RSA 2018: 12 Security Execs Reveal The Company They're Most Excited About -- Other Than Their Own

The Names To Watch

Twelve security CEOs, channel chiefs and technical leaders attending RSA Conference 2018 spoke with CRN about which vendor or vendors they believe are driving the most dynamic change in security.

Some security leaders flagged public cloud or hyper-converged behemoths as potentially the most innovative companies in the security space given the size of their customer base and the extent to which they change how technology is consumed.

Other executives favored emerging vendors that have helped move endpoint security past a signature-based approach or are leveraging automation to help analysts make better use of their time and keep tabs on an ever-expanding threat surface. In fact, one of the startups referenced launched just last month.

Here's a look at the vendors that industry leaders are expecting to make waves in the month and years ahead.

Matthew Moynahan, Forcepoint CEO

Amazon's leading position in the public cloud arena gives the company the opportunity to raise the watermark on what constitutes basic or acceptable levels of security, said Forcepoint CEO Matthew Moynahan.

Moynahan said it will be interesting to see how well Amazon can interface with the security ecosystem given the level of trust businesses have placed in the company to keep their information and data safe. Although history hasn't been kind to technology vendors that attempted to become security companies overnight -- particularly in the enterprise – Moynahan said Amazon has always been a unique company.

"I think they're trying to figure out what their future is in security," Moynahan said.

Tomer Weingarten, SentinelOne CEO

SentinelOne CEO Tomer Weingarten praised recently launched startup Bit Discovery for applying business logic to understand how an attacker might go about compromising a network.

Weingarten said he likes the external approach favored by some of the attack surface mapping vendors like Bit Discovery, which was launched last month by Jeremiah Grossman, who spent nearly two years as SentinelOne's chief of security strategy.

Using artificial intelligence and machine learning to better understand what's happening on the outside can be really powerful, Weingarten said. Specifically, Weingarten said companies like Bit Discovery are well-positioned to address how a bad actor can get from a generic server to an organization's crown jewel.

Didi Dayton, Cylance VP, Worldwide Channels, Alliances

Ciena in its channel program predicates every relationship on a customized business plan rather than operating under a traditional tiered model, according to Didi Dayton, Cylance's vice president of worldwide channels and alliances.

Moving away from a checklist of benefits and requirements to a business plan based on a solution provider's specific needs and quarterly business reviews could be a complete game-changer and has the potential to drive higher-value relationships with the channel, Dayton said.

Sanjay Beri, Netskope CEO

Netskope CEO Sanjay Beri Praised both Cylance and CrowdStrike for taking an approach to endpoint detection and response (EDR) that's appropriate for the times.

Both companies take a more heuristic approach to endpoint security rather than being based on pure signatures, Beri said, while adhering to an open API model in a modern way.

By leveraging the cloud for analytics, Beri said CrowdStrike and Cylance are able to avoid putting weight on an organization's endpoint and having it take up all of the company's processing power and space. Instead, Beri said both companies talk to the cloud to process data rather than leveraging a business' endpoint.

Udi Mokady, CyberArk CEO

CyberArk CEO Udi Mokady lauded Demisto for helping analysts sitting in a company's Security Operations Center take care of the various bells, whistles and alarms that constitute their daily life.

Demisto is well-suited to help analysts sort through and reduce the noise, deal with security incidents, and get on board with the situation, said Mokady, who joined the company's board of directors in January.

Given the labor shortage in security, Mokady said SOCs that are stuck turning down alarms and dealing with repeatable processes won't have time to address the major attacks.

"If you have too many alarms, you just shut them off," Mokady said.

Kevin Mandia, FireEye CEO

FireEye CEO Kevin Mandia said Endgame and its emerging technology counterparts Carbon Black, CrowdStrike and Cylance offer models in the endpoint space that are better than what the legacy players are doing.

Mandia specifically praised Arlington, Va.-based Endgame's catering to exploit prevention, as well as the company's framing around detecting both what anti-virus detects as well as what anti-virus misses.

And the company's excellence from a pure technology standpoint has allowed it to combat the stigma that companies based in the Washington, D.C., area service the government and nobody else, Mandia said.

Dan Schiappa, Sophos SVP, GM, End User and Network Security Group

GreatHorn has implemented machine learning-based protections around email security and Office 365, according to Dan Schiappa, senior vice president and general manager of Sophos' end-user and network security group.

The company has taken a similar approach to Sophos in its focus around machine learning and predictive technologies, Schiappa said, but has applied its findings to a different part of the market.

Philippe Courtot, Qualys CEO

Microsoft has done a remarkable job of making it easy to build security into Azure, according to Qualys CEO Philippe Courtot.

The company has created a framework with proper APIs that allows for single-pane integration, Courtot said, making it possible for other technology vendors to inject an agent and leverage the entire framework they've created.

With the single click of a mouse, Courtot said Azure customers can deploy the Qualys agent, and with just one more click, they can remediate the issue. By providing the APIs, Courtot said Microsoft is able to facilitate transparent orchestration.

Joe Sykora, Bitdefender VP, Worldwide Channel Development

Nutanix's ability to simplify the hyper-converged infrastructure market has made it possible for end users and channel partners alike to participate in different areas of the market, according to Joe Sykora, Bitdefender's vice president of worldwide channel development.

Storage and virtualization were traditionally growing so fast that security became an afterthought for partners servicing those spaces, Sykora said. But Nutanix's superior technology and partnership with Bitdefender has made it possible to bridge security into different types of partners, according to Sykora.

Christopher Ahlberg, Recorded Future CEO

Recorded Future CEO Christopher Ahlberg said automation vendors such as Phantom, Komand (now part of Rapid7) and Demisto have excelled at keeping tabs on the threat surface as it expands due to increased complexity in organizations.

Automation has become even more paramount due to an industrywide shortage of between 1 million and 2 million security professionals, Ahlberg said. It offer the potential to tighten the loop between intelligence and action by driving curation and forming connections, according to Ahlberg.

Israel Barak, Cybereason CISO

Recorded Future excels at contextualizing data around the activity that's taking place inside of the enterprise network, tying activity in the environment to a specific actor, according to Israel Barak, chief information security officer at Cybereason.

By providing data that's in context, Barak said companies like Recorded Future make it easier to act against known bad actors regardless of technique.

Threat intelligence was traditionally composed of one-off threat feeds, Barak said, with millions of artifacts pouring in but a lack of context around what's actually happening. Adding more context into the detection and investigation process should make threat feeds more actionable, according to Barak.

Michael Fey, Symantec President, COO

Symantec President and COO Michael Fey praised ShieldX Networks for thinking deeply about how network security is going to operate inside Amazon Web Services and Microsoft Azure.

ShieldX Networks has built itself to be a platform-agnostic visibility network control point that can really get inside the control point and govern traffic flow in a manner that's similar to a legacy firewall vendor, according to Fey. The company received funding from Symantec Ventures as part of its $25 million Series B round.

Companies like ShieldX can help control and guide the network flow when a user clicks on Salesforce from their phone in the way that a next-gen firewall can't, Fey said.