Israeli startup Aorato has launched what it calls the world's first context-aware, behavior-based firewall suitable for the enterprise market.
Aorato's Directory Services Application Firewall (DAF) is touted as a "context-aware, behavior-based" firewall which is able to profile threats and then both learn and predict entity behaviors which could threaten the security of corporate networks. As a result, the security barrier assists in context-specific real-time decision making in both preemptive network protection and how to deal with cyberattacks as they take place.
The Israeli firm's approach focuses on Microsoft's Active Directory (AD) services activities by observing the network traffic between AD servers and the active network entities including users and devices. The technology then creates security models of observed relationships between servers and entities over time, detecting anomalies which may represent cyberthreats or security policy violations including simple passwords, AD protocol violations and the resurrection of deleted or disabled users. This information then alerts administrators, providing attack timelines to help employees combat threats and detect patterns based on single occurrences.
The founders of the startup, Idan Plotnik, Michael Dolinsky and Ohad Plotnik originate from Israel's Cyber Security Unit within the Israeli Defense Forces (IDF).
Aorato has received approximately $10 million of investments from firms and individual including Accel Partners, Mickey Boodaei -- co-founder of Imperva and Trusteer -- Innovation Endeavors -- a VC funded by Eric Schmidt -- and Glilot Capital Partners.
"In today's world of persistent threats, malicious insiders, and Single Sign On leveraging account access, paying attention to Directory Services' activity is key to an organizations' security. Aorato's creation of the Directory Services Application Firewall and OSG to focus on Active Directory provides a new level of needed insight within enterprises," said David Monahan, Research Director, Enterprise Management Associates.
Aorato's advisory board includes Gil Kilpatrick, former Microsoft MVP for Directory Services and current CTO of identity solutions provider ViewDS, Bit9 CTO and former McAfee researcher Harry Sverdlove, Professor Gil David and former VP of Juniper Networks' mobile security business unit Neil Book.