RSA Conference announced the 10 finalists for its annual Innovation Sandbox Contest. The competition is dedicated to encouraging out-of-the-box ideas and the exploration of new technologies that have the potential to transform the information security industry.
The 2015 event marks 10 years since the event launched at RSA Conference 2005 as Innovation Station. Past winners include Sourcefire, Imperva, and most recently RedOwl Analytics.
On Monday, April 20, 2015, each of this year’s finalists will demonstrate its technology to conference attendees, as well as a judging panel that includes:
- Asheem Chandna, partner at Greylock Partners
- Gerhard Eschelbeck, VP of security engineering at Google
- Renee Guttman, VP for information risk at Accuvant
- Patrick Heim, head of trust and security at DropBox
- Paul Kocher, president of Cryptography Research.
The finalists will also deliver a short presentation to the judges who will determine the “Most Innovative Company at RSA Conference 2015.
The finalists for “Most Innovative Company at RSA Conference 2015” (in alphabetical order) are:
Bugcrowd’s Crowdcontrol management platform centralizes communication and submission triage between companies and security researchers around the world, letting them review, validate and reward researchers in a timely and organized fashion. Crowdcontrol streamlines the submissions in one place, and allows multiple analysts to easily mark and track statuses on its secure platform.
The Cybereason Endpoint Detection and Response Platform leverages big data, behavior analytics and machine learning to uncover, in real-time, complex cyberattacks designed to evade traditional defenses. It automatically investigates and connects isolated malicious events to visually present a full cyberattack as it unfolds.
Fortscale’s flagship product helps enterprise security analysts easily identify user-related threats, malicious insiders, compromised accounts and risky access to data through state-of-the-art User Behavior Analytics (UBA). Fortscale utilizes enterprises’ existing data sources, including SIEM, Splunk, and other “big data” repositories, and applies advanced machine learning algorithms to automatically profile user behavior based on historical patterns and peer profiles.
NexDefense’s Industrial Network Anomaly Detection solution, Sophia, is a patent-pending technology that helps operators of automation and control systems quickly identify and respond to potentially malicious behaviors. Sophia automatically discovers all active devices on the control system network and provides a live visual representation of the network activity, which allows users to continuously monitor the networks in order to alert on all unexpected or anomalous events.
SecurityDo’s Fluency is the first breach information event management system, which determines security breaches early. Fluency discovers and tracks failures from security prevention devices by cross correlating event data with alerts and providing real time interactive search. As one of five companies will have a breach, Fluency answers the question, “Did my security protect me?”
SentinelOne’s Endpoint Protection Suite is a full anti-virus replacement product that unifies endpoint protection. Its predictive execution inspection technology dynamically monitors endpoint processes to detect, predict, block and remove both known attacks and zero-day, advanced malware in real time.
Ticto makes the next generation ID badge: the tictopass, a patent-pending smartcard with a large e-paper screen and color lights that continuously display secure visual passwords. With tictopass, any person can visibly and securely identify those in a crowd who have valid credentials and permissions. The tictopass is “visual crowd authentication” for any work, safety or security environment.
TrustInSoft Analyzer is a source code analysis tool based on Frama-C, an award-winning open-source framework invented and patented by TrustInSoft computer science researchers. TrustInSoft Analyzer can mathematically guarantee that a given source code is free from even the most insidious known flaws—including undefined behaviors such as buffer overflows.
The Vectra Networks X-series platform is a new class of advanced persistent threat (APT) defense delivering real-time detection and analysis of active network breaches. Vectra technology picks up where perimeter security leaves off by providing deep, continuous analysis of both internal and Internet network traffic to automatically detect all phases of a breach as attackers attempt to spy, spread, and steal within a target network.
Waratek’s AppSecurity for Java protects applications from sophisticated attacks without having to install network devices or make code changes. AppSecurity for Java embeds security into the Java run-time layer, not in the app itself. A granular security rules engine provides monitoring and control of all key application behaviors to virtually patch legacy vulnerabilities, and identify and optionally block attacks, with minimal performance impact.