10 Hot SaaS Security Startups To Watch
Leveraging cloud-based security services is helping to solve some major stumbling blocks when it comes to providing a robust architecture for organizations. To help you navigate your options, we're spotlighting 10 SaaS security startups whose tools are worth a look.
![](https://eu-images.contentstack.com/v3/assets/blt69509c9116440be8/blt4b83ba59e41f3a97/64cb4398940d33f4e679b138/Intro_Crop_62207018.jpg?width=700&auto=webp&quality=80&disable=upscale)
In the past five years, more than 1,400 software-as-a-service (SaaS) startups have popped up, according to a 2016 Report on the State of SaaS by BetterBuys. Subscriptions for SaaS-based security, business intelligence, IT, and enterprise vertical applications also continue to rise, according to the report.
While the report does not break out specific statistics related to security-focused SaaS applications, in my experience there are several reasons why such solutions are gaining interest in the enterprise. Leveraging cloud-based security services is helping to remove some major stumbling blocks when it comes to providing a robust architecture for organizations.
For starters, it's becoming increasingly difficult to find and keep qualified in-house workers who have advanced expertise in IT security. The ability to offload many security tools into the cloud, which means having everything managed by a third party, can be a huge relief for many organizations.
[Worried about keeping secure in the cloud? Read 7 Ways Cloud Computing Propels IT Security.]
SaaS security applications enable IT to eliminate a good deal of on-premises hardware and software. This helps by cutting out the need for a big upfront CapEx investment. Implementing SaaS also takes away the need for dreaded forklift upgrades and new implementations. Instead, all the architecture, hardware, and software are managed behind the scenes by your security SaaS provider.
To help you navigate your options, we're spotlighting 10 SaaS security startups and vendors on the rise whose tools are worth a look. Some of the companies on our list provide a niche security service or tool that can be supplemented with your current security posture.
Others aim to completely take over the end-to-end management of your applications and data. A few fall somewhere in between. No matter what your specific IT security needs are, there is likely something on our list you'll find worth exploring.
After reviewing these hot SaaS security startups, tell us what you think of the SaaS security market as a whole -- and where you think it's headed. Are enterprises crazy to hand over these security duties to an external company? Or is SaaS the future of IT security? Tell us in the comments section below.
The SafeBreach marketing tagline is "unleash the ultimate virtual hacker." That's exactly what the company's SaaS application provides. It offers an alternative to paying in-house staff, or hiring expensive external security consultants, to manually run penetration and other validation tests.
SafeBreach is aiming to automate the adversary breach testing methods used, and sell it as a service. It's an interesting concept, and one that could slash the costs for regular penetration testing and breach impact investigations.
The days of endpoint security (such as desktop AV software) are very much numbered thanks to SaaS. One such example is Menlo Security, which uses its cloud services to isolate web, email, and documents. This content is analyzed safely in the cloud, and only allowed to reach the end-user if it is deemed malware free.
If your business requires the need for an around-the-clock Security Operations Center (SOC), but your budget is falling woefully short, you might want to look into EiQ. This company uses a hybrid SaaS model to proactively monitor and assess the security of your network. If any issues are found, EiQ analysts will work as an extension of your internal IT security team to eliminate vulnerabilities or credible threats in a timely manner.
Retrospective security is an important tool in the world of enterprise IT. ProtectWise is a SaaS platform that collects and compresses network traffic, then sends it to the cloud for a thorough security analysis. The service aims to identify threats that may have previously gone undetected. The service can then search back in time to see what effect the breach may have had on the company -- and what damage may need to be addressed.
Another hot SaaS endpoint protection company is CrowdStrike. This company promises not only a lightweight endpoint security software solution for Windows, Mac, and Linux. It also provides visibility such as continuous recording, rapid search, and hunt capabilities, all of which can be conducted in real time or retroactively.
Avanan is one of several hot Cloud Access Security Brokers (CASBs). Using a CASB enables enterprises to inject internal security policies onto cloud resources. These can include elements such as authentication, authorization, device profiling, encryption, and intrusion and malware prevention. The first wave of CASBs were largely deployed on-premises -- and proved difficult to manage. Companies such as Avanan are streamlining the setup and management through an easy-to-use SaaS GUI that works with a wide range of cloud service providers.
Many SaaS security companies -- such as Alert Logic -- are banking on the idea that you have tried and failed to properly implement a robust security posture using in-house solutions and staff. As an alternative, Alert Logic's suite of tools and services is designed to be a one-stop security shop, using the company's technologies and expertise fully managed in the cloud.
Malware is the bane of IT and security professionals. One problem is how to sift through the thousands of malware alerts received in order to determine what ones can be ignored, and what ones need immediate attention. LightCyber uses a combination on-premises and SaaS approach to collect customer data and analyze it in the cloud. The goal is to cut through all the noise to pinpoint attacks requiring active responses.
Bitglass is another CASB to make our list. The primary difference between Bitglass and other traditional enterprise CASBs is that Bitglass can enforce policies -- including Data Loss Prevention (DLP) -- on any device, managed or unmanaged, that accesses corporate resources. This is done using an agentless architecture. The technology behind Bitglass ignores the end-user devices themselves. Instead, the focus is on protecting the data. It integrates with many popular cloud services, including Office 365, Google Apps, Salesforce, and Dropbox.
One of the more unique IT security SaaS startups on our list is SecurityScorecard. The service essentially scores your company -- and your potential third-party vendors/business partners -- based on security risk.
It evaluates risk factors such as application security, DNS health, IP reputation, hacker chatter, and patching cadence. All of these factors, and more, are entered into a calculation that spits out a letter grade ranging from A to F. It's a wonderful way to validate your security posture, as well as the security postures of your potential business partners.
A SaaS-based security model makes complete sense to me. Now that corporate infrastructures span private and public spaces, security tools can no longer simply be used on the infrastructure perimeter. Instead, the cloud is now the centralized hub where many of the latest and greatest security tools belong.
A SaaS-based security model makes complete sense to me. Now that corporate infrastructures span private and public spaces, security tools can no longer simply be used on the infrastructure perimeter. Instead, the cloud is now the centralized hub where many of the latest and greatest security tools belong.
-
About the Author(s)
You May Also Like