What happens in Vegas shouldn’t stay in Vegas. I was out at BlackHat with other members of the Forrester team over a week ago (seems like yesterday!). It was two jam packed days of popping into briefings, guzzling copious amounts of green tea, and meeting new people and learning new things. In general, I like to keep an eye and ear out for startups to see what’s bubbling up, and came across a few at BlackHat:

  • Co3 Systems. Co3 Systems* help to automate the four pillars of incident response (prepare, assess, manage, and report) and break down responsibilities and response to ensure best practices are followed along with compliance with regulatory requirements. They just updated their security module to include threat intelligence feeds from  iSIGHT PartnersAlienVault, Abuse.ch and SANS, and recently rolled out an EU data privacy and breach notification update to the product. I’m a numbers nerd, so when they let me play with the solution, I immediately started running simulations that estimated the cost of a breach.
  • FileTrek. FileTrek provides visibility and transparency into where data resides, how it’s being accessed, moved, used, changed, and shared between people, devices, and files. No, it’s not DLP. It’s more like the mother of all audit trails that takes context and sequence of events into account. That way, if someone who is supposed to have access to data starts to do things with it beyond what they normally do, FileTrek will flag it as suspicious activity.
  • Securingchange.org. Securingchange.org is a nonprofit organization on a mission to provide digital security consulting and information for nonprofit organizations, NGOs and B-Corps. Information security professionals (of all types of skills) can volunteer their time to help organizations beef up their security. For example, volunteers may do a website security assessment to help identify weaknesses, or jump in to help with incident response. Volunteer, give back to the community, and meet other cool infosec folks! If you’d like to volunteer, drop a line to volunteer@securingchange.org. If you are a nonprofit in need of security services, contact requests@securingchange.org. Or if you are unable to volunteer but still want to contribute, they will happily accept and appreciate a monetary donation as well: https://securingchange.org/donatemore.html.

  • Templar Shield. Templar Shield provides security staffing and consulting services for security, compliance, and risk management. For example, if you need an information security professional for a six-month project, they will place one in your company. They can also work with you to do contract to hire, or direct hire engagements.
  • Versafe. Versafe provides online fraud protection (malware detection/protection, phishing detection, transaction protection). It’s a clientless (agentless) server-side solution that supports all web and mobile devices. The company has a client base in Israel and Europe, and is now moving into the US market and partnering with some familiar names (F5 Networks, CA, Check Point).

I also heard through the grapevine that Secure Access Technologies, Pindrop Security, Duo Security, Bluebox, PrivateCore, Remotium were there as well. Were there any that I missed that you ran into and found interesting? I’d love to hear about them!


* Note: Co3 Systems has popped up on Forrester’s radar before, and we’ve mentioned them in research previously.