Shape Security, one of the most talked-about stealth security startups in the Valley, is now open for business.
And on Day 1 it already has all hallmarks of a crazy-successful company: amazing tech, an impressive team and more than $US1 million in sales.
Shape Security has created a new kind of computer security technology that uses hackers’ tricks against them.
To understand how this works, you have to understand how a computer virus works. A computer virus can change itself every time it installs on a new computer. (In geek speak, that’s called a “real-time polymorphism.”) That makes it harder for antivirus software to discover and stop it. But, once it installs, the tasks it sets about doing are typically the same. For instance, it might install itself on a bank’s website to capture passwords.
The malware uses a script that looks for code that says “username” or “password.”
Shape has launched something called a ShapeShifter. The bank would put this device in front of the website. Every time a Web page is served up, ShapeShifter changes the site’s software. The term “username” or “password” is replaced with something else the browser understands but the script won’t.
There becomes no way to write a script to grab passwords, or scrape things from a website, or do a dozen things that malware writers must automate in order for their software to work.
This kind of thing has never been done before.
But Shape has amassed some strong evidence that it will work. It’s beta-testing program involved more than 20 big website enterprises, such as Stubhub.
With those tests, the company has already sold over $US1 million worth of software, vice president Shuman Ghosemajumder told Business Insider.
Shape has also snagged some of the biggest names in the security industry to join its 58-person team.
This includes Ghosemajumder, Google’s former click fraud czar; a star engineer from Palo Alto Networks, Xinran Wang; and people from VMware, Cisco, Mozilla.
Shape Security was founded by ex-Googler Sumit Agarwal, who was head of mobile product at Google and is the former senior adviser for cyber innovation at the U.S. Department of Defence, as well as former deputy assistant secretary for the department. Plus he spent 14 years as an officer in the U.S. Air Force working on security and intelligence tech. Its other co-founders, Derek Smith, CEO, and Justin Call, CTO, hail from the Pentagon and a major defence contractor.
Shape created buzz a year ago when it raised $US26 million from a bunch of A-list investors, including Kleiner Perkins, Venrock (the venture-capital arm of the Rockefeller family), Google Ventures, Google Executive Chairman Eric Schmidt’s TomorrowVentures, and former Symantec CEO Enrique Salem.