Security startup's creed: You can't hack what you can't see.
Security software startup Trusted Network Technologies Inc. is expected to come out of hiding next week. But it hopes its customers will appreciate the ability to make their networks and critical information systems more clandestine.
The company is expected to disclose Monday that it has received $6 million in first-round funding from Charles River Ventures and Flagship Ventures, and it will unveil its access-management app, Identity, which sports a sneaky twist.
According to company founder and CEO Stephen Gant, the app provides user access control by embedding a two-factor identity—one linked to the user and the other to the system—into each session request. Authentication requires no extra steps be taken by the user, and there's no impact on network operations, Gant says.
But unlike many other authentication apps, Gant says, Identity hides protected systems and information from prying eyes. "You just can't see anything" if you're not authorized, he says. The system runs with host software that inserts the authentication mechanisms and a secured in-line Linux appliance that supports 10/100M or gigabit speeds and enforces the access policies established by the customer.
Gant says the idea is to place "passports" with the actual packets on the network; if a packet doesn't have the appropriate passport, it's not even going to get to the protected resources. He's fairly confident Identity can't be hacked.
Gant says independent security experts have analyzed network traffic protected by Identity, and, so far, the app has kept them in the dark. "They haven't been able to find where the information is, let alone that anything [protected] is out there on the network," he says.
A security executive at a financial-services software development firm who declined to be identified is investigating how the new app could provide an additional layer of protection for his company's network. While the company hasn't purchased yet, he likes what he sees so far.
"I'm a little incredulous about startups. They have to have a valid idea or technology for me to get enthused about them," he says. "But this really seems to do what they say it does. It acts as a guard. [Unauthorized] packets are just dropped. It's like cloaking." He says he can't figure any way hackers couldn't infiltrate the system, either.
The exec hopes Identity can tip the security balance away from favoring hackers and other unauthorized users. "It looks like a good additional layer of security," he says. "When you're securing systems, you have to secure yourself against every possible hole. The hacker only has to find one."
Version 1.0 of Identity should ship next week, with an updated version expected later this summer. Pricing is customized for large installations, the company says, but the cost for about 25 users and a single 10/100M appliance ranges from $10,000 to $15,000.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.