Menu
Start-up debuts 'shape-shifting' technology to protect web servers

Start-up debuts 'shape-shifting' technology to protect web servers

Backed by a lineup of elite investors, start-up Shape Security comes out of stealth mode today by announcing technology it calls Shapeshifter that is said to prevent cyber-criminals from successfully attacking and compromising websites.

Shape Security has attracted $26 million in venture capital from Kleiner Perkins Caufield & Byers, Eric Schmidt's TomorrowVentures, Baseline Ventures, Google Ventures, Wing Ventures, Venrock and individuals including former Symantec CEO Enrique Salem.

By putting the Shapeshifter appliance in front of a website, every HTML page that is presented for viewing is subtly transmuted in its underlying code each time so that it won't look the same twice. "The key is not to change anything to the naked eye but everything the programmer cares about," explains Shape Security's vice president of strategy, Shuman Ghosemajumder. This automatic altering of web pages to the external world creates a kind of deceptive camouflage designed to never let an attacker get a single straight shot to undermine the site through attacks such as cross-site scripting or application denial-of-service attacks.

+ ALSO ON NETWORK WORLD: 12 Hot Security Start-ups to Watch +

Shape Security calls this "real-time polymorphism" and in some regards, Ghosemajumder points out, it borrows a page from tactics that malware authors use to constantly modify malicious code so it can evade signature-based detection. With Shapeshifter, "the website will constantly re-write itself wherever you deploy it, the HTML will re-write itself," he says. But for the visitor, the content looks the same as it might be otherwise.

The goal is to create a defense against some of the natural advantages that attackers have in deeply scoping out the websites they want to attack in advance. Shapeshifter's approach does require considerable processing power, Ghosemajumder acknowledges. Because it is computationally intensive, Shapeshifter has to be tested carefully in any website environment. It can be deployed to a single web page, such as to protect a login page, or across numerous web pages. The amount of traffic and number of web pages will be factors in its use. Shape Security has no announcements yet on customers using Shapeshifter but says private betas are ongoing. Pricing for it is not yet disclosed.

Founded in November 2011, Mountain View-based Shape Security has three co-founders: CEO, Derek Smith; vice president of product management Sumit Agarwal, and chief technology officer Justin Call. Agarwal is the former senior advisor of cyber innovation at the U.S. Department of Defense as well as former deputy assistant secretary to the department. Prior to that he was head of mobile products at Google.

Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com

Read more about wide area network in Network World's Wide Area Network section.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cybercrimeGooglelegalendpoint securitysymantecanti-malwareWide Area Network

Brand Post

Featured

Slideshows

Reseller News Platinum Club celebrates leading partners in 2019

Reseller News Platinum Club celebrates leading partners in 2019

The leading players of the New Zealand channel came together to celebrate a year of achievement at the annual Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months.

Reseller News Platinum Club celebrates leading partners in 2019
Reseller News hosts alumnae breakfast for Women in ICT Awards

Reseller News hosts alumnae breakfast for Women in ICT Awards

Reseller News hosted its second annual alumnae breakfast for the Women in ICT Awards in New Zealand, designed to showcase the leading female leaders in the industry. Held at The Cordis in Auckland, attendees came together to hear inspiring keynotes and panel discussions, alongside high-level networking among peers. Photos by Gino Demeer.

Reseller News hosts alumnae breakfast for Women in ICT Awards
Reseller News Innovation Awards 2019: meet the winners

Reseller News Innovation Awards 2019: meet the winners

Reseller News honoured the standout players of the New Zealand channel in front of more than 480 technology leaders in Auckland on 23 October, recognising the achievements of top partners, emerging entrants and innovative start-ups.

Reseller News Innovation Awards 2019: meet the winners
Show Comments