Kormox [product TBA 4Q 2011]
SummaryEight sales pitches went head to head in our Security Innovators Throwdown competition to find the most innovative security products and services from young companies.
The prospect that an impending product could have prevented the WikiLeaks scandal, according to this "stealth" start-up's founder, was tantalizing indeed. What struck us was the fact that this device can classify all of the critical information within a manager's purview and obtain actionable insights about that data and the risk it presents. Further, it can classify usage, access and sharing, and then implement what the company calls "surgical controls" that balance collaboration and security. And it claims to do all of this in just a few minutes.
One of our first questions was, "How is this different from a traditional data leakage prevention (DLP) tool?" The answer: a DLP system needs the granular details of the data to make decisions about it. This product - due in the fourth quarter - develops those details so preknowledge is not necessary.
The offering operates in a completely unstructured environment and its focus at the start is classifying the most critical information within the control of the manager using it. Once that data is classified, the product obtains insights about how the data is used. It examines, correlates and analyzes the information and metadata contained wherever that information is stored. That can mean tens of thousands of locations. The tool looks at email servers, desktop PCs, file servers, shares and more.
Kormox is one-and-a-half years old and was started by former Microsoft employees. They are focused on next-generation data classification, and their unnamed product is in open beta. We have not seen this product, but are awaiting access to a beta version anxiously. If this sounds interesting to you, one of the principals at Kormox urges you to consider being part of the open beta.