Menlo Security today announced a partnership with Webroot that enables the delivery of granular intelligence regarding threats detected via the Menlo Security Isolation Platform. Webroot’s web classification data empowers IT administrators to block websites that originate threats and variously implement more selective threat detection and remediation protocols for those sites, where possible. Menlo’s partnership with Webroot also allows customers to perform more granular analytics on incoming threat intelligence that subsequently enables the development and ongoing modification of strategic approaches to the management of security threats based on data regarding their type, frequency and originating source. Meanwhile, Menlo Security continues to differentiate in the space of cloud and IT security vendors that leverage isolation approaches to quarantine threats as opposed to using analytics to differentiate between malicious and innocuous web traffic. Whereas many isolation methodologies focus on securing the endpoint in the form of end user devices, Menlo Security’s isolation platform stops malware, phishing and other malicious code before it has the opportunity to reach an endpoint device. Today’s partnership with Webroot bolsters the level of granularity it can provide customers about threats within their IT infrastructure and represents yet another feather in its cap as the battle for leadership in the cloud security space heats up in earnest.
U.S. Director of National Intelligence James Clapper revealed that cloud computing technology will prove central to the IT budgets of U.S. spy agencies over the next five years. In a speech at the Center for Strategic and International Studies, Clapper remarked that cloud computing has the “potential for achieving savings and promoting integration.” Clapper elaborated that considerations of data security would become paramount as more and more highly classified data moved into the cloud in order to enable enhanced access and greater collaboration amongst intelligence employees. The National Intelligence Director noted that the next five years would witness significant changes in the methodology used for tagging and sharing data across different intelligence agencies. Congress passed the Intelligence Reform and Terrorism Prevention Act in 2004, which created the Information Sharing Environment (ISE) to promote the exchange of intelligence related to terrorism. Although it is widely believed that the U.S. has enhanced its intelligence infrastructure for sharing classified and sensitive information, Clapper announced that the U.S. would continue to invest heavily in auditing and monitoring technology and develop a “national insider threat policy” in order to avoid incidents such as the 2010 WikiLeaks disclosure of classified information on the order of hundreds of thousands of classified records. Big Data technology, meanwhile, is also leveraged by U.S. intelligence agencies as evinced by Kitenga, whose Hadoop-based ZettaVox analytics platform specializes in actionable business intelligence and enterprise search capability for deriving insights from massive amounts of structured and unstructured data.
Amazon Web Services and CheckPoint announced the availability of Virtual Appliance for Amazon Web Services, a product that empowers Amazon Web Services customers to deploy more than 30 security applications within their EC2 virtual environment. Virtual Appliance for Amazon Web Services enables AWS customers to select and deploy applications for firewall, antivirus, URL filtering, application control, intrusion prevention, mobile access and data loss prevention. Because the virtual appliance leverages the same code used by CheckPoint’s on premise security applications, it caters to users already familiar with CheckPoint’s security products by delivering applications that resemble those within its on premise security suite. CheckPoint’s base product for Amazon Web Services features a firewall and virtual gateway priced at $2000. Users can subsequently add more “blades” to their virtual appliance that correspond to the security products they would like to deploy within a virtual environment for $1500 per blade. By partnering with CheckPoint to deliver a virtual appliance, Amazon Web Services started off the New Year by addressing cloud security, one of the most pressing contemporary concerns in the cloud computing space.
Piston Cloud Computing recently completed a $4.5 million funding raise from Hummer Winblad and True Ventures, Divergent Ventures and other angel investors. According to the company’s blog, the company’s offering “extends the OpenStack cloud solution to address the security, performance, and lifecycle management problems in today’s hybrid cloud approaches, and specializes on the federation of large, complex datasets that have regulatory requirements for authentication and access control.” Right off the bat, Piston positions itself in the red hot cloud computing security space with reference to its ability to manage large-scale datasets with complex regulatory requirements regarding privacy and security issues. Piston Cloud Computing was founded in early 2011 by Josh McKenty, lead architect for NASA Nebula’s Cloud Infrastructure, and Chris MacGown, Technical Lead at Slicehost, which was acquired by Rackspace in 2008. Puneet Agrawal of True Ventures commented on True’s support of Piston as follows:
At True, we have been following OpenStack, the open source cloud operating system, very closely over the past year. What became clear quickly was that OpenStack was real and gaining momentum with developers in addition to large enterprises. The project now includes over 80 participating companies, including Dell, Cisco, Citrix, and Rackspace, among others…So when we had the opportunity to fund the lead architect behind its development, we jumped at the chance.
Agrawal’s remarks speak volumes about the respect had by OpenStack in investor circles. Piston represents just one of the recent commercializations of OpenStack, following closely open the heels of Citrix’s Project Olympus. The industry should expect more commercializations of OpenStack as companies lower the cost of development by incorporating OpenStack into the core of their cloud offering. Conversely, investors will watch the fortunes of projects such as Piston and Project Olympus closely in order to gauge the rigor of OpenStack’s process for incorporating code from contributors all over the world. Despite the fierce need for security products for the cloud infrastructure space, Piston faces stiff competition from a constellation of other companies gravitating to the cloud security space. For example, Bromium, a San Francisco based start-up that recently raised $9.2 million in Series A funding from Andreessen Horowitz, Ignition Partners and Lightspeed Venture Partners, emerged from stealth mode in June and announced its operation at the intersection of “virtualization and security.” Peter Levine, partner at Andreessen Horowitz, noted that “Bromium turns today’s security model on its head and exploits virtualization and the latest hardware features to shift the balance of power in favor of the good guys.”