Internet security is a hodgepodge of services and hardware appliances that still end up letting in all manner of bad guys to steal data from consumers and businesses in one high-profile breach after another. Now, one company is bidding to provide a simpler, broader approach.

Dallas, TX-based StackPath LLC today is introducing a new Internet security-as-a-service suite intended to serve as a single, unified platform for fighting cyber-threats. It’s designed for the onslaught of Big Data generated by traditional software and services, mobile phones and billions of Internet of Things devices. And all those devices face a growing stream of new threats that current niche solutions requiring lots of human tweaking have trouble stopping.

“Traditionally security has been very people-centric — people staring at screens and being reactive,” said StackPath founder and Chief Executive Officer Lance Crosby (pictured). “That doesn’t fly anymore.”

If the vision sounds ambitious, Crosby has the bona fides to attempt it. He founded and served as CEO of SoftLayer, a server hosting and cloud computing company that IBM bought in 2013. It’s now the foundation of IBM’s cloud division.

Broad suite

Crosby aims to provide a broad suite of common Internet services built with security in mind from the outset. While at IBM for almost two years, Crosby said, he sold a lot of individual security products such as firewalls. He found both a gap in products that could scale to tens of millions of machines and rampant fragmentation at all levels of data centers, from hardware to networks to applications.

After leaving IBM, he figured he might build a company through acquisitions, but quickly found he could fulfill his vision only by writing a new “threat intelligence engine” that uses machine learning to continually find and contain new threats across a wide variety of services.

The first service, available this month, is a content delivery network from one of four acquisitions the company has made, MaxCDN. “A CDN makes sense as a first product, because it’s a technology clients understand and it collects a lot of data,” said Eric Hanselman, chief analyst at market researcher 451 Research LLC.

That last is key, said Crosby, because StackPath’s system will need lots of data to understand what a typical network should look like. The other products to come will be based on acquisitions of the Web application firewall provider Fireblade Ltd., the virtual private network company Cloak and Staminus Communications Inc., a maker of anti-distributed denial of service (DDOS) technology (which earlier this year suffered a major data breach).

StackPath, which also counts former CenturyLink Inc. Senior Vice President Andrew Higginbotham as president and chief operating officer, has raised a formidable $150 million in a first funding round from the Boston private equity firm ABRY Partners LLC. Some of that will go to further acquisitions.

Dozens of services

Crosby isn’t going to revolutionize Internet security overnight. “It’s going to take dozens more services over the years,” he said.

StackPath expects to sell its services over the Web, hoping to reach enterprise buyers by the time-honored method of “rogue” departments trying the service and then spreading it throughout the company. The CDN starts at $20 a month for 200 GB of bandwidth a month.

The company will compete directly or indirectly with just about every company in Internet security. “Ultimately we’ll give a lot of security companies a hard time,” Crosby said. But he also anticipates they will be “frenemies” because those companies may use StackPath’s APIs to offer customers protection in areas not covered by their own products.

With a new approach to a bet-your-business kind of service, StackPath has a selling job ahead of it. “You’ve got to have customers who understand how to deal with the service,” said Hanselman. In particular, companies often have a hard time bridging the gap between developers who create never-really-bulletproof software and the security protections against such flaws.

“Right now, developers don’t get feedback on problems security people and companies see,” said Hanselman. He thinks StackPath’s approach will play well to companies that have already implemented a DevOps approach, which emphasizes developers working more closely with other information technology staff. “Ideally this could help fix the defects earlier.”

Crosby spoke with theCUBE, owned by the same company as SiliconANGLE, at the IBM Pulse 2014 conference:

Photo from StackPath