[Updated 7/12/17, 11:37 am. See below.] A new cybersecurity startup from the Boston area is continuing the trend of using machine learning technologies to both fortify and reduce complexity in businesses’ cyber defenses.
Edgewise Networks was founded in the spring of 2016 by Peter Smith, an IT expert and veteran of Endeca and Harvard Business School’s IT department, and Harry Sverdlove, previously the chief technology officer of Carbon Black (formerly known as Bit9). They quietly raised $7 million from a group of local investors and grew the company to 17 employees. Today, Edgewise revealed details about the network security software it has been developing at an office in Burlington, MA.
Traditional firewall programs permit network access based mainly on whether the traffic is coming from a trusted IP address—but IP addresses can be faked. Hackers can also compromise a machine, so the IP address might be legitimate, but is being used for nefarious purposes, Sverdlove says. Firewalls aren’t capable of recognizing that. Some firewall software can also look at the message being sent, but there are still limitations to that approach, Smith says.
Businesses have turned to segmentation, a security tactic that involves walling off different networks within a company’s computing systems from each other, in order to limit the potential damage if one of them gets compromised. But that has drawbacks, too. For one, it can create a “rigid architecture” that makes it difficult for networks to communicate with each other when needed, says Greg Dracon, a partner with .406 Ventures, one of Edgewise’s investors.
Edgewise, for its part, aims to secure business applications running within data centers and cloud software environments by only allowing trusted applications to talk to each other via approved network paths. The company says its product can verify the identity of apps, their users, and the hosts running the programs.
“We’re able to see the request for network resources from the application before the operating system itself sees it,” says Smith, the company’s CEO.
Parts of Edgewise’s product use existing technologies, but the company says the approach it has developed for “mutually validating” the identities of communicating software programs is new. Edgewise has applied for two patents, a spokeswoman says. [This paragraph replaces an earlier statement from Smith to clarify what’s new about the company’s product.]
“We’re collecting the information about how software communicates, not just collecting the identities of the software, so that we can actually tell you how exposed those applications are,” Smith says.
After assessing a customer’s current security risks, Edgewise uses machine learning software to model app-communication patterns and recommend a set of security policies that, ideally, reduces complexity without compromising on protection. (Security policies are the rules that govern access to networks and other elements of organizations’ IT systems.) Part of Edgewise’s strategy is to pinpoint the network communication paths that are necessary for apps to function and are used most often, and to lock down the others so they can’t be exploited by hackers, Smith says.
“We shrink those tens of thousands of what would’ve been unique firewall policies, down to literally a couple dozen policies,” Smith says. “Manageability is a principal focus of what we’re doing here.” The policies are presented in “plain English” so that security practitioners can easily grasp them, even if they’re not deeply familiar with the apps, he adds.
Edgewise fits into a few recent themes in cybersecurity: the integration of machine learning and other artificial intelligence technologies; automation of security tasks; and simplification of cyber defenses. As cyber threats have proliferated and grown more complex, a dizzying array of products has been developed to thwart them. But now, faced with a shortage of skilled cybersecurity workers, there has been an increased focus on developing tools that are easier to use and can lighten the burden of organizations’ security teams.
Edgewise has its work cut out for it, competing in a crowded field of network security providers, which include Illumio, Dome9 Security, Check Point Software Technologies, and AlgoSec, as well as products from tech giants like Cisco and IBM.
One of the challenges for Edgewise will be figuring out how to best position itself in the market, says Dracon, the investor with .406.
“Once you actually dig into what they’re doing, it’s fairly simple, but it takes explanation,” he says. Dracon, who co-leads his firm’s cybersecurity practice, says Edgewise has “come up with one of the more novel approaches I’ve seen in many years.”
Edgewise has shown promise with early users in sectors like legal services, financial services, online retail, and enterprise software, Smith says. The company plans to launch a more aggressive sales push later this year, he adds.
Edgewise adds to Boston’s growing roster of cybersecurity firms, and the company has already garnered plenty of support from the local sector. In addition to .406, Edgewise’s other backers include Accomplice, Pillar, and a group of local cybersecurity executives, including Carbon Black CEO Patrick Morley, Veracode CEO Bob Brennan, former Imprivata CEO Omar Hussain, and Threat Stack CEO Brian Ahern.
Edgewise was the first investment for Pillar, one of Boston’s newest early-stage venture firms. The deal was “a great first project for us in backing two hard-charging, knowledgeable founders in Peter and Harry,” says Jamie Goldstein, Pillar founder and partner, in an e-mail message. “Boston remains a great place to build cybersecurity companies.”