10 Security Companies That Have Scored CIA Funding12:00 PM EST Fri. May. 24, 2013
In-Q-Tel was founded in 1999 as a nonprofit that would bridge the gap between the technology needs of the CIA and emerging commercial technology. Today, the venture firm -- generally viewed as the investment arm of the CIA -- is investing millions of taxpayer dollars in dozens of startups. Not surprisingly, most of these firms develop security technologies. In-Q-Tel doesn't reveal exactly how much it invests in its chosen startups, but amounts typically total up to $3 million. Read on to find out which security firms have received In-Q-Tel funding.
CEO: Meg Whitman (HP)
In-Q-Tel revealed a strategic investment in ArcSight, a security information and event management company, in 2002. The investment reportedly totaled $3 million. Nine years later, Hewlett-Packard acquired ArcSight for $1.5 billion. Earlier this year, HP executives denied reports that the company was considering selling or spinning off its ArcSight unit.
CEO: John Morris
Chicago-based Cleversafe, a maker of secure storage technology, won funding from In-Q-Tel in 2010. The company touts its products as solving big data storage problems. In announcing the investment, In-Q-Tel's CTO described Cleversafe's approach as "a viable answer for distributed storage architectures."
CEO: David DeWalt
In 2009, In-Q-Tel revealed a strategic investment and technology development agreement with antimalware company FireEye, based in Milpitas, Calif. FireEye's technology is designed to protect businesses against advanced threats across multiple vectors. Former McAfee CEO David DeWalt joined FireEye as chairman and CEO in November.
CEO: Bill Anderson
Oculis Labs, a maker of data privacy software based in Hunt Valley, Md., won funding from In-Q-Tel in 2011. The company's technology protects sensitive data from being read on a computer screen by "shoulder surfers" when a user is in a shared or public space.
CEO: Parveen Jain
In-Q-Tel took a stake in Santa Clara, Calif.-based RedSeal Systems in 2011. RedSeal Systems' security risk management platform continuously monitors network device configurations and validates them against security policies. Continuous monitoring is a requirement of the Federal Information Security Management Act (FISMA). In-Q-Tel said RedSeal Systems' technology would help government agencies improve their security posture.
CEO: Mario Vuksan
ReversingLabs, a malware analysis specialist, partnered with In-Q-Tel in February 2012 to develop technology for the Department of Homeland Security Science and Technology Directorate. The company, based in Cambridge, Mass., was founded in 2009 to develop threat analysis tools for detecting new types of malware. ReversingLabs touts its products as the fastest for conducting automated static analysis of unknown software.
CEO: Steve Bennett (Symantec)
In-Q-Tel tapped SafeWeb of Oakland, Calif., in 2000 to develop Internet privacy technology. SafeWeb's core technology used encryption to protect users' online activity and allow them to browse the Web anonymously. Symantec bought the company in 2003.
CEO: Tim Eades
A maker of online fraud detection technology, Silver Tail Systems received funding from In-Q-Tel in 2010. Two years later, the Menlo Park, Calif.-based company was acquired by EMC. Silver Tail Systems' technology was used by banks to thwart cybercriminals that use banking malware such as the Zeus Trojan to hijack customers' online accounts.
CEO: Ron Gula
Last year, Tenable Network Security inked an agreement with In-Q-Tel to develop vulnerability management technology for the U.S. intelligence community. Columbia, Md.-based Tenable makes the widely used Nessus vulnerability scanner, which started as an open-source project. Nessus has more than 1 million users, according to Tenable.
CEO: Bob Brennan
In-Q-Tel took a stake in Veracode, an application security company, in 2008. Burlington, Mass.-based Veracode provides application security testing on a subscription basis to track down threats such as SQL injection, buffer overflows and malicious code.