At the core of the company's anti-botnet technology, delivered via its appliances, is its FireEye Analysis and Control Technology (FACT) engine, which looks for suspicious traffic, confirms attacks, and blocks access from infected devices to other machines on a network.

Using the information being drawn from its customers, which already include a number of large North American carriers and Fortune 1,000 companies, according to the CEO, FireEye claims that it also has the ability to backtrack its way through the networks of infected machines to scope out the size of botnet operations and work with carriers to snuff out the infrastructure.

Aziz contends that even if anti-botnet technologies become digested in broader suites by most companies or through carrier-provided services, FireEye -- whose virtualization-based technology was originally positioned for use in network access control (NAC) systems when it was founded in 2004 -- will be able to turn a profit by providing the intelligence needed by those systems to identify and track the attacks.

"The capability to build this intelligence about the botnets themselves is a sizable business opportunity. These companies offering services will need to constantly feed new data into their gateways," he said. "We feel this is a viable business model, finding the infrastructure that is out there and helping people understand where it lives and how it works."

Damballa, which takes it name from the realm of voodoo spirits, is already marketing its capabilities to both enterprises and carriers in a number of different models.

For instance, the company already offers three deployment options to enterprise customers: its Global Surveillance Network, a subscription service that alerts users if any of their machines are infected by known botnets; its Enterprise Protection package, which uses sensors placed on clients' networks to look for attacks; and its Extended Enterprise Protection offering, which utilizes sensors outside companies' firewalls to look for attempts by botnets to connect to users' computers.

It markets comparable services for carriers and other security OEMs.

Damballa leaders said that the key to earning a spot inside more companies' operations will be the continued evolution and maturation of the threats themselves, and the company's unique ability to chart botnet behavior.

"We definitely see a best-of-breed opportunity for fighting botnets. It depends on the customer, but most of the success we're finding is with organizations who already have a lot of security technologies in place but still find themselves dealing with this problem," said Tripp Cox, vice president of engineering at Damballa, which was founded in late 2006.

"These companies are getting green lights from other products telling them that everything is OK, but they are still finding out about compromises inside their networks," he said. "A lot of the larger security players will have to have something in their suite to address the problem, and there's definitely potential for consolidation at some point in this space, but if you look at a problem like spam, there's a history there of companies building a stand-alone business to solve problems like this."

The 451 Group's Selby said that there will likely be growth of the anti-botnet segment before any industry consolidation takes place, despite a wide number of companies --ranging from anti-virus vendors to massive carriers with managed security services -- who want to take on a broader piece of the market.

"It would seem to make sense for these [anti-botnet] companies to cut deals with ISPs to have better visibility into their networks and botnet activity in general, as they already have," the analyst said. "This is a market that should see expansion as botnets continue to become a bigger problem for everyone."