Startup Adallom takes on SaaS security challenges

A new company has emerged from stealth mode with a cloud-based offering intended to help organizations better monitor, audit, and control the use of software as a service (SaaS) by employees. Adallom has spent the last 18 months beta-testing its software with a number of private clients, and this month the company is officially launching and making its product available to the public.

Adallom, which means “last line of defense” in Hebrew, is set up as a reverse proxy and takes the approach of analyzing end-user activity across each cloud-based service an enterprise makes available. The system creates a running profile of each user in order to identify anomalies against normal day-to-day activities. The service already supports a variety of popular SaaS applications such as Salesforce.com and Box, among others.

[ Also on InfoWorld: CSC expands cloud management capabilities with ServiceMesh acquisition | Mirantis brings enterprise-ready OpenStack distribution to the cloud | Track the latest trends in virtualization in InfoWorld’s Virtualization Report newsletter. ]

Adallom was founded in 2012 by cyber defense veterans Assaf Rappaport, Ami Luttwak, and Roy Reznik. As former members of Israel’s cyber intelligence division, the founders have an extensive background in information security that provides Adallom with instant credibility when it comes to solving the security challenges facing the SaaS market.

The company’s approach is prevention through intelligence, bridging the SaaS security gap by enabling companies to prevent attacks, comply with government and industry regulations, monitor, and verify the endless human interactions within SaaS applications.

As much as cloud services are changing the way people work and operate for the better, security has become a huge issue. One of the big questions has emerged: Who is responsible for SaaS security?

“As of right now, SaaS providers are solely responsible for infrastructure security, leaving account activities on the shoulders of their clients,” said Tal Klein, VP of marketing at Adallom. “While on the whole this is a net security gain, as SaaS providers will have more resources to throw at protecting their infrastructure, it has made it nearly impossible for SaaS customers to build and enforce a strong cloud risk management policy.”

Simply put, Adallom believes that while SaaS as a class is secure, its usage is not. Adallom’s software doesn’t aim to control the SaaS applications directly, but instead provide tools to maintain a consistent security policy across the enterprise.

“SaaS has dramatically reshaped the way people work and operate, allowing access to company applications and data from anywhere, on any device,” explained Klein. “However, with a vast increase in SaaS adoption, we are seeing a pronounced security gap where organizations are currently lacking the tools needed to build and enforce a consistent policy. And as SaaS adoption grows, the resulting lack of visibility and control has become even more apparent.”

Adallom helps organizations adopt the cloud while avoiding risks. According to the company, it conjoins discovery, detection, and prevention capabilities to secure cloud activities across all services and devices.

The company’s offering has a number of key features, including analysis of user activity in each cloud service based on contextual heuristics and detection of abnormal activity; visibility to internal, external, and collateral malware threats to SaaS applications; and a centralized audit dashboard of SaaS applications used within the organization.

Adallom tightens security for its clients by monitoring and interpreting employee behavior and building up a user profile for each user based on individual usage. In this way, it can determine changes and unusual usage patterns, then inform the security manager when they occur.

Red flags can be set off, for example, if a user logs in from an unrecognized device or logs in from an unusual location (or perhaps logs in from two geographical locations at once). Addalom can even alert on signs of possible trouble caused by a user logging in from a previously unused browser or if the user is logging in during a time frame that is not typical for that individual.

Today, attackers may not waste their time trying to breach the cloud service’s back end. Instead, they will more than likely focus their attack against the weakest link, which in this case is to go after the end-user.

More and more, cloud services are being used by companies — often times without official support — and accessed by employees across a variety of personal devices that may not be secure. Companies may not even be aware of what their employees are using or how they are using it. This is a major security gap that isn’t being addressed enough.

According to research analysts at Gartner, the market for cloud security services is expected to be somewhere in the neighborhood of $2.1 billion in 2013. While Adallom may believe it has found the Holy Grail to help penetrate this market, it is not alone. Adallom will find itself competing with at least two other startups — Netskope and Skyhigh Networks — that are also interested in keeping a security watch on enterprise employees using cloud-based applications.

Adallom is sold on a subscription-basis with per-user pricing starting at $5 per month per user. The company is also making volume pricing available for private node deployments. The company is initially selling its software direct, but has plans to provide channel support for managed service providers and resellers down the road.

This article, “Startup Adallom takes on SaaS security challenges,” was originally published at InfoWorld.com. Follow the latest developments in virtualization and cloud computing at InfoWorld.com.