The 10 Coolest Security Startups Of 2012 (So Far)

From Outta Nowhere

Many of us are accustomed to thinking of information security as the primary domain of large, name-brand vendors. These vendors are characterized by a variety of colors, sometimes red, sometimes yellow, and sometimes green. The list goes on and on. But as is the case with many technologies, some of the more forward-looking developments are coming from the testbeds of young upstarts that have little invested in legacy technologies and are able to look at solutions to fundamental problems with a clean slate. Here are a few startup security companies that we are watching. They are fast, lean, and many are looking at the channel to help them reach the next level.

Agari

CEO: Patrick Peterson

Founded by a splinter group from Cisco Systems, Palo Alto, Calif.-based Agari strives to protect its customers' brand names from those who might commandeer their domains and use them for spam. The company identifies all domains that send email on the client's behalf, and advises them when a third-party is impersonating their domain. The system also helps clients to publish authorization policies to mail providers to assist with protection and enforcement. The three-year-old company's services are seen by security experts as being instrumental in the reduction of phishing attempts.

Click Security

CEO: Marc Willebeek-LeMair

This three-year-old Austin, Texas-based security startup specializes in real-time analytics around threat detection, embedded malware identification, threat prioritization, early warning and data leakage monitoring. Its objective is to move beyond "commodity" threats and provide a sharpened focus against evolving, advanced attack vectors. The company's technology architecture automates the investigation, collaboration and lockdown of all network activity. Click Security was established by former TippingPoint founders Marc Willebeek-LeMair and Brian Smith in late 2009, and is funded by Sequoia Capital.

CloudPassage

CEO: Carson Sweet

CloudPassage came out of stealth mode in January of 2011 with an emphasis on cloud security, and the ability to instill the same caliber of security within the cloud as their clients would have in the data center. The Menlo Park, Calif.-based company specifically deploys security at the guest VM level, leveraging an architecture called "Halo," which is a lightweight piece of software that runs on the virtual machine image and interacts with a large compute grid that does computations, calculations, and analysis of the individual VMs -- and of the cloud as a whole -- so that security can be effectively delivered. The go-to-market strategy includes a white-label opportunity for partners.

CrowdStrike

CEO: George Kurtz

Focused on big data technologies, CrowdStrike recently rolled out a new collaborative platform aimed at helping researchers to analyze malicious code and execute the examinations and reverse engineering necessary to developing strategies and technologies to defeat the malware. While attempts to disassemble malware are nothing new, the company is attempting to break down the silos of research and to augment a unique level of collaboration. The company was co-founded by George Kurtz, former CEO of Foundstone and Worldwide CTO at McAfee, Dmitri Alperovitch, former VP of Threat Research at McAfee, and Gregg Marston, former CFO at Networks in Motion, and has received $26 million in Series A funding from Warburg Pincus.

HoneyApps

CEO: Ed Bellis

HoneyApps is a Chicago-based company that comes to the table with Risk I/O, a vulnerability management platform that connects automated scanning tools and centralizes vulnerability data, reporting, prioritization and remediation. Details are easily managed through a unified dashboard that is designed to assist with not only identifying the threats, but assisting in their interpretation and the development of the proper response. The product integrates with a variety of tools from well-known vendors, such as IBM, Qualys, WhiteHat, Rapid7 and Tenable.

NetAuthority

CEO: Chris Brennan

Founded in September of 2011, but formally launched this year, San Francisco-based NetAuthority claims six years of intellectual property development in the design of its new product for strong authentication. Based on the idea that most strategies for multifactor authentication are either too complex or too cumbersome, NetAuthority is trying to bring simplicity and ease-of-use to the equation. The company claims that its products can identify and authenticate virtually any Internet-enabled device, once it is introduced to the system, and does so with no perceptible latency. The system also provides reporting on alarms, and feeders for the existing log management and monitoring tools.

Okta

CEO: Todd McKinnon

Okta provides on-demand identity and access management to further support the secure adoption of enterprise-level web applications, regardless of whether those applications are located in the cloud or behind the firewall. Features include single sign-on, automated user management, Active Directory integration, multifactor authentication and various reporting functions. Launched in January of 2011, the company is backed by venture investors such as Andreeson Horowitz, Floodgate and Ron Conway.

Pindrop Security

CEO: Vijay Balasubramaniyan

Pindrop Security provides acoustical fingerprinting technology that detects fraudulent calls and authentication to help combat phone-based fraud. The company compares its technology to "fingerprinting" in the service of phone-based financial transactions. In addition, the Atlanta-based company's products perform risk analysis to predict the likelihood of fraud, based on caller location, device type, Caller ID information and ANI data. The company also claims to have the world’s largest and most accurate database of fraudulent phone numbers to help further detect any wrongdoing.

Porticor

CEO: Gilad Parann-Nissany

Porticor is a two-year-old, Israeli-based vendor focused on scalable data encryption and key management solutions to assist with regulatory standards and overall security. The company's Virtual Private Data system enables customers to encrypt their entire data layer and safely store the encryption keys using homomorphic split-key encryption technology. Each data object is encrypted with a master key and a specific key. The master key is common to all data objects of one application while the second specific key is different for each data object. As the application accesses the data store, both parts of the key are used to dynamically encrypt and decrypt.

Total Defense

CEO: Paul Lipman

Total Defense is a Redwood Shores, Calif.-based startup providing cloud security with a SaaS-based architecture. Its most recent product focuses on web and email protection. Elements include security for mobile and remote users, antivirus, antispam, antiphishing, URL filtering, and application control that enables customers to regulate use of social media, streaming media and web-based messaging. The company was formerly a part of CA Technologies.