As technology becomes more sophisticated, so do the types of cyber threats. It’s a perpetual battle of escalation on both ends. Companies are constantly looking for user-friendly ways to stay ahead of the curve to protect their data without having to sell the farm.
Alacrity has a number of portfolio companies who are working hard to mitigate security risks for their customers with these things in mind. HYAS has developed what is in effect an automated security detective that uses large quantities of data to predict attacks before they occur. Echosec targets a wider range of threats, such as those affecting brand reputation, or those resulting from unfolding worldwide events or even travel warnings.
In essence, they provide their clients a search engine to detect and respond to threats emerging from social media and even the dark web. Revela automates security processes by embedding good security practices within the existing framework of software packages used by companies to run their business . And SaaSquatch – though not a security company – must prove that they can protect themselves against all levels of security threats as they work through the auditing process required to receive a level of security certification that will put their clients’ minds at ease.
HYAS was recently recognized as a finalist for the Microsoft Security 20/20 Emerging ISV Disruptor award for the work they have done anticipating attacks before they happen in what is called “pre-zero-day” security. Their two products, HYAS Protect and HYAS Insight are meant to help cybersecurity professionals from both the private and public sectors. Instead of trying to develop an entirely independent defense system, HYAS has developed what they call an “online attribution intelligence toolkit” which serves to enhance already-existing security structures by reading the earliest possible warning signs before an attack.
The strength of their approach comes from a vast database they have curated over the years through partnerships and their own intellectual property. Their database is updated constantly and “indexes public, hard-to-find, and exclusive to HYAS datasets which allow investigators to better fingerprint events, actors, and infrastructure.” HYAS Protect uses this data to identify patterns of bad behavior at the earliest possible stage by applying their proprietary algorithms to data points.
These algorithms can be inserted within existing security frameworks to better anticipate incoming threats and provide a real-time picture of attacks in real-time, providing a kind of early warning system to better prepare for the attack. HYAS Insight goes a level deeper by helping their customers more accurately and efficiently track down bad actors. According to HYAS, Insight “provides enterprises with unparalleled visibility into the adversaries attacking them, the infrastructure being used to attack them, and the infrastructure likely to be used in future attacks. By identifying these attributes earlier in the cycle they help customers act much more quickly after the fact to track down the bad guys.
Echosec has developed a more hands-on service for monitoring your cybersecurity. Echosec works closely with large organizations to monitor and mine your brand’s online presence in the hard-to-see and hard-to-reach corners of the internet. For the more open and obvious threats this can be in social media, blogs, and news/fake news sites. Less obvious concerns might be found on message boards outside the public eye. Echosec can help gather all of this information for analysis. They offer real-time monitoring of information relating to your brand, the physical security of assets, travel security, and live-tracking of global events. The purpose is to identify potential problems early on and allow the client to either control the narrative or take preventative measures before things get out of control.
As thorough as this sounds, Echosec takes the search even deeper. There are many sources of threats on the internet that can’t be found with a Google search. Beacon is a search engine which provides an entry point to the dark web that is accessible to anyone. The dark web is a bit like the internet before most of us had ever heard of it – if you didn’t already know where to find something, you had no means to find it. Then came search engines, and suddenly anyone could use the net. Users of the dark web want to remain anonymous so their actions remain hidden, until now there were few search engines.
Beacon uses algorithms within a large index that provide their clients a way to search the dark web for information easily. This can protect their company or its clients from more insidious threats by getting tipped off about conversations or plans relating to them, and possible transactions of stolen information or property. It “reviews blogs, forums, discussion boards across the web using specialized filters to extract information pertaining to your company quickly to protect your clients, your employees, and your company records.” The most appealing aspect of Beacon is that all of this can happen securely from the user’s everyday browser. Simply accessing the dark web in a secure way usually requires a certain set of knowledge, but Echosec provides a way for anyone to search securely and legally.
SaaSquatch is a referral company in our portfolio, who have recently begun the audit period to earn their SoC 2 Type II certification, which has become essential for cloud storage companies dealing with sensitive customer data.
In order to be successful SaaSquatch will prove their ability to respond not only to known threats but the capacity to anticipate and mitigate currently unknown attacks. For this they might use Echosec’s Beacon to anticipate a data breach before it happens. They also must be able to be alerted to anomalies quickly in their system perhaps integrating directly with Revela (more below). SaaSquatch would need a detailed forensic auditing system to properly analyze the data in the event of a breach in order to effectively counter the attack and protect their customers’ data, as offered by HYAS’ Comox.
The final portfolio company we’ll look at in this piece is Revela Systems. Revela provides solutions for common data quality problems in AI and ML projects with performant and flexible data pipelines for on the fly data cleaning, auditing, and alerting. To minimize security risks, Revela requires usage of multi-factor authentication, performs frequent cloud IAM audits, and mandates employees use a password manager. Zev Isert, co-founder and software team lead of Revela explains that alongside its application deployments, Revela has started including Falco monitoring.
Falco is a special piece of open-source software that can hook into the lowest level of operating systems. Revela’s code leverages activity logs and events to detect when “odd” things happen. It enables real-time monitoring of suspicious activity, such as programs accessing files responsible for storing user passwords, or command line terminals being created on servers that shouldn’t be accepting connections to the admin side of things. It is very easy to bring into existing projects. The warnings it produces can be wired up to instantly broadcast to employees through an existing message system like Slack. There’s little to no extra configuration, it can be deployed in Kubernetes or on bare metal. As a result Revela seamlessly enforces the best company security policies.
To explore more of our content, visit the Alacrity Canada Blog page where you’ll see Alacrity’s podcast on early-stage tech investment Between 2 Term Sheets, and our cleantech podcast series, Cleantech Talks. Follow us: @alacritycanada on LinkedIn, Facebook, Twitter and Instagram for the latest in tech news, and information about upcoming events.
Alacrity Canada is a venture builder that supports driven entrepreneurs. We help create thriving companies & connect them to our global network of expert investors & mentors.