end, Apiiro takes the crown for managing sprawling risk across SecDevOps.
This year’s finalists are unusually well funded, and two already boast significant Fortune 500 penetration. Judge Dorit Dor, VP Products at Check Point, explains these unusual economic conditions, “2020 somehow opened the doors to make unbelievable changes” in IT infrastructure. Covid transported the cloud migration to the finish line, and there’s already massive demand for next gen security solutions.
At Innovation Sandbox founders give short presentations, followed by a sometimes combative Q&A with judges. Three trends emerge as these ten finalists battle it out:
TREND 1: A Single Pane of Glass is Needed to Secure DevOps
Prior year’s vendors showcased code analysis. This year they manage risk across the entire software development lifecycle. It’s not surprising our 2021 champion, Apiiro, did this so well.
Apiiro: Founded by Israeli Defense Force (IDF) and Microsoft veteran, Idan Plotnik, who previously worked on Azure Advanced Threat Protection. Apiiro draws from experiences signing off on risk for product releases, and their solution seamlessly integrates into DevOps. It auto-maps code repositories, APIs, data models, and recognizes code that handles personal information and authentication.
Apiiro also profiles humans, the kind of code they write, and their trustworthiness. Learned behaviors become the basis to detect insider threats. Supply chain attacks are detected by comparing executables to the code repository. Apiiro is a single pane of glass for SecDevOps, reporting risk and automating review, testing and remediation.
Wabbi: Had this year’s female founder, hopefully we’ll see even more women leading startups in the future. Founder and CEO Brittany Greenfield brings a fresh perspective to securing DevOps, mixing in a strong ERP background. Wabbi is a policy and orchestration engine for the application product owner, an interesting approach to securing a code base that SecDevOps technically doesn’t own.
TREND 2: The Cloud Identity Layer is Making Malware Detection Niche
For the first time, not a single malware detection startup appeared in the finalists. Is that really surprising? It’s difficult to envision spreading malware through a Fortune 500 company’s multi-cloud assets. On the other hand a credentialed identity is a vehicle to reach into public, private, application and data clouds.
Wiz: Typifies the new products battling threat actors inside the cloud. Different than malware focused endpoint solutions, Wiz collects a graph of identity, secrets, networking data and vulnerabilities. Their goal is prevention and remediation. Founded by Azure Cloud Security Group veterans, their vision extends beyond cloud platform configurations. Wiz sees into the workloads, containers and lambda functions sitting on of top these platforms. It already boasts a 10% Fortune 500 penetration.
Abnormal Security: Brings advertising tech’s deep AI, ML talent to email security, having a CTO that worked for Google AI guru Peter Norvig. They recognize email providers, like Microsoft, already have excellent threat detection. Abnormal ingests content, user relationships, external addresses, and examines URL destinations using computer vision. Then they add User Behavioral Analytics (UBA) to detect the top 1% of attacks that cause 99% of loss.
Strata: A distributed identity orchestration platform, founded by authors of the SAML authentication standard. Today’s enterprise has siloded identity stores, such as Okta, Azure and legacy on-prem. Strata believes the coupling of these silos to applications mark the major obstacle to multi-cloud app migration. Strata abstracts an application’s API calls into their fabric, where it orchestrates identity across the multi-cloud — all without code changes.
During the Q&A, the judging panel expressed concern that Strata’s market may be limited to only large complex enterprises. Strata Co-Founder Eric Leach didn’t dispute this, but focused on delivering ROI.
Axis Security: A unified access cloud that connects users, even ones on unmanaged devices, to cloud resources. Axis Security enforces policy, monitors and continuously authorizes. Axis Security believes it’s time to dump the many vendors and policy engines to use a zero trust network access product.
Deduce: Leading the charge to bring identity intelligence to identity access. Deduce’s intelligence comes from 150k websites and billions of authentications/day, not scraped data, but actual JavaScript on page. These user identities and behavioral intelligence are licensed to monitor consumer logins.
TREND 3: The Need to Secure Emerging DataOps
Dell Technologies Capital Managing Director, Deepak Jeevankumar, notes that to spot new product categories early, find a “non-cyber IT trend that’s creating a tailwind.” For example, BYOD caused an explosion in mobile security. Today, data vendors like SnowFlake are driving migrations to new data clouds, creating a huge tailwind for these DataOps security startups.
Satori: Provides privacy, security and data masking. Their data architecture is identity aware, masking secrets in a cloud native, low latency pass through gateway. Data owners grant access with Satori’s convenient self service workflow.
During the Q&A, judges vetted the new DataOps approaches aggressively. Judge Shlomo Kramer starts off wondering if customers want another in-line proxy
Cape Privacy: Helps organizations that would benefit from outside Al, ML expertise, done by sharing a version of data that’s useful to outside ML engineers, but with obfuscated secrets. Cape Privacy uses secret sharing techniques to secure training data, homomorphic encryption for the transfer, and Differential Privacy (DP) techniques. Their differentiator is a workflow where customers teach it secrets to target and tune down noise in output data, a common downside to DP approaches.
In the Q&A, Judge Shlomo Kramer points out that homomorphic frameworks already exist but didn’t sell. Cape’s founder claims they’re different, a cocktail of approaches and not just homomorphic. Judge Dorit Dor fires back, commenting that trust is the actual barrier to adoption.
Open Raven: Founder Dave Cole is committed to open code and public benchmarks. Open Raven is a cloud native platform aimed at restoring visibility and control to data lakes and warehouses. Most data is static and costly to churn through, so Open Raven uses ML and Function-as-a-Service (FaaSS). This serverless technology runs analysis at the data, maintaining privacy, and staying cost effective when identifying and classifying data at petabyte scales.
During the Q&A, CEO Dave Cole is asked for a comparison with existing players. He wryly dismisses them as legacy regular expression searches vs. his layered ML and API based validation approach.
Conclusion
As the world settles into post-pandemic normalcy, it needs these visionaries and cutting edge products presented at Innovation Sandbox. In 2021, RSA Conference delivers yet again.
About the author:
Paul Shomo is a media correspondent and contributor to eWeek. A cybersecurity analyst, he was one of the engineering leaders behind the security forensics brand, EnCase.
