Emerging Vendors are the vendors who have been innovative and has given the fresh perspective to the conventional security methods. In very less time, these start-ups have been able to make their name in the APT space. Here is the list of the Top Emerging vendors in the field of APT Security.


1. Illusive Networks @illusivenw: Illusive Networks is a cyber security firm headquartered in Tel Aviv, Israel. It was founded in 2014. Illusive Networks does not deal with malware, viruses or Trojans: it focuses on hackers who launch cyber attacks. Its modus operandi is to trap hackers by leaving false clues. To shake them off, Illusive Networks will create deceptive zones in a labyrinth with numerous fake endpoints.


Channel of APT Security Used: Network /End-Points/Email


Funding Raised: $30 Million and Major Investors are: Cisco Investments, Citi Ventures, Innovation Endeavors, Bessemer Venture Partners


Let' s see the approach adopted by Illusive Networks to counter Advanced attacks:-


Send ransomware the wrong way: Illusive creates deceptive ransomware targets in the network that distract ransomware and prevent it from attacking real company assets.

Neutralize ransomware before damage is done: As soon as Ransomware activity starts within your organization, Illusive’s deceptions lead the ransomware to reveal itself before any real data is encrypted, ensuring that no harm is done to real organizational assets and no disruption is caused to business operations.

Real-time alerts & forensics from the ransomware source: Illusive is the only vendor that neutralizes ransomware activity at its entry point on the source host, enabling early detection and high fidelity alerts that are only triggered by real ransomware activity.

This video explains their innovative approach against advanced attacks.

Change it - Illusive Networks: the start-up that traps hackers: https://www.youtube.com/watch?v=5pVq5In8VW8

{Source: https://www.illusivenetworks.com/advanced-ransomware-guard}

2. Menlo Security@menlosecurity: Menlo Security is a cyber security firm headquartered in Menlo Park, CA. It was founded in 2015.

Channel of APT Security Used: Network /End-Points/Email

Funding Raised: $35 Million and Major Investors are: Engineering Capital, General Catalyst Partners, Osage University Partners, Sutter Hill Ventures

Let's see the approach adopted by Menlo Security to counter Advanced attacks:-


• The Menlo Security Isolation Platform (MSIP) brings the benefits of isolation technology to any size enterprise. It deploys as a cloud service (public or private) and requires no software or plug-ins on the endpoint. The MSIP supports any device, OS and browser and delivers a user experience essentially indistinguishable from native Web access.

By leveraging patented Adaptive Clientless Rendering™ (ACR) technologies, MSIP enables enterprise-wide deployment of isolation security without the need to deploy or manage endpoint software or appliances, dramatically reducing ransomware risks.

This video explains their innovative approach against advanced attacks.


Menlo Security Isolation Platform - Overview
https://www.youtube.com/watch?v=7ZUwQJPZ3Qg

{Source: https://www.menlosecurity.com/how-it-works}

3.Cylance@cylanceinc: Cylance is a cyber security firm headquartered in Irvine, US. It was founded in 2012. Cylance is revolutionizing cyber-security with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Their technology is deployed on over four million endpoints and protects hundreds of enterprise clients worldwide including Fortune 100 organizations and government institutions.

Channel of APT Security Used: Network /End-Points/Email

Funding Raised: $177Million and Major Investors are: Alex Doll, Blackstone, Capital One Growth Ventures, Dell Ventures, DFJ Growth

Let's see the approach adopted by Cylance to counter Advanced attacks:-


Cylance’s ThreatZERO Assurance Program provides:

• The generation, delivery and full review of the Cylance ThreatZERO Assurance Report, including a policy review showcasing best practices, any modifications suggested, and further recommendations to achieve zero threat status

• A full malware status review during which identified threats may be reclassified and unclassified threats may be submitted to the Cylance Threat Analysis Team

• A full potentially unwanted program (PUP) review, including the submission of any unclassified PUPs

• A thorough review of deployed agent version and update statuses

This video explains their innovative approach against advanced attacks:-

Cylance: Protecting Your Computer Through Mathematics
https://www.youtube.com/watch?v=-YPbZKl71S8

{Source: https://www.cylance.com/}

4.Cybereason@cybereason: Cybereason is a cyber security firm headquartered in Boston, Massachusetts. It was founded in 2012. Cybereason automatically detects malicious activity and presents it in an intuitive way. It deploys easily with minimal organizational impact and provides end-to-end context of an attack campaign. Most organizations deploy Cybereason and start detecting attacks within 24 to 48 hours.

Channel of APT Security Used: Network /End-Points/Email

Funding Raised: $88.6Million and Major Investors are: CRV, Lockheed Martin, Softbank, Spark Capital

Let's see the approach adopted by Cyberreason to counter Advanced attacks:-

Endpoint and Server Sensors: Cybereason Sensors are deployed on endpoints and servers and collect data from across your environment 24/7 in real time. The sensors have no impact on productivity or user experience.

• The Hunting Engine is constantly fed with information received from the endpoint and server sensors. It uses artificial intelligence, machine learning and behavioural techniques to detect cyber attacks.

Cybereason comes preconfigured with a library of models that look for malicious activities and tools, tactics and procedures attackers use while executing their hacking campaigns.

This video explains their innovative approach against advanced attacks:-

Introducing Cybereason: Real-Time Automated Cyber Hunting
https://www.youtube.com/watch?v=0I7yF4waLLY

{Source: http://www.cybereason.com/}

5.Vectranetworks @Vectra_Networks: Vectra Networks is a U.S. business headquartered in San Jose, California, It was founded in 2012. Its products monitor internal network traffic to identify in real time cyber-attacks that are in progress.

Channel of APT Security Used: Network /End-Points/Email

Funding Raised: $86.54 Million and Major Investors are: Accel, AME Cloud Ventures, DAG Ventures, IA Ventures, Intel Capital, Juniper Networks

Let's see the approach adopted by Vectra Networks to counter Advanced attacks:-

Detections based on data science not signatures: Vectra uses a patent-pending combination of data science, machine learning, and behavioral analysis to reveal the fundamental characteristics of malicious behavior without the need for countless signatures and reputation-based rules

Adaptive Distributed Architecture: The Vectra Adaptive Distributed Architecture provides a simple and efficient way to extend cybersecurity to all areas of an organization. Security teams can seamlessly monitor remote sites where attackers start as well as internal network segments that contain key assets attackers will try to steal.

Detect all phases of an active attack: Vectra picks up where perimeter security stops by continuously analyzing all network traffic for malicious behaviors of an ongoing cyber attack. The solution detects all phases of attack including command and control, internal reconnaissance, lateral movement, ransomware activity, data exfiltration, and botnet monetization behaviors -- automatically and in real time

This video explains their innovative approach against advanced attacks:-

VectraNetworks- How It's Different
https://www.youtube.com/watch?v=uxu7VWJBY5Y

{Source: http://www.vectranetworks.com/}

6.SafeBreach@safebreach: SafeBreach is a business headquartered in Sunnyvale, California. It was founded in 2014. SafeBreach lightweight simulators play the role of the hacker. Deploy them in critical segments of your network, in the cloud or on your endpoint to simulate the entire kill chain- infiltration, lateral movement and exfiltration. Both network and endpoint simulators are available.

Channel of APT Security Used: Network /End-Points/Email

Funding Raised: $19 Million and Major Investors are: Deutsche Telekom Capital Partners, Hewlett Packard Pathfinder, Sequoia Capital, Maverick Ventures Israel

Let's see the approach adopted by SafeBreach to counter Advanced attacks:-

Deploy simulators to “play the hacker”: SafeBreach lightweight simulators play the role of the hacker. Deploy them in critical segments of your network, in the cloud or on your endpoint to simulate the entire kill chain- infiltration, lateral movement and exfiltration. Both network and endpoint simulators are available.

Orchestrate and execute breach scenarios: The Safebreach orchestration platform manages and executes the Hacker's Playbook™ of breach methods on our simulators. Our patent-pending technology simulates breach scenarios without impacting users or infrastructure, but while validating the effectiveness of your security solutions.

Quickly take corrective action: Our platform correlates and analyzes all breach methods, and presents information useful for both security analysts and security executives. Deep dive into breach scenario building blocks and quickly remediate based on SafeBreach recommendations.

This video explains their innovative approach against advanced attacks:-

SafeBreach - Your ultimate virtual hacker
https://www.youtube.com/watch?v=n3v96igavfk

{Source: https://www.safebreach.com/how-offensive-security-works}

7. Sqrrl@SqrrlData: Sqrrl is a business headquartered in Sunnyvale, California. It was founded in 2014. Sqrrl is the security analytics company that enables organizations to target, hunt, and disrupt advanced cyber threats. Sqrrl’s industry-leading advanced detection and response platform enables security analysts to uncover malicious behaviour within enterprise networks. Sqrrl reduces attacker dwell time by detecting adversarial behaviour faster and with fewer resources through the use of machine learning, and enables effective threat hunting. As an incident response tool, it enables analysts to investigate the scope, impact, and root cause of an incident more efficiently and thoroughly than ever before.

Channel of APT Security Used: Network /End-Points/Email

Funding Raised: $14.2 Million and Major Investors are: Atlas Venture, Matrix Partners, Rally Ventures

Let's see the approach adopted by Sqrrl to counter Advanced attacks:-

Sqrrl Enterprise enables the ingest and analysis of disparate data-sets to facilitate proactive threat detection, which is also known as cyber threat hunting.

Target: Scope the data sets that will be used in your investigation. Hunts can branch from various starting points or “trailheads”. These include indicator-driven structured hunts and hypothesis-driven exploratory hunts, both of which can be optimized with automated analytics and machine learning. 

Proactively and iteratively search through network and endpoint data to detect and isolate advanced threats that evade more traditional security solutions.

Disrupt: By seamlessly pivoting from hunting to forensic analysis, disrupt adversaries before they fully execute their attacks. These analyses can generate new indicators to feed into complementary security systems, creating an effective security feedback loop.

This video explains their innovative approach against advanced attacks:-

Sqrrl - "Secure. Scale, Adapt"
https://www.youtube.com/watch?v=Sk-8_jJQ1Nc


{Source: https://sqrrl.com/product/sqrrl-enterprise/}

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)