K2 will be working with channel partners out of the gate, although their number will be limited at the start.
Today, San Jose-based startup K2 Cyber Security is emerging from stealth and announcing the general availability of its cloud workload security platform, along with the announcement that they have secured $6 million in seed funding from two venture capital companies. The major interest here is the brashness of K2’s pitch. They asset, with no asterisks or qualifications, is that their platform prevents zero day attacks, in real time, with no false positives, regardless of an application’s patch status. It’s something that hasn’t existed before, but Pravin Madhani, K2’s co-founder and CEO, said that they have pulled it off.
“The company is coming out of stealth today,” Madhani said. “We have come up with a very disruptive way of protecting application workloads. So many attacks today use application vulnerabilities. With the move to cloud, it is time to have a way to protect these critical applications. In real time, we detect and prevent zero day attacks without any false positives. We realize that this is a huge claim.”
The wherewithal to deliver on it comes from the two modules – K2 Prevent and K2 Segment – that make up the K2 platform. Each features an innovation the company considers to be dramatic, and together they make up the company’s secret sauce.
“Most security tools are based on signature of the attack, or on a behaviour-based approach which uses AI or machine learning,” Madhani stated. “The signature method needs to know the attacker’s prior characteristics. The AI and machine learning based ones are based on a model that is also based on how past attacks have happened. K2 Prevent’s Optimized CFI technology creates an execution map of the binary program, so A goes to B. If A doesn’t go to B, we know that a hijack has happened, and we flag it as an attack. So Optimized CFI deterministically stops attacks, where known or unknown, with no false positives.”
The second module within the platform, K2 Segment, enforces the correct isolation of workloads, secures data in motion and prevents lateral movement of threats in hybrid cloud environments. Its differentiation is a method for dynamic workload micro-segmentation that assigns strong, unique cryptographic identities to workloads that authenticate each other before permitting any communication.
“Based on these cryptographic identities, we authenticate the communications, and the bi-directional enforcement prevents lateral attacks in a dynamic IT environment,” Madhani said. “Our platform also takes less than 15 minutes to install, and uses less than 15 per cent of CPU resources. That’s completely unheard of in the industry.”
The market for this is potentially vast, and in no way will K2 be limiting it to just the top of the market.
“One of the reference customers who are in our press release, ID90 Travel, is a small travel company,” Madhani said.
The K2 platform is also designed to work with other solutions, rather than be a ‘rip and replace’ alternative to them
“What we are focused on is solving the most important problem for the customers,” Madhani said. “There are other solutions that do other things, and we coexist with them well. What we are doing, nobody else offers – zero day attack protection with no false positives.”
While K2 is still in very early days in its go-to-market plans, they are already talking with potential channel partners.
“I started with prospective channel partners about eight months ago,” Madhani said. “They wanted to make sure that we were for real! But you cannot reach the wide market without the channel, so they have to be part of the fabric from day one. Because I have done multiple companies in the past, I appreciate what they bring to the table. We are working with three or four partners now, and we will add additional ones as part of our sales strategy.”
Some elements of the roadmap are public at this point.
“Because we can identify malicious applications which don’t look right, our game plan going forward is to do application analysis,” Madhani indicated.
K2 Prevent and K2 Segment are available now. Pricing is based on the number of nodes.