3. CrowdStrike: Introducing kill-chain tactics
In any war, it's important to know your enemy. While CrowdStrike remains in private beta and will debut this fall, the cloud provider uses a novel approach. The idea is to go on the offensive: The firm's technology analyzes the attacker and develops a model based on what an attacker is trying to do and the tools it is using. This tactic, known as a kill-chain, helps a company strategize about and defend against a known attacker. It can also turn the tables on an attacker by first pinpointing its identity and intent and then "creating doubt and confusion" that ties up resources and denies it access to the information it wants.
4. Trusteer Apex: Behavioral whitelisting
In addition to the kill-chain tactic, in which you learn about the attacker and the exploits he uses, another emerging tactic has to do with checking for application vulnerabilities. Many companies spend most of their efforts on signature-based protection and zero-day patches. Trusteer Apex takes a novel approach because it analyzes what an application is doing, and why it's doing it, to determine if it's exposed to threats and block those gaps. If there is an attack, Apex also blocks the malware from communicating back to the Internet.
5. Veracode: Vendor application security testing
Last year, analyst firm Quocirca found that 65 percent of the applications at large companies are from third-party vendors. While enforcing security policies for internal apps is more of a known quantity, compliance with vendors is not as controllable. Veracode VAST is a tool for verification and validation of security compliance for third-party vendors. The reporting tools do not access code directly, but it does analyze behaviors that could pose a potential threat. From there, it verifies whether a vendor's app meets an enterprise's security policies.
6. Seculert: Big data analytics of all security activity
Getting the big picture on a massive data store is next to impossible. Big data analytics company Seculert uses the Hadoop programming framework and Amazon Web Services to analyze data stores for threats. This makes for quick, inexpensive deployment. Data is ingested in massive quantities and analyzed by botnets in the cloud, using techniques such as honeypots and crawlers. If an infection occurs at one organization, Seculert can alert companies that might also be in danger.
John Brandon is a former IT manager at a Fortune 100 company who now writes about technology. He has written more than 2,500 articles in the past 10 years. You can follow him on Twitter @jmbrandonbb. Follow everything from CIO.com on Twitter @CIOonline, Facebook, Google + and LinkedIn.
Read more about cyber crime in CIO's cyber crime Drilldown.