The IDS is based on the open source Suricata engine. The open source ruleset that goes along with Suricata comes from the Emerging Threats project. That is different from Emerging Threats Pro, which is a commercial enterprise set up to apply quality assurance to the Emerging Threats ruleset so it is more likely to find its way into commercial products. Jonkman says an open source community alone could not afford the equipment needed to do top-notch QA.
That sounds a lot like the relationship between the Snort IDS engine and Sourcefire, and it is. But Emerging Threats Pro touts its multi-threading support that effectively boosts the potential line speed of IDSs that use it. And the Emerging Threats rules are compatible with the Snort IDS engine, so they can be used to augment Snort as well as other IDS rulesets that incorporate Snort.
The company has a number of partners including Bridgeway Security, Critical Intelligence, Digital Pathways, Kaspersky Labs and Nitro Security, among others, which use Emerging Threats in various ways. Kaspersky, for instance, partners with Emerging Threats Pro to help expand its ruleset based on new malware it detects in its labs. It also uses the ruleset for its internal research.
Given its potential to work its way into a variety of commercial security platforms and its open source community that provides quick responses to new threats, Emerging Threats Pro is a company to watch.
Headquarters: Sterling, Va., and Toronto Founded: 2009 Funding: $29.5 in Series B and C funding in 2011 from Extreme Venture Partners, Horizons Ventures, iNovia Capital, Kleiner Perkins Caufield Byers, Panorama Capital and Rho Ventures Canada Leader: CEO and founder Rick Segal |Fun fact: Core Fixmo technology was developed by the National Security Agency.
Why we're following it: As mobile devices increasingly make their way into corporate networks, it becomes more important to make sure they comply with security policies and stay that way.
Fixmo addresses this concern with software that continuously monitors mobile gear so it remains in authorized, trusted states, helping to prevent data loss and other security breaches. It also sets down audit trails to prove that devices maintained trusted state in order to satisfy regulators.
Perhaps more important, Fixmo addresses the problem of bring your own device: How does a business allow employees to access corporate resources via their personal device (smartphone, tablet, etc.) without exposing those resources to the dangers inherent in unrestricted private use of the device? An employee hitting websites in the absence of URL filtering and downloading unvetted apps could compromise the gear and therefore valuable company information. Or a compromised device could be used as a means to compromise the network to which the device connects.
Sign up for MIS Asia eNewsletters.