Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Security Management

9/28/2017
03:35 PM
Simon Marshall
Simon Marshall
Simon Marshall
50%
50%

Fortanix Has Series A Funding for Run-Time Encryption

Fortanix has introduced new technology for run-time encryption to protect sensitive data.

Private data can be protected when it's at rest. It can be protected when it's in transit. But what about when it's being accessed by applications?

Run-time encryption is a solution to this problem, and it's the latest technology to emerge in cloud-based security. Essentially, it is aimed at protecting applications and data during use and computation. The clever part of this is that it allows general computation tasks to be executed on encrypted data.

At the moment, such tasks end with the data being decrypted and it is at that moment that hackers can swoop in and exploit this as a weakness that offers up control over free private data. "Without run-time encryption, once the hacker gets inside, the game is over," Ambuj Kumar, CEO and co-founder of Fortanix, told SecurityNow, "They take control of the data immediately, and can either analyze it there and then or send it to a remote server for analysis."

In short, the data then belongs to them and can't be accessed any more by the host target. The answer of course is not to make sensitive data available to any untrusted operating systems, root users, cloud providers or insiders in the first place.

"We set out to create a means to protect applications directly, regardless of the trustworthiness of the computing infrastructure," said Kumar. Welcome to an era of securing data-in-use. Kumar -- previously chief architect at Cryptography Research and Anand Kashyap, CTO and co-founder, formerly an engineer at Symantec and VMWare -- spotted this weakness, and in 2016, and the company was born.

Fortanix exemplifies the new security paradigm of accepting that at some point, systems will be hacked: it's no longer good enough to try and hold the perimeter. It's a case of not if, but when. As hackers break into a server, they may have penetrated security to get there, but the data with run-time encryption is still scrambled and therefore unreadable. It's a technology which natrually comes into its own when it provides the security for applications which are in the cloud.

Kumar believes the run-time encryption concept could apply to many other systems and applications where this functionality would be a plus. Currently, Fortanix leads with a product it launched last week called SDKMS (Self-Defending Key Management Service), which is its application of run-time encryption that the firm holds pending patents to. Kumar says it has emerged from beta and is now under limited GA since his company is still developing the sales resources to serve the apparent demand. SDKMS is a key management service, based in the cloud, which the company claims is the first one to be Intel SGX-based, offering data enclaves, the protected areas of execution in memory.


Want to learn more about how LTE-A Pro and Gigabit LTE will impact the 5G market? Join us in San Francisco for LTE Advanced Pro and Gigabit LTE: The Path to 5G event -- a free breakfast collocated at Mobile World Congress Americas with a keynote address by Sprint's COO Günther Ottendorfer.

"Our key market is the financial properties because they have important data to protect, and they can afford new systems," jokes Kumar. Included too is the government sector, because it holds state secrets but importantly is the target for the most advanced hackers.

Fortanix has to date taken two rounds of funding, one a seed round from an undisclosed source, the other -- closed in early June -- a series A round for $8 million from Foundation Capital and NeoTribe Ventures. Fortanix' first two publicly announced customers are Lending Club and IBM.

It's a brand-new technology, so was it hard to convey the technical aspects to potential investors? What was the VC community's reaction to Fortanix?

"Initially, no one understood," said Kumar. "Many folks in the VC community claim to find funding for technologies with new angles. Most of them understand the money, but not technology."

Related posts:

— Simon Marshall, Technology Journalist, special to Security Now

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/17/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8225
PUBLISHED: 2020-09-18
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away information about used proxies and their authentication credentials.
CVE-2020-8237
PUBLISHED: 2020-09-18
Prototype pollution in json-bigint npm package < 1.0.0 may lead to a denial-of-service (DoS) attack.
CVE-2020-8245
PUBLISHED: 2020-09-18
Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11....
CVE-2020-8246
PUBLISHED: 2020-09-18
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-W...
CVE-2020-8247
PUBLISHED: 2020-09-18
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-W...