Israeli cyber security startup Fortscale sees real time threat detection as a partial focus toward a full scale solution
Catchphrase of the year – Big Data. Embodied in these two words is the notion that there’s so much information out there containing the answers to all our operational needs, and it’s all just sitting there on a bunch of servers right at our very fingertips, if only we knew what to query and when. This relatively new realization has seen the launch of a bandwagon of startups addressing numerous issues ranging from CRM software to predictive financial algorithms.
One specialty area in which Israel has seen particular success as of late, both in terms of attracting investment and large scale exits, has been that of cyber-security. Apparently there’s something intriguing about a company who traces its roots back to military grade hacker warfare and who apologizes to their would-be benefactors that they cannot give away the secrets to their craft, yet still they ask them to pay millions of dollars for the ensured security and integrity of their financial institution – and these companies are still forking over the cash!
In this increasingly (and justifiably so) paranoid digital world we live in, these are the new rules that companies must play by. However, the exact landscape of the next-gen cyber security solutions has not yet fully settled and several broad based strategic directions are being mapped out by the various players involved. Corporations and financial institutions are beginning to hear repeating themes represented by a group of concept phrases that continue to turn up in pitch after pitch; Bring Your Own Device (BYOD), Zero-Day attacks, endpoint protection, server side protection, phishing, malware – the list goes on. One thing that most the solutions being suggested for all of the above have in common is the emphasis on real-time threat assessment. One company asked themselves if perhaps this hyper focus on ‘real-time’ has caused cyber security companies to forget a major part of the security equation – History.
Not judging a book by its real-time cover
Israel based Fortscale is a Big Data machine learning algorithms platform that measures past and present behavior for a total picture assessment of activity taking place on client systems, both in the present and over the course of time.
According to the company, Big Data repositories are designed to pull in as much relevant data as possible (e.g., logs, security events, flow data), but what does the average security team do with all this information? How are patterns detected and effective courses of action plotted out? For systems running on environments like Splunk, Greenplum, Vertica and Hadoop, as well as traditional SIEM systems, Fortscale’s dynamic machine learning algorithms profile behavior of users and entities across multiple log sources (e.g., Active Directory, Logins, SSH, DNS, VPN, applications, file share access, etc.) without the use of pre-defined heuristics or signatures. These algorithms understand what is important or risky even if the security team is not sure what to look for.
In an interview with Geektime, Fortscale Co-Founder and CEO Idan Tendler explained that, “Trying to detect threats in real time is almost impossible. Big Data has matured to the point where we can now go back and source a vast history of user behavior to profile activity, which provides a much clearer picture of what’s going on in the system.”
Think about it like Airport security style, individual profiling. At best, a security agent questioning a passenger on line can only guess as to what’s really going on inside their head. But you also have a computer profile of that person’s history; are they wanted for any crimes, have they been sighted for any past behavior? Such red flags are how law enforcement runs preventative crime systems in nearly every other criminal industry, so why shouldn’t public and private enterprise not steal (bad choice of word) this proven methodology and apply it toward cyber hacking as well?
Fortscale was founded in late 2012 by Idan Tendler and Dr. Yona Hollander. The company has so far raised close to $2M from Shaul Shani’s Swarth Group. Joining Fortscale’s advisory board are former CISO of Citibank and Merrill Lynch, Steve Katz, and the former CISO of Paypal and VP Security of American Express, Michael Barret. The company’s solution is currently in its private beta and is operating at several undisclosed enterprise operations in the US. Fortscale employs approximately 20 people spread between their two locations in Tel Aviv, Israel and New York, USA.