10 IT security companies to watch

10 network security newcomers that are worth watching and why

How the company got its start: Co-founder Fei Huang was principal engineer at Sygate (later acquired by Symantec), which designed one of the earliest host-based network-access-control products. Huang teamed with Liwei Ren, a mathematician specializing in algorithms and pattern-matching, to come up with a desktop agent to detect unauthorized use of sensitive data.

Where the company got its name: "Pro" stands for protecting, and "villa" is Latin for village, so the name indicates that the company's technology protects a community of people.

Customers: Orchard Supply Hardware, Richard Fleishman & Associates, Sony-Ericsson Chinese joint venture. Distribution agreement with BigFix and Reconnex.

Robot Genius
Founded: 2005
Headquarters: Oakland, Calif.
Funding: $2 million from Kingdon Capital and Venio Capital Partners
CEO: Stephen Hsu

What the company offers: Syberus behavior-based malware-detection client software, an antimalware browser plug-in, and the RGcrawler Web-crawling technology that looks for malware executables on the Internet.

Why it's worth watching: Although signature-based anti-virus technology has a venerable history defending against known threats, the security industry is looking at other methods, such as behavior-based defenses that identify and block threats based on behavior. Robot Genius has come up with its own approach to malware detection to determine unsafe executables, and it could get picked up by the larger industry under a licensing plan.

How the company got its start: Hsu and CTO James Hormuzdiar teamed on start-up SafeWeb, sold it to Symantec for $26 million in 2003, and decided to continue working together to found another company to develop a new way to protect against malware.

Where the company got its name: Implies the technology's ability to replicate automatically the downloading and testing of executables off the Internet.

Customers: Not disclosed.

SailPoint
Founded: 2005
Headquarters: Austin
Funding: $14 million from venture capital firms including Austin Ventures, Lightspeed Venture Partners, Origin Partners and Silverton Partners
CEO: Mark McClain

What the company offers: Compliance IQ, identity risk-management software to help enterprises reduce business risk and become compliant by better understanding identity data. The software provides business context to the information generated by IT systems that report on which users have access to what data, offering sophisticated reporting and analytics for decision support.

Why it's worth watching: The company's product attempts to make sense of the reams of identity data generated by IT systems and applications; it's one thing to know what users are doing, it's another to combine that information with data about what they are allowed to do. Companies that combine the two stand a better chance of identifying fraud, theft, and misuse. IDC estimated in 2006 the market for identity and access-management compliance will grow by 25 percent per year until it reaches $2 billion in 2010.

How the company got its start: McClain and SailPoint co-founder Kevin Cunningham stayed on at WaveSet when Sun acquired it in late 2003, but not for long. In 2005 with $5 million in funding behind them, the pair left Sun and began developing the technology behind Compliance IQ, which launched at Network World's DEMO 07 conference last January.