The Most Innovative Security Products Of 2017

Security Innovators

CRN's 2017 Tech Innovator Awards honors the vendors drawing the roadmap for the future of IT and providing cutting-edge solution providers with the tools to navigate it. With countless vendor options on the market, identifying future-ready IT solutions for customers is no easy task.

The annual Tech Innovator Awards helps to narrow the field, honoring honor groundbreaking vendors in 32 categories, with the winners and finalists chosen from among 216 applicants.

Among this year's class are 34 vendors in the security space, securing data in the cloud and protecting connected devices at the network edge.

Here we present the winners and finalists from this year's Cloud, Endpoint, Identity Management, IoT, Mobile, Network and Web/Email/Application Security categories.

Security - Cloud

Winner:

Cisco Umbrella

Cisco Umbrella is a cloud-delivered security platform that serves as the first line of defense to protect employees both on and off the corporate network. The Secure Internet Gateway provides customers with safe access to the internet anywhere that users go, even when they're not on the virtual private network. Cisco Umbrella halts current and emerging threats over all ports and protocols, while blocking access to malicious domains, URLs, IP addresses and files before a connection is established or a file downloaded. Ultimately, Cisco Umbrella protects enterprises as mobility increases and as cloud services are adopted.

Security - Cloud

Finalist:

Armor Anywhere

Armor Anywhere is a solution to provide data security across all varieties of infrastructure, including cloud infrastructures from Amazon Web Services and Microsoft Azure. Capabilities include managed security, visibility, controls, threat intelligence, patch monitoring, log management, malware protection, file integrity monitoring and external vulnerability scans.

Security - Cloud

Finalist:

Coronet SecureCloud

Featuring support for more than 100 cloud services, including Office 365 and Salesforce, Coronet's SecureCloud automatically controls which applications, activities, and data that users that are allowed to access. The solution works by continuously identifying risks and threats in users' behavior, as well as devices and networks in use.

Security - Cloud

Finalist:

RedLock Cloud 360

RedLock's Cloud 360 platform offers a new way for companies to see what's inside their cloud infrastructure, providing a common control point for workload discovery, continuous monitoring and cloud forensics. Companies can use the solution to detect anomalies, perform risk scoring and compliance reporting and set security controls.

Security - Endpoint

Winner:

Sophos Intercept X

Sophos has extended its next-generation endpoint security portfolio with Intercept X, an offering to provide added detection, protection, and remediation capabilities to partners and customers on the endpoint. Intercept X can be sold as an add-on to existing Sophos offerings or independently. It offers signature-less threat and exploit detection; CryptoGuard anti-ransomware capabilities to both block and remediate ransomware; root cause analysis to map attacks and provide recommendations for future; and Sophos Clean to clean up spyware and malware in an environment. Among the recently added features is ransomware protection for Windows servers, along with prevention of attacks that target the master boot record and volume record.

Security - Endpoint

Finalist:

CrowdStrike Falcon Platform

Recent enhancements to CrowdStrike's flagship Falcon offering add new capabilities for machine learning and advanced endpoint protection. New features include CrowdStrike Falcon Prevent for behavioral analytics-based anti-virus replacement, as well as CrowdStrike Falcon Discover for monitoring of privileged user accounts and application usage.

Security - Endpoint

Finalist:

CylanceProtect Home Edition

Though targeted at consumer security with features such as artificial intelligence to block unknown variants of malware, CylanceProtect Home Edition is sold through the channel with the same margin structure as the CylanceProtect corporate version, according to Cylance. That gives partners a broader portfolio to offer to customers from Cylance, the company said.

Security - Endpoint

Finalist:

McAfee Dynamic Endpoint Threat Defense

With Dynamic Endpoint Threat Defense, McAfee provides a comprehensive context of potential threats along with single-click remediation. The offering uses insight aggregated from multiple sources and the combination of malware signatures, real-time reputation scoring, application containment, and machine-learning and EDR capabilities.

Security - Endpoint

Finalist:

Palo Alto Networks Traps 4.0

In contrast to traditional endpoint protection approaches -- which involve detecting and responding to security incidents after a breach has occurred -- Palo Alto Networks' Traps 4.0 is a multi-method prevention offering that pre-emptively blocks both known and unknown cyberthreats from compromising endpoints.

Security - Identity Management

Winner:

Okta API Access Management

Okta's API Access Management solution sets itself apart by managing access based on the user, group membership, network zone or device -- rather than by application. Integrated into the Okta One Identity cloud, the offering allows for the creation, maintenance and audit of API access policies. The offering includes OAuth 2.0 API authorization along with an identity-driven policy engine, centralized control across APIs, and integration with other API management offerings (including Mulesoft and Apigee). Ultimately, the offering positions Okta and its partners to take a hand in the digital transformation of customers -- both by offering new web and mobile application experiences with back-end integration, and/or by selling access to core APIs and services.

Security - Identity Management

Finalist:

BeyondTrust PowerBroker

With the PowerBroker Privileged Access Management Platform, BeyondTrust brings together capabilities that other vendors offer as individual tools as a way to enable visibility and control over all privileged accounts and users. Benefits of the approach include simplified deployments, lower costs and reduced privilege risks.

Security - Identity Management

Finalist:

Ivanti Identity Director

Using a central identity warehouse that determines an employee's identity from existing systems, Ivanti's Identity Director enables IT to automatically deliver services to individuals as needed, while also supporting employees to use self-service with automated workflows.

Security - Identity Management

Finalist:

One Identity Safeguard 2.0

One Identity's Safeguard 2.0 brings automation and control to the process of granting access to privileged accounts, with capabilities to provide access to the password itself or to enable privileged access through a session with full recording and replay.

Security - IoT

Winner:

ForeScout CounterAct

Using its pioneering agentless approach to IoT security, ForeScout's CounterAct provides visibility and control of devices as soon as they connect to the network. CounterAct provides a broad range of network access controls for IoT, automating policy-based access control as well as enforcement of devices, users, and applications. The offering enables organizations to limit access to appropriate resources, automate guest on-boarding, find and fix endpoint security gaps, and meet regulatory compliance requirements. Recent enhancements to CounterAct include a new user interface, enhanced scalability and resiliency, and customized classification of devices -- which works across IoT, OT, mobile and virtual endpoints.

Security - IoT

Finalists:

Armis IoT Security Platform

Armis offers an agentless IoT security platform that lets enterprises see and control any device or network. The platform -- which integrates with existing IT infrastructure -- offers capabilities such as stopping devices from connecting to an inappropriate network, regardless of whether those devices are managed by IT or not.

Security - IoT

Finalists:

Claroty Platform

Claroty offers a security platform that provides protection for granular operational technology network elements in industrial workplaces. The platform enables engineers and operators to protect their OT networks using measures such as monitoring, alerting and management for factory floors.

Security - IoT

Finalists:

CyberX ICS Attack Vector Prediction

CyberX's Industrial Control System Attack Vector Prediction technology helps industrial companies predict and prevent security attacks as they connect their operational technology to the Iiternet. The tool works by validating precisely which mitigation measures -- such as network zoning or stronger authentication -- can eliminate the highest-risk attack vectors.

Security - IoT

Finalists:

ZingBox IoT Guardian

ZingBox's IoT Guardian is a detection tool that works by understanding each IoT device's "personality." The tool leverages machine-learning capabilities to discover and assess risk and baseline normal behavior, detect anomalous activities, and provide real-time monitoring across customers' IoT devices.

Security - Mobile

Winner:

Samsung Knox 2.9

Key updates in Knox 2.9, the latest edition of Samsung's mobile security platform, serve to the enhance the protection of personal data and device features. Among the new capabilities are remote backup to the user's Secure Folder (enabling users to access or wipe the Secure Folder's data if the device is lost) and App Permission Monitor (for getting notifications when background apps try to access the camera, microphone, video recorder or SMS). Meanwhile, Knox 2.9 includes an updated Customization SDK to assist developers with creating vertical-specific apps for Samsung devices.

Security - Mobile

Finalist:

Zimperium Advanced App Analysis

Advanced App Analysis is Zimperium's solution for rating mobile apps on privacy and security risk. The solution works by using a parallel processing engine to collect and correlate data from numerous sources, and then performing multivariate tests and validations to proactively generate intelligence around app risks.

Security - Network

Winner:

RedSeal Platform

RedSeal's network modeling and risk-scoring platform enables customers to create a unified model of their complex network, which can include on-premises, cloud and virtualized environments. The platform provides a detailed understanding of the current state of a company's hybrid data center while enabling queries across all individual networks. A recent update of the platform expanded integrations with products including Splunk's Enterprise Security SIEM, Rapid7's Nexpose vulnerability management software, and ForeScout's IoT-focused CounterAct solution. RedSeal also unveiled the expansion of its platform with the ability for modeling of software-defined networks in VMware NSX and Amazon Web Services Virtual Private Clouds.

Security - Network

Finalist:

Cisco Stealthwatch

As large enterprises expand their digital networks, Cisco's Stealthwatch enables improved visibility and security by collecting and analyzing network infrastructure data to uncover possible cyberattacks. Stealthwatch also integrates with the Cisco Identity Services Engine to pinpoint the exact user and device responsible for anomalous network activities.

Security - Network

Finalist:

Infoblox ActiveTrust Suite

With its ActiveTrust Suite, Infoblox automatically stops insecure device communications using command-and-control methods. The offering, which collects and distributes threat intelligence to remediate and prevent attacks, halts DNS-based data exfiltration by leveraging streaming analytics and machine learning.

Security - Network

Finalist:

Juniper Sky Advanced Threat Prevention

Recent enhancements to Juniper Networks' Sky Advanced Threat Prevention made the cloud-based threat detection and prevention offering available on the vSRX Virtual Firewall as well as across Juniper's SRX Series Services Gateways -- thus allowing partners to extend their malware protection across virtual and physical firewalls.

Security - Network

Finalist:

ProtectWise Grid

The ProtectWise Grid provides capabilities such as visibility and automated threat detection by bringing the advantages of the cloud to network security. Cloud-enabled features include an unlimited retention window and automated retrospection--as well as fast, highly scalable deployment.

Security - Threat Analytics

Winner:

Exabeam Security Intelligence Platform

Exabeam's Security Intelligence Platform extends the company's user behavior analytics offering to disrupt the legacy SIEM (security information and event management) market. The offering includes five products: Exabeam Log Manager, Exabeam Advanced Analytics, Exabeam Incident Responder, Exabeam Threat Hunter, and Exabeam Cloud Connectors. Combined, the products transform Exabeam into an SIEM replacement -- although the platform distinguishes itself from traditional SIEM offerings by allowing for unlimited security data collection, and by supplementing log collection with analytics and incident-response capabilities. Exabeam's Security Intelligence Platform is aimed at the midmarket, while most legacy SIEM vendors focus on the enterprise.

Security - Threat Analytics

Finalist:

Illusive Core Solution

In situations where cyberattackers are successful at penetrating an organization's defenses, the Illusive Core Solution can intervene to prevent further damage with deception technology. Illusive's deceptions lure attackers to activate fake objects inside the system, then collect data that can be used to determine the most effective actions to take in response.

Security - Threat Analytics

Finalist:

IntSights Threat Intelligence

IntSights' advanced threat intelligence platform brings together threats from across the Iiternet, then uses machine learning and artificial intelligence to deliver both tailored and generic threat intelligence to enterprise security analysts. This approach vastly improves the consumption of threat intelligence for businesses, according to the company.

Security - Threat Analytics

Finalist:

RiskLens Cyber Risk Quantification Suite

With the Cyber Risk Quantification Suite, RiskLens offers a cyber risk analytics platform with capabilities spanning environment modeling, risk scenario development, simulations, and generation of risk analytics reports. The platform brings together features including risk scoping, data input and calibration, and a quantitative analysis engine.

Security - Threat Analytics

Finalist:

ThreatQuotient ThreatQ 3.1

ThreatQuotient's ThreatQ 3.1 platform aims to serve as a highly relevant source of threat intelligence, thanks to features such as The Threat Library (which automatically prioritizes threat data); The Adaptive Workbench (which enables analysts to erich data); and The Open Exchange (which can export the platform's data to third-party tools).

Security - Web/Email/Application

Winner:

Mimecast Internal Email Protect

Mimecast's recent expansion of its email protection portfolio adds crucial new capabilities to protect against threats from internally generated emails, a fast-growing security risk for companies. Mimecast Internal Email Protect, part of the Targeted Threat Protection (TPP) service portfolio, introduces features to detect and remediate email threats that start from an internal email source. These capabilities are necessary to protect against social engineering and CEO spoofing attacks, as well as compromised accounts or insider threats. Mimecast Internal Email Protect is an add-on subscription to existing TPP licenses, which offers the opportunity for partners to generate additional subscription revenue.

Security - Web/Email/Application

Finalist:

Aqua Container Security Platform

With the Aqua Container Security Platform, DevOps and security teams are empowered to bake security into their application delivery life cycle, rather than having to bolt it on later. The platform thus allows for embedding and automating security controls throughout the development process, as soon as container images are pulled from a registry.

Security - Web/Email/Application

Finalist:

Barracuda Sentinel

Powered by an advanced artificial intelligence engine, Barracuda Sentinel protects against spearphishing attacks and cyber fraud in Office 365 (which doesn't have native security features to stop such attacks). The offering works by learning the unique communication patterns of each organization, and then blocking spearphishing attacks in real time.

Security - Web/Email/Application

Finalist:

Twistlock 2.1

Aimed at securing containers from advanced threats, Twistlock 2.1 includes features such as a cloud native app firewall that automatically protects customers' apps -- without customers needing to change the way the apps are built or run. The offering also provides enterprises with a view of the largest security risks in their unique environment.