Cavirin
What they do: Develop automated cybersecurity tools.
Problem they solve: Organizations migrating to the cloud have a difficult time maintaining continual security across their hybrid deployments. Existing approaches are time-intensive and prone to error, optimized for either on-premises or the cloud, but not both.
To keep up with modern threats, cybersecurity tools must keep track of what VMs or bare-metal servers have what workloads, where they start and stop, and then the tool must apply appropriate frameworks.
To make matters more complicated, this can’t be a single-point-in-time analysis. The system must continually scan all images running in production, as well as addressing access control issues.
Given that developers may download public images, cloud security must ensure that these images are secure. “Docker Hub may be one thing, especially when combined with Docker Security Scanning,” a Cavirin representative said, “but some unknown open-source site may expose the developer to risk, no different than when downloading laptop software from an unknown site. A recent analysis by Federacy states that 24% of Docker images have significant vulnerabilities.”
How they solve it: Cavirin reduces the chance of breech for organizations by providing continuous security assessment and remediation across physical, public, and hybrid cloud workloads for AWS, Microsoft Azure, Google Cloud Platform, VMware, KVM, and Docker.
Backed by $20M, #Big50-2017 #cybersecurity #startup Cavirin provides automated continuous cloud security. Click To TweetThe startup’s cloud-agnostic solution offers continuous visibility, is agentless and API-driven, and scales to the largest physical and virtual infrastructures. For regulated industries, Cavirin offers up-to-the-minute compliance assessments, supplying audit-ready evidence as measured by major regulatory and security best-practice frameworks, including CIS, DISA, PCI and HIPAA.
Headquarters: Santa Clara, CA
CEO: Dr. Rao Papolu, who previously served as COO of SRA America. Before that, Dr. Papolu served as GM of Moldflow Japan, taking the company through to an IPO and subsequent acquisition by Autodesk.
Year Founded: 2012
Funding: $20 million from SRA OSS.
Competitors include: Dome9, Evident.io, Qualys, Tenable, Rapid7, Redlock, Threatstack, Cloudpassage, Cloudcheckr, and AlertLogic.
Customers include: SugarCRM, Zephyr Health, Gainsight, Grainger, and PayNearMe.
Why they’re in the Big 50-2017: First, for a cybersecurity company, Cavirin has an impressive number of on-the-record customers. Second, the startup hit or exceeded its marks as far as fundamentals are concerned (funding, team, market positioning, etc.). Finally, Cavirin has had a strong 2017, adding several important new features to its platform, including continuous security protections for Docker and Google.
