Security information and event management or SIEM is a natural for offloading to cloud resources and more than a few competitors are offering security as a service products now as cost-competitive alternatives to big-iron security appliances.
ProtectWise was founded by CEO, Scott Chasin and CTO, Gene Stevens, who both formerly worked for McAfee--Chasin serving as CTO for three years prior to the company’s acquisition by
The problem with most security threats is that by the time you learn about new threats like zero day exploits, you’ve probably already been compromised and patching things up today only fixes things moving forward. It’s not easy to see what may have been previously hacked or where, when, or how—not to mention if it’s still ongoing and what may have been lost in the process. However, if security experts could rewind that threat like your favorite reality TV show you record, it could be hugely powerful for damage control and resolution. That’s the first hook of ProtectWise. The company has developed the first “network DVR and time machine” that allows you to save your network traffic to the cloud and then play it back for retrospective security analysis. The way they do it is really quite simple but simplicity, as the saying goes, is often times the ultimate sophistication.
ProtectWise consists of three main components, software security sensors (essentially cameras), a cloud security analytics platform that runs currently on Amazon AWS and what could be one of the best security analysis dashboards I’ve ever seen. The sensors basically record all network traffic wherever they’re installed (wherever you point your security cameras) and can be configured to capture light packet metadata like netflow or headers or the entire packet. With the platform you can then go back in time, replaying your network from months ago if you need to, and see where and when the exploit happened, if it’s still a threat and what the bad guys got away with. How you do this is where the solution gets all sci-fi and is pretty slick.
Early in their start-up phases, ProtectWise hired one of the Visual Effects artists, that worked on the movie Tron Legacy, to develop a security HUD (Heads-Up Display), a dashboards of sorts. It was a smart move because anyone in IT and the enterprise knows that a really good dashboard sells big time. The ProtectWise HUD is pretty amazing actually and offers a complete visualization of not only your network and all of its connections and traffic flow but also all of the, viruses, hacks and malware that are detected in detail, with a timeline of severity as they progress through different threat levels. The ProtectWise “KillBox,” as they call it, allows you then to drill down and assess the threat and from there you can assign it to someone in your organization for clean-up or address it directly.
It’s all pretty ingenious and since you’re on a cloud security service, you not only get this impressive retrospective analysis of your network but predictive threat analysis as well, since the ProtectWise cloud is always learning about new threats from other customers and networks.
ProtectWise seems well-poised for growth with this technology and with major customers like