The growing threat from Mirai and other new malware strains that can hijack millions of devices at a time is driving companies to revamp their security defenses. ZingBox Inc., a startup spun out of Stanford University’s incubator program, wants to help ease the task.
The Mountain View-based firm is launching a new security platform today that promises to help organizations better defend the rising number of connected devices in their networks. Dubbed IoT Guardian, the software implements an approach that ZingBox’s founders hatched during their time at Stanford to identify compromised gear without having to install a resource-intensive monitoring agent on each end-point. Instead, its threat detection algorithms look for anomalies by analyzing data traffic.
The process starts with IoT Guardian figuring out what devices a company uses. ZingBox claims that the platform can individually identify the product category under which a given end-point falls, pinpoint its make and then repeat the process until the entire network is fully mapped out. The algorithms under the hood then start monitoring the traffic generated by each node to understand what constitutes normal activity and isolate anomalies.
It’s a similar strategy to what the recently funded Nozomi Networks SA is pursuing with its SCADAguardian platform. But whereas the latter system focuses primarily on industrial gear, IoT Guardian works with a much broader variety of devices ranging from sensors to medical equipment. Moreover, ZingBox says that its algorithms correlate each end-point’s activity data with metrics from similar devices in other locations to produce a more accurate behavioral model.
When IoT Guardian identifies a threat, it can either alert administrators or take action on its own by harnessing a company’s firewall. The software works with popular products from Cisco Systems Inc., Palo Alto Networks and several other leading security providers.
The startup’s technology has proven so promising that, according to co-founder and Chief Technology Officer May Wang, her team received its first buyout offer just a year after forming. ZingBox has instead decided to stay independent and rely on partners to promote IoT Guardian. The platform is available immediately under a subscription pricing model tied to the number of devices that a company wishes to protect.