Ziften CEO Chuck Leaver

The pileup of high-profile security breaches in government and corporate networks (Sony) has prodded investors toward cutting-edge cybersecurity firms that help track and prevent attacks. Austin-based Ziften is among those companies that have recently attracted a powerful round of funding to help develop and expand their security capabilities.

Ziften’s funding announcement comes amid a growing debate over how to best handle these costly intrusions and how hackers may exploit our increasing web-connected devices.

As momentum grows from both attackers and cybersecurity firms, Austin Inno asked Ziften CEO Chuck Leaver to help put these developments in perspective.

Why is endpoint security one of the hottest sectors in tech right now?

“Because that is where the vulnerabilities live, both in terms of the actual devices, the software and apps they run, and the users themselves. Research continues to show that the endpoint is the largest threat vector for companies and we now know that the concept of full prevention of attacks is not realistic. Thus endpoint security has really entered into a new generation of technologies like Ziften that allow companies real-time and always-on visibility of every endpoint so that they can more rapidly detect attacks and know exactly how to respond. Our users are seeing, on average, a 70% reduction in their incident response time because of this continuous endpoint visibility, and we all know that in security every minute counts.”

The internet of Things opens many businesses and consumers up to new vulnerabilities. In what ways are intruders exploiting these products?

“The IoT arena is estimated to grow to around 50 billion connected devices by 2020, but scarier is the fact that the average connected device has more than 20 identified security vulnerabilities. Attackers simply see these as an extension of the endpoint and the threat vector getting larger and larger. Certainly there will be attacks centered at the devices themselves, for example automobiles, but the true issue is how these devices are connected back into much larger and more lucrative systems that companies must protect.

“Let’s be honest, before the ‘Internet of Things’ we weren’t really doing a great job with security anyhow.”

“Let’s be honest, before the ‘Internet of Things’ we weren’t really doing a great job with security anyhow, so we have to start thinking differently about how this growth in endpoints must be protected and in many instances break free of some of the legacy ideas around endpoint security.”

Ziften helps businesses identify security vulnerabilities. Once identified, what are companies doing to hold intruders accountable?

“Each company, each vulnerability, and really each endpoint is different, and we strive to also bring flexibility into the response mechanism using Ziften. For example, we allow users to respond with network isolation, basically removing an endpoint from the network and quarantining it off while more in-depth analysis can be done. In other cases users can terminate the threat itself and stop it from permeating that endpoint and beyond. And finally, in many cases our customers look to automate this type of workflow and build rules that allow them to eliminate the current alert fatigue and manual process to deliver only the intel they need to make these types of decisions.”