Hot security upstarts

Offering new email security technology and services to help clean up after a breach, these new companies are leading a wave of hot security startups

Offering new email security technology and services to help clean up after a breach, these new companies are leading a wave of hot security startups. We've highlighted some young ones that we think could have an impact on how businesses protect against and react to attacks. Here's a quick look at what some of them do.

Agari

Agari's email protection service can block malicious emails in conjunction with major ISPs, notifying them when attackers send these emails illegally under the name of Agari customers. Partner ISPs can block these emails before they reach victims, thereby protecting recipients from potentially damaging infection but also the reputation of the customer whose domain was compromised. The company weaves what it calls Agari Email Trust Fabric from its customers, cloud email providers and technology partners to give a better picture of overall email traffic and threats.

CloudFlare

CloudFlare is a content delivery network that can filter out malicious traffic before it hits websites, thereby lessening the effectiveness of DDoS attacks. It does this by diverting customer traffic via DNS settings to its own network where it enforces controls on that traffic. By eliminating the bulk of malicious traffic to their sites, customers have an effective boost in available Internet bandwidth. CloudFlare also caches customers' Web content at points of presence around the globe to reduce delay. It also optimizes traffic to reduce build time for pages. Also available: analytics and Web applications that can add features such as blogs and help desk to websites.

CO3 Systems

CO3 doesn't play on the defensive side of security, but rather on the cleanup side after breaches occur. The company's cloud-based service quickly creates an action list of tasks its customers must perform in order to comply with data breach regulations. Since virtually every state has its own set of rules on reporting what happened as well as many federal agencies, the task of meeting all their requirements is complex and arduous, made more so by tight deadlines and heavy fines. Customers get a clear list of what needs to be done, when it must be completed and whom to contact in order to comply.

Emerging Threats Pro

Emerging Threats Pro is all about the rules -- the rulesets that enable its open source intrusion detection engine Suricata to detect malware. Suicata is open source and so is Emerging Threats, which publishes rulesets as well. Emerging Threats Pro is different from them in that it is a commercial venture that applies quality assurance to the rules to make sure they keep a high rate of detection and a low rate of false positives.

Fixmo

Fixmo software can partition mobile devices so trusted applications can run in sandboxes free of malware that may have infected the rest of the machines. Developed by the National Security Agency, the technology is used by the Department of Defense to secure mobile devices, but with this commercial venture Fixmo is aimed at businesses that want to allow employees to bring their own devices for use at work without exposing corporate networks to the malware the machines may have picked up during use as private devices.

Universal Secure Registry

Universal Secure Registry attempts to improve security by introducing more factors into multi-factor authentication. It calls its protection 3+ and includes something the user has, something the user knows and something the user is, and adds to it a photo of the user that can be checked by third parties. For example, a customer at a checkout line could authenticate to a digital wallet using a PIN (something they know) with a voiceprint (something they are) to access a USRID client on their phone (something they have), which sends a unique password wirelessly to the authentication system. The system authenticates the user and sends a photo of that person to the checkout station where the clerk can verify the person is the authorized user.