Three companies to watch in cybersecurity
Cyber security is a hot topic these days on many fronts. Hackers related to SolarWinds, ironically, have revealed FireEye, considered a perennial security provider. The Colonial Pipeline hack has also raised serious concerns. As a result, the Biden administration issued an executive order in May and an additional memorandum in late July that aims to provide guidelines for dealing with the growing threat from bad actors.
Amid it all, there has been a flood of startups and established businesses competing to meet the security needs of local, state and federal government agencies, educational institutions, healthcare providers, online and physical retailers and others. There are three cybersecurity companies that I find particularly intriguing at the moment, and I wanted to share my thoughts on their respective strategies.
Air gap networks
At Black Hat USA 2021 this week, Airgap launched general availability of its security platform after about a year and a half of product development. The company seeks to address what it perceives to be three fundamental flaws in the network infrastructure that make organizations vulnerable to ransomware attacks:
- lateral movement of threats on shared VLANs,
- lack of identity and intent verification with static firewall policies, and
- the need to identify a more sophisticated way to handle ransomware attacks without the blunt approach of shutting down networks.
Airgap aims to solve these challenges by securing every endpoint, enforcing multi-factor authentication everywhere, and providing a quick and targeted response with its Ransomware Kill Switch feature. Compared to the DEFCON readiness of the United States, Airgap defines the ransomware postures in green, yellow, orange and red. Each provides a set of responses tailored to the corresponding threat level. The company executives recently showed me a demo on their corporate network, and I found the dashboard to be very intuitive and easy to manage.
My hot plug: Founder and CEO Ritesh Agrawal brings enormous credibility to Airgap, having spent several years at Juniper Networks in senior positions in charge of switching and security. I left the conversation confident that he clearly understands the challenges businesses and service providers face in securing networks. I also think the Airgap Ransomware Kill Switch feature is potentially a game changer if it delivers on its promise of scalability for networked devices.
SentinelOne recently went public on June 30e and, after its closing, made history as the most successful cybersecurity IPO on record. The markets have reacted favorably as the value of its stock continues to rise due to its value proposition. At a high level, the company claims that its Singularity XDR (Extended Detection and Response) platform can proactively resolve threats in real time at the edge of IT and the cloud. To do this, it relies on artificial intelligence to cover the prevention, detection, response and hunting of threats in several areas.
My shot: Many cybersecurity solution providers claim artificial intelligence as a critical architectural tenant, and the company competes with established incumbents like Crowdstrike, Microsoft, McAfee, and Symantec. However, if SentinelOne delivers on its promise of proactive threat prevention, it should be well positioned to take market share.
In June, I attended Zscaler’s Zenith Live event and learned about the company’s differentiated approach to zero trust. If you are interested in my ideas, you can find this article here. At a high level, many cybersecurity solutions promise zero trust capabilities, but many are incomplete. Of the three companies in this article, Zscaler is the more mature given its 15-year-old proxy-based architecture. Its features include the prevention of lateral movement with the application versus direct network access, the ability to make applications invisible to hackers, as well as active and sophisticated threat prevention and data protection (thanks to its recent acquisition of active defense supplier Smokescreen).
My shot: Zscaler seems to hit on all cylinders. Proof of this is the adoption, and the company enjoys impressive security-as-a-service victories with the US Department of Defense, Coca-Cola Consolidated (the largest bottler of coke products in the United States). United), Johnson Controls and Phoenix Children’s Hospital, among many others. Zscaler’s promise to make apps invisible to bad actors is an impressive proposition.
No matter the size or industry of an organization, managing cybersecurity is a difficult business. Threats are constantly changing and hackers are getting more sophisticated in their efforts. Each of these companies holds great promise in the ongoing cybersecurity battle.
Disclosure: My company, Moor Insights & Strategy, like all research and analysis companies, provides or has provided research, analysis, advice and / or advice to numerous high-tech companies in the industry, cited or related to this article. I do not own any participation in the companies mentioned in this column.