Welcome!

Microservices Expo Authors: Gopala Krishna Behara, Sridhar Chalasani, Tirumala Khandrika, Elizabeth White, Liz McMillan

Related Topics: Cloud Security, Java IoT, Microservices Expo, Microsoft Cloud, Agile Computing, Apache

Cloud Security: Article

Shape Security Gets Big-Time Backing

The company says the number of large-scale web security incidents has increased exponentially in the past decade

Industry glitterati have stuffed $26 million in the pockets of Shape Security, a start-up promising to deliver a mysterious new kind of web protection that will make it harder and pricier for hackers to ply their trade.

The company says the number of large-scale web security incidents has increased exponentially in the past decade. Symantec estimates the overall cybercrime market at $388 billion a year. Last month the FBI took down a single botnet that alone stole over $850 million.

Ray Rothrock, a partner in Venrock, the pioneering high-tech venture capital firm started by the Rockefellers and led the new $20 million B round in Shape, said, "The rise of botnets and crimeware-as-a-service have led to an untenable situation where web sites are now cheap to attack and expensive to defend. Shape's technology will alter this balance. It is unlike anything the industry has ever seen before."

Also participating in the round were Kleiner Perkins, Allegis Capital, Google Ventures, Google executive chairman Eric Schmidt's personal VC arm TomorrowVentures and former Symantec CEO Enrique Salem.

Last April Shape closed a $6 billion A round led by Kleiner and including TomorrowVentures, Google Ventures, Baseline Ventures and top executives from Dropbox, Facebook, LinkedIn and Twitter.

The start-up is being fairly closed-mouth about its self-proclaimed military-grade widgetry. Salem, who figures "signature and heuristic-based detection have proven unsuccessful in keeping pace with the complexity of modern web attacks," said Shape's technology "will allow web sites to deflect attacks automatically, using a far more sophisticated approach." Apparently the hacker would be forced to compromise a web site every time a user logs on instead of reusing a stolen identity.

Evidently the widgetry has been in beta at unidentified customers sites assumed to include large financial institutions who sound like they want Shape to hurry up and productize the stuff - hence the B round. It could have a software appliance out later this year.

The start-up was founded in 2011 by CEO Derek Smith, CTO Justin Call and VP of product management Sumit Agarwal. Agarwal was the head of mobile product at Google and worked at the Defense Department. The company has also added Google's former click fraud boss, Cisco's former VP of application delivery and Wal-Mart's ex-chief information security officer.

More Stories By Maureen O'Gara

Maureen O'Gara the most read technology reporter for the past 20 years, is the Cloud Computing and Virtualization News Desk editor of SYS-CON Media. She is the publisher of famous "Billygrams" and the editor-in-chief of "Client/Server News" for more than a decade. One of the most respected technology reporters in the business, Maureen can be reached by email at maureen(at)sys-con.com or paperboy(at)g2news.com, and by phone at 516 759-7025. Twitter: @MaureenOGara

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Microservices Articles
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portability. In this session we'll describe best practices for "configuration as code" in a Kubernetes environment. We will demonstrate how a properly constructed containerized app can be deployed to both Amazon and Azure ...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm. In their Day 3 Keynote at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, and Mark Lav...
The now mainstream platform changes stemming from the first Internet boom brought many changes but didn’t really change the basic relationship between servers and the applications running on them. In fact, that was sort of the point. In his session at 18th Cloud Expo, Gordon Haff, senior cloud strategy marketing and evangelism manager at Red Hat, will discuss how today’s workloads require a new model and a new platform for development and execution. The platform must handle a wide range of rec...
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound e...
If your cloud deployment is on AWS with predictable workloads, Reserved Instances (RIs) can provide your business substantial savings compared to pay-as-you-go, on-demand services alone. Continuous monitoring of cloud usage and active management of Elastic Compute Cloud (EC2), Relational Database Service (RDS) and ElastiCache through RIs will optimize performance. Learn how you can purchase and apply the right Reserved Instances for optimum utilization and increased ROI.
TCP (Transmission Control Protocol) is a common and reliable transmission protocol on the Internet. TCP was introduced in the 70s by Stanford University for US Defense to establish connectivity between distributed systems to maintain a backup of defense information. At the time, TCP was introduced to communicate amongst a selected set of devices for a smaller dataset over shorter distances. As the Internet evolved, however, the number of applications and users, and the types of data accessed and...
Consumer-driven contracts are an essential part of a mature microservice testing portfolio enabling independent service deployments. In this presentation we'll provide an overview of the tools, patterns and pain points we've seen when implementing contract testing in large development organizations.
In his session at 19th Cloud Expo, Claude Remillard, Principal Program Manager in Developer Division at Microsoft, contrasted how his team used config as code and immutable patterns for continuous delivery of microservices and apps to the cloud. He showed how the immutable patterns helps developers do away with most of the complexity of config as code-enabling scenarios such as rollback, zero downtime upgrades with far greater simplicity. He also demoed building immutable pipelines in the cloud ...
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...