25 leading IoT security companies
Back in 2014, McAfee, which was then a part of Intel, defined a strategy for safeguarding IoT applications, designed to help secure IoT devices across a range of environments, assuring that connected devices work as intended. The strategy also provided support for industry and privacy standards. McAfee also provides important research for the IoT industry. For instance, in April it provided a substantial analysis of the Mirai botnet attack against DNS provider Dyn.
The company offers a range of products suitable for many IoT applications. For IoT projects compatible with agents, it offers McAfee VirusScan Enterprise 8.8 and McAfee Endpoint Security 10. It also offers McAfee Embedded Control and a host intrusion prevention platform to help prevent the spread of malware across IoT networks. Other products suited for IoT applications include McAfee Threat Intelligence Exchange and Advanced Threat Defense. Finally, the company’s Network Security Platform and Endpoint Threat Defense and Response software can also help identify and mitigate IoT-related threats.
12. NewSky Security
One of the few startups to focus solely on IoT security, NewSky Security is a venture-backed company that offers network traffic monitoring of connected devices and real-time anomaly detection. It offers two deployments: One is an agent-based technology that can be installed on routers while the other is an agentless deployment for traffic monitoring. NewSky employs security researchers who study IoT-based malware, adding it to its threat intelligence database. The company was founded by Song Li, the current CTO of the firm, who is a white-hat hacker and a security veteran with experience at McAfee, Symantec, eBay, Intel and Expedia.
Headquartered in Redmond, Washington, the company employs about 30 security researchers across the world. Its customer base includes Zillow, Facebook, China Telecom, Qualcomm and Baidu.
The roots of NewSky Security lie in a 2014 conversation between Li and his suburban Seattle neighbor Scott Wu, then a research manager at McAfee. Li mentioned to Wu that he had discovered a vulnerability in a popular retail app. The two then started brainstorming on how to improve security of mobile devices and IoT and later decided to found a company to pursue a shared cybersecurity vision.
At the heart of NewSky’s security offerings is a IoT Halo, security software that at once encrypts traffic from IoT devices to the cloud while also detecting anomalies that could indicate a security breach.
The company’s research has been featured in Ars Technica, TheNextWeb, DarkReading and in other outlets.
13. Palo Alto Networks
An established player in enterprise network security, Palo Alto Networks was founded in 2005 and has become a leading maker of firewalls, which continue to be an important technology for securing IoT networks, whether in the enterprise or industrial realm. The company’s security platform scans networks and IoT devices, including controllers, to identify infected devices and block suspicious traffic. The company has also done research on IoT honeypots, which it shared earlier this year at the Black Hat security conference. Thanks to its advanced firewalls, the company has been featured in Gartner’s Magic Quadrant from 2011 to 2017.
Founded in 2010, Praetorian offers penetration testing and security evaluation services for an array of applications. In 2015, the company launched a dedicated IoT-based end-to-end security testing service. Those testing services include everything from embedded device and firmware testing, to verifying that wireless protocols, cloud services and applications are being used correctly. Praetorian also offers code analysis, reverse engineering, threat modeling and research tailored for connected device security. It can help its customers achieve a defined security level using the Application Security Verification Standard (ASVS) from the Open Web Application Security Project (OWASP), which identifies a model specifying cursory, opportunistic, standard or advanced security levels. Praetorian then uses the ASVS model to select the desired level of security for 17 criteria specified for IoT applications, which ranges from architecture, design and threat modeling to web service controls. The firm’s Diana platform offers subscription-based security monitoring for IoT and other IT technologies.
The quickly growing company was named to Inc.’s 5000 fastest growing companies list in 2015 and 2016 Inc. The company is also a member of the “Fast 50,” a ranking of the quickest-growing companies in Austin, Texas.
Current customers of the company include GE, Samsung, Whirlpool and Microsoft.
15. Prove & Run
The French company was founded by Dominique Bolignano, Ph.D., in 2009. Bolignano was formerly the CEO and founder of Trusted Logic, which would be eventually acquired by Gemalto. Prove & Run offers off-the-shelf software designed to dramatically improve the security of connected devices to protect them against hackers. The company’s secure OS microkernel (ProvenCore) and hypervisor (ProvenVisor) provide OEMs, chipmakers and device makers with a scalable and secured technology for ARM Cortex-A- and Cortex-M- based devices. Its ProvenCore-M for ARM v8-M architecture is compatible with ARM’s new Platform Security Architecture and won the embedded award for software at the Embedded World show in Nuremberg, Germany. Prove & Run was also named to Gartner’s 2017 Cool Vendors in IoT Security list and was given the Innovative SME Award in 2017 at the Forum International de la Cybersécurité. The company serves several vertical industry sectors including automotive, railway, aeronautics, energy and manufacturing.