Here’s a list of some bright and upcoming security companies which, in my opinion, have a promising potential:

Endeavor Security (, Rating 4/5) – My bets are on this startup. Endeavor is an early-stage company working on a truly disruptive security framework which could be the next big thing in Internet-wide threat analysis and actionable intelligence. The problem with existing intelligence players is that their offerings are not truly actionable, i.e. they don’t cover the complete cycle (detection-reporting-remediation). Secondly, none of them have the capability to provide vendor-agnostic remedial input. Third, no one’s able to keep pace with the changing threat landscape. Fourth, most of the industry analysts wrongly believe that the need for such a service is failing. Security intelligence is still scattered and raw. There is a big response gap which separates intelligence from the effectiveness of deployed products and services. If someone is able to bridge this gap in a product/service/vendor-agnostic way, then there is a great opportunity for setting up a truly early-warning and preemptive service offering. Backed by Department of Homeland Security, this company has taken its first steps to test the waters. It has launched solutions like FirstLight Signatures (signature service for various IPS, UTM and firewall vendors) and FirstLight Active Malware Protection (gathering latest malware data from deployed sensors and relaying it across to the AV vendors before the outbreak occurs while protecting their customer’s perimeter on-the-fly). I had a brief interaction with one of the founders and they say that a SaaS offering is in the works. All this makes it a company to watch out for. Their only challenge would be to get some gung-hos in the management team and build a very strong research back-end.

Rohati Systems (, Rating 3.5/5) – Well, nothing groundbreaking really but a credible enhancement over existing offerings. They are working on a layer 4-to-7, policy-based firewall controlling access to various applications and resources, with awareness about their business context and compliance regulations. Alan Shimel has termed it as “a logical extension of identity based access control” and I agree wholeheartedly with him. They are not alone in the game, with Palo Alto Networks giving them some heat. However, they are garnering most of the media attention due some highly-accomplished Indian techies from Cisco in their management line-up.

Mocana Corp. (, Rating 3.5/5) – This relatively-older company is gradually coming into the limelight. They are building security infrastructure for all kinds of networked devices, from mobile phones to coffee makers. They have acquired a small Indian company to setup their offshore R&D base in Pune.