CrowdStrike Targets Advanced Persistent Threats

Startup CrowdStrike made its debut this week, promising to have a security product out by the second quarter that will target the so-called advanced persistent threat (APT) problem in which stealthy intruders infiltrate networks to steal sensitive data for business or political reasons.

"This will help identify adversaries, attacks and procedures," says George Kurtz, CEO of the San Francisco-based outfit, which he co-founded with CTO Dmitri Alperovitch. While they're revealing little detail about the planned CrowdStrike product and services to target APTs, they promise it will be a "game-changer."

[BACKGROUND: 'Advanced persistent threat' concerns boosting security budgets | 2012 Will See Rise in Cyber-Espionage and Malware, Experts Say]

"The industry focus has been on malware," explains Kurtz, noting it's time for a transformation. He says that companies and government agencies victimized by attackers that hide in their networks in order to steal valuable information don't have a malware problem per se. They have "an adversary problem," he says.

Nation-states are increasingly being blamed as perpetrators of significant APT attacks on a growing list of companies, including RSA, the security division of EMC, which publicly has said it believes a nation-state was the source of the now infamous attack to grab information related to the RSA SecurID product.

"Of the nation-states, China, Russia, Iran and North Korea are the most aggressive," says Alperovitch. There are also the hactivists and terrorists to be wary about, but the nation-states are the most determined to bear down on their targets for a long period.

Alperovitch and Kurtz are both IT security veterans. Kurtz established vulnerability-assessment company Foundstone, acquired by McAfee, where as CTO he got to know Alperovitch, then vice president of threat research at McAfee Labs. Alperovitch left last fall to head his own consultancy.

Exactly what CrowdStrike, said to have 20 employees and offices in San Francisco, Seattle, Washington, D.C., and elsewhere, will come up with later this year to fight APTs is unclear, but the company has gained significant financial backing from investment firm Warburg Pincus with a round of $26 million in funding announced this week.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.

Read more about wide area network in Network World's Wide Area Network section.