I recently attended a press and analyst summit run by UK events company NetEvents. The event, held in San Jose this year, introduced me to a few companies I’d not come across before that offer interesting products and services. Here are five I think are worth keeping an eye on.
Vectra has been around since 2012. Their big pitch is real-lime monitoring of network traffic using machine learning and AI to identify threats as they occur. They analyse all inbound and outbound network traffic to detect anomalous activity.
The company's core product is called Cognito.
Vectra's CTO, Oliver Tavakoli, said "We sit on a lot more data, we have the processing capability to process a lot more data. It becomes impractical at a certain point to have a user stare at this data, squint at it, and try and find patterns in it. Machine learning is very good at finding patterns".
The reason I think Vectra is worth keeping any eye on is their ability to manage large volumes of data and find the unusual. Yes will become increasingly critical as the IoT boom continues to accelerate. Although they aren't alone in this area of infosec, based on what i saw and heard, worth keeping an eye on. They seem to have the right building blocks in place although I'd not be surprised to see the company acquired and integrated into one of the larger security companies.
Ziften is another player in the infosec space. They provide a tool that dealers real time data from endpoints about potential threats and unexpected activity. It runs as an agent on endpoints, servers and VMs, delivering data t a central database that can be queried.
As well as giving you information about activity, it delvers some interesting insights into what devices are connected to your network and what they are doing. For example, you can use it to instantly learn how many users are connected to a specific application (which can assist with licensing and resource provision).
Roark Pollock, Ziften's senior vice president said "IoT devices are getting smarter and smarter. We’re not talking about dumb micro-controllers for control units that are air-gapped anymore. We’re talking about smart sensors in the network. We’re talking about smart gateways. Most of these are based on some form of Linux now. They’re fully functioning PCs for all practical purposes, almost all of these devices, and we don’t treat them the way we do devices in our enterprise networks yet. Our view of the world is, look, if you’re going to have all these connected devices, you’ve got to be able to monitor both the state of that device, what is the hygiene of that device? Is it fully hardened in your environment?".
End-point agents are not that popular with many admins but, on the other hand, trying to find out what's happening on an end-point needs some sort of tool that can directly observe what's going on. Ziften's approach looks solid and they are looking for ways to make it easier for businesses to monitor what's going on as the number of connected devices continues to expand.
I took a look at Intent Based networking last week - this is Apstra's main area of focus. They have developed their own Network operating System. Dubbed AOS, the software is is device-agnostic and works across all major vendors as well as open alternatives.
While players such as Juniper and Cisco continue to push their own proprietary solutions pretty hard, it's clear many people are edging towards more generic solutions that allow companies to choose the best hardware and software combination to suit them rather than having to compromise with whatever vertically integrated vendors offer.
Apstra's CEO and founder, Mansour Karam said "The industry has a little secret. 85% of networking teams today still operate their networks like they did in 1995, essentially, manually, box per box, using command lines which are arcane and specific to every hardware vendor".
Karam said intent based networks, that can dynamically and autonomously react to changing network conditions, will become increasingly critical as the volume of devices we connect, which he says is over 150,000 per minute globally, increases.
While software defined networks helped this journey, Apstra is hoping to ride the intent-based networking wave as greater autonomy becomes a feature of modern networks.
Coheisty's founder, Mohit Aron, is formerly of Google and helped the search giant build the Google File System. He then moved onto Nutanix, where he said he behind the concept of hyper-convergence with the rest of this team there. He's now focussed on creating his own storage technology.
Aron said, "My company, Cohesity, is all about consolidating the unsexy part of the data centre that we collectively refer to as secondary storage. What is secondary storage? It consists of backups, it consists of tasks in development, it consists of a lot of analytics - anything that's non-mission critical - we're all about that".
Having recently closed a deal with Morgan Stanley, the major bank, Aron said he was able to reduce their storage costs by over 50% by consolidating the data they had stored on multiple cloud services and other storage. Part of Cohesity's value is the ability to seamlessly move data between cloud services and the data centre was needs change.
Over the last decade, two major trends have heavily influenced the way we handle data; volume and cost. We now store more data than ever and storage has become relatively inexpensive. As a result, businesses have expanded their capacity. But that has resulted in data being spread far and wide leading to potential security issues as well a management challenges.
The fintech revolution has resulted in some significant changes to the banking business. This has been most evident in the payments industry.
OnDot is all about protecting consumers from banking fraud and helping banks reduce their costs. They provide services such as time-limiting the ability to use a credit card, limiting where it can be used and providing extra identity validation when a card is used.
The company's president and director Bharghavan Vaduvur said, "Our perspective is that the only way out [of high likelihood of security breaches] is to give consumers better visibility and it's really security through engagement, right? So if you look at it historically, there's always been a dichotomy between reaching out to the users and giving them too much power versus security, right? But now with new devices enabling always on communication, really higher engagement does driver higher security".
Vaduvur demonstrated elements of OnDot's service to me, showing me how the service they deliver can limit when a credit card is used. For example, they make it possible for an end-user to control what countries a credit card would work in. Or set limits for cards dynamically.
OnDot's value proposition is giving customs control so they can self-manage security.
OnDot is likely to have greater value in overseas markets than Australia. Used on my experience, we are way ahead of the US when it comes to chip-and-pin and contactless payments. I was still being asked for my signature in the US last week.
Anthony Caruana travelled to San Jose to attend the NetEvents media and analyst summit as a guest of NetEvents.