Andrew Hay

Quick Post: Columbiana Quote

Andrew Hay — Thu, 03 May 2012 14:56:45 +0000

On my day off I decided to watch Columbiana and heard a very astute line about painting that really made me think. The line was:

“You never finish a painting… You just stop working on it.”

Which itself was paraphrased from a Leonardo da Vinci quote:

“Art is never finished, only abandoned.”

The same can be said about security:

“You never finish security, you just stop working on it.”

The unfortunate reality is that many organizations see security as having a finish line, but that’s just not the case. The only way to ‘finish’ security is to stop working on it.

Maybe tomorrow I’ll want to settle down…

Andrew Hay — Thu, 03 May 2012 14:46:27 +0000

If you grew up watching the Littlest Hobo on TV like I did, the lyrics to the song have a certain place in your heart. That being said I wanted to announce that after two very fun and educational years at 451 Research, I’ve accepted the role of Chief Evangelist at a hot cloud security startup in the San Francisco area. I’m really excited for the new role and opportunities that come with the job.

I can’t give all the details now but I will announce the company name the week of May 14th (I’ll even let Beaker make the official announcement as per the direction of the Twitter Lords).

CloudPassage adds Windows support, unveils new product packaging and raises $14m

The 451 Group - search results — Wed, 18 Apr 2012 11:29:00 +0000

CloudPassage has grown its headcount to more than 30 employees over the past 12 months and with it the company's Halo-based portfolio. The company has introduced two new packages above and beyond its free Basic package, two-factor authentication, file integrity monitoring (FIM) and an exposed API for third-party management and interaction. Perhaps the most important capability, however, is support for Microsoft Windows. CloudPassage also recently announced that it landed an additional $14m in funding led by Tenaya Capital, with participation from previous investors Benchmark Capital and Musea Ventures. Brian Melton, managing director at Tenaya, has joined CloudPassage's board of directors. The company's previous round was led by Benchmark and saw Kevin Harvey, general partner at Benchmark, join the company's board. This latest round brings CloudPassage's total funding to $20.5m, and will likely be used to expand the company's headcount and fuel the development of additional products.

(Read the full report here. A 451 Research subscription is required but a free trial is available here).

Tenaya, with help from Benchmark and Musea, inject additional funds into CloudPassage

The 451 Group - search results — Wed, 11 Apr 2012 08:58:51 +0000

San Francisco-based CloudPassage announced that it landed an additional $14m in funding led by Tenaya Capital, with participation from previous investors Benchmark Capital and Musea Ventures. Brian Melton, managing director at Tenaya Capital, will join CloudPassage's board of directors. The company's previous round was led by Benchmark and saw Kevin Harvey, general partner at Benchmark, join the company's board. This latest round brings the company's total funding to $20.5m, and will likely be used to expand CloudPassage's headcount and fuel the development of additional product roadmap items.

Firewall spring: Palo Alto Networks adds to its security bounty with an IPO

The 451 Group - search results — Tue, 10 Apr 2012 15:26:00 +0000

With the spring thaw, new life emerges from its slumber, and it seems that companies are following suit. After a long, cold recession, we're starting to see hopeful signs of blossoms, particularly in security. Proofpoint broke the ice in December 2011 with a planned $50m IPO, and Splunk followed in January with its own $125m debut. (Both of those companies are expected to price next week.) Although SafeNet pulled its offering last month, the forward momentum is clear, with Palo Alto Networks' filing being the latest and largest at $175m.

Palo Alto has enjoyed a high profile in the industry, with its application control features that prompted many other vendors to add them to their own lines. Despite the current competition, the company enjoys an enviable popularity rating: it was listed at the top of the 'exciting vendors' list in the latest security survey of IT executives by TheInfoPro, a service of 451 Research, and with 44% of respondents saying they would be spending more money on application-aware firewalls in 2012, Palo Alto looks to benefit most from the firewall fever.

(Read the full report here. A 451 Research subscription is required but a free trial is available here).

Splunk updates its App for Enterprise Security; includes better incident management

The 451 Group - search results — Mon, 09 Apr 2012 11:39:00 +0000

San Francisco-based Splunk has released version 2.0 of its Splunk App for Enterprise Security to reinforce its commitment to the security capabilities of the company's flagship software for collecting, indexing and harnessing machine data. Tied closely to its Splunk App for Enterprise Security 2.0 release, the company released Splunk Enterprise 4.3 with a focus on ease of use, manageability and a new non-flash user interface aimed at enabling the use of mobile devices for viewing and managing the product. Finally, Splunk has been granted US Patent No. US 8,112,425 B2 – a timely award given Splunk's pending IPO. This is Splunk's second patent. In 2011, Splunk was issued a patent for organizing and understanding machine data through use of a 'machine data web.' The technology covered by these patents helps power Splunk Enterprise 4.3.

(Read the full report here. A 451 Research subscription is required but a free trial is available here).

Easy SIEM survey

Andrew Hay — Thu, 05 Apr 2012 16:16:22 +0000

Please take a moment to fill out my survey on new SIEM development delivery options: http://app.fluidsurveys.com/surveys/andrewsmhay-v/new-siem-requirements/.

It’s free and no personal information will be recorded.

Qualys enhances its QualysGuard Cloud Platform

The 451 Group - search results — Thu, 05 Apr 2012 11:53:00 +0000

After adding several new products and services to its growing security and compliance portfolio, Qualys let the cats out of the product roadmap bag at the annual RSA Security Conference in San Francisco. The vulnerability management company announced enhancements to its QualysGuard Cloud Platform, including the new QualysGuard Customizable Questionnaire service, WAF, Enterprise Edition of the QualysGuard Malware Detection Service, virtualized scanners, Dynamic Asset Tagging technology, and the Zero-Day Risk Analyzer that includes VeriSign's iDefense zero-day vulnerabilities and global threats.

We suspect that the Customizable Questionnaire service and Dynamic Asset Tagging enhancement provide a glimpse into what a Qualys-backed IT GRC platform might look like should the company decide to move into that space – something we suspect will eventually happen as the company moves forward. The company's investment in malware-related products shows that Qualys plans to diversify its portfolio and provide proactive products to address threats. It also doesn't hurt that Qualys' diversification strategy is allowing for tuck-in product and services sales to help bolster its bottom line by preventing additional dollars from going elsewhere.

(Read the full report here. A 451 Research subscription is required but a free trial is available here)

Clear-cutting or selective harvesting? TIBCO brings LogLogic out of the woods

The 451 Group - search results — Wed, 04 Apr 2012 13:09:00 +0000

TIBCO Software has announced that it has signed a definitive agreement to acquire log and security management vendor LogLogic. The company says that adding the San Jose-based log player will expand TIBCO's operational intelligence offerings while enabling customers to monitor real-time events, assess risks and address emerging threats and opportunities. TIBCO claims that LogLogic will build on its capabilities in event processing and in-memory analytics to provide additional compliance, security and operational visibility.

TIBCO's reach for LogLogic marks the third significant SIEM acquisition by a publicly traded buyer in the past half-year. However, it is the first recent purchase by a company that didn't have an existing security offering. (The earlier pickups of Q1 Labs and NitroSecurity, which printed on a single day in early October, were made by IBM and McAfee, respectively.)

According to our understanding, LogLogic's trailing sales would put it between the two SIEM startups that were acquired last fall. We estimate that 10-year-old LogLogic, which counted some 1,000 customers, generated just under $40m in revenue last year. LogLogic's growth rate may also not have been as healthy as NitroSecurity or Q1 Labs'. We suspect that may also be reflected in the multiple that LogLogic got in its sale. While Q1 Labs fetched almost 9 times trailing sales and NitroSecurity got more than 5x trailing sales, we would put the multiple for LogLogic below that. Loosely, we would pencil out the purchase price, which wasn't disclosed by TIBCO, at somewhere in the neighborhood of $125m.

(Read the full report here. A 451 Research subscription is required but a free trial is available here)

AlienVault further ‘Fortifies’ its board with the addition of John Jack

The 451 Group - search results — Wed, 04 Apr 2012 08:48:35 +0000

How many former Fortify Software employees does AlienVault need to execute its future plans? Apparently one more than it had – the company has announced the addition of former Fortify Software CEO John Jack to its board of directors. Jack has over 30 years of experience in sales, executive management and open source software with companies like Sybase; Vantive (later acquired by PeopleSoft); Covalent Technologies (later acquired by VMware); and, most recently, Fortify Software, which was acquired by HP in August 2010 for what is believed to be somewhere in the neighborhood of $275m.