2015 RedList: Security Startups

The 2015 results of the Red List Security Startup survey is done.  I really like doing this survey.  The ability to identify early stage security vendors that are doing good things is valuable in my mind.  This year the survey went out to over 40,000 security practitioners globally.  Absolutely, the largest group to date.  Thank you for everyone who participated.

Click here for the full report

This year we see a fair amount of the same players as we did in the 2013 report.  While a significant amount of investment has been done into the security space, that lack of new labels is an interesting point.

The top 20 Security Startups

  1. Phishme
  2. OpenDNS
  3. Okta
  4. BlueBox
  5. Agari
  6. Vormetric
  7. Risk I/O
  8. Cylance
  9. AlienVault
  10. LastPass
  11. Ionic
  12. Ciphercloud
  13. HackerOne
  14. Data Theorem
  15. Skyhigh Networks
  16. ProtectWise
  17. Now Secure (viaForensics)
  18. CloudPassage
  19. CrowdStrike
  20. Norse

Unconstrained by Actual Facts

Unconstrained by Actual Facts

Over the past couple of years the conversation of CyberSecurity has exploded from a term we’ve used as practitioners to one that is top of mind of most people in the U.S.  The media frenzy, initiated by the Snowden event, has created a multi-year news cycle that continues to today.  As a result we have a lot of commentators on the threats, compromises, budgets, skills, etc that are devoid of actual facts.  I’ve taken some time to try and apply some data to this overall “Threat” landscape that is talked about for so long.  While this is clearly not "scientific" and open to debate, I feel it does bring some data to the conversation as opposed to the faceless statements that echo in industry.  So much in fact, that a resonating chamber effect is starting to take hold well outside of practitioners since the media has focused.

Read More

Security Startups: Collaborative Threat Response

Since about 2008, the industry has shifted from be exclusionary in information sharing to making significant strides to do so.  Where the conversation was amongst practitioner "friends and family" it has moved to institutions to facilitate.  Most notably is the Defense Industrial Base (DIB), FS-ISAC, Threat Exchange, Bay Area CISO's and more.  While this has been going on, law enforcment has also been trying to establish good information sharing between FBI, Secret Service, DHS and private industry.  Most recently, President Obama issued an executive order to help move the overall capability forward.

While there is ongoing debate in the private industry on the value of "public to private" information sharing, it's well accepted and acted upon for "private to private".  In this space it's mainly focused on threat intel sharing and remediation actions.  With that there isn't, still, a really good way of automatically exchanging on the attacks and collaboratively managing an incident remediation with multiple outside parties.  

This is even more compounded as legacy on premise services are now externalized in 3rd parties, managing an incident takes on a whole new complexity level.  Ensuring information is appropriately accurate and updated in realtime as well as highly secure and confidential.  To do this drives a very strong need of a zero knowledge threat exchange and collaboration service.  FS-ISAC, to the best of my knowledge, has made the greatest strides in this space for vertacle private companies.  A new company came onto my radar Comilion (www.comilion.com) that attempts to do just that.

It got me thinking about where the industry is and where it's going.  Our interactions, between companies, has matured related to security and looks to continue for some time.  With services, like Comilion, driving a deeper ability of one companies security team to exchange ongoing threats and remediations with another accelerates the destruction of "company" security walls.  As we blend security teams together by making the barriers of collaboration lower we will start to see an accelerated upleveling of capabilities and response.

Moving forward, specific security cohort areas, like Silicon Valley and the financial services, will not be unique.  The exchange of information and remediations on operationally critical and sensitive areas will start to blend them across vertacls and geographic areas.  This will be a very interesting destruction of corporate, industry and geographic culture holding back an important response capability.