Feeds

HyTrust trousers $13m from VMware and CIA sugar daddy In-Q-Tel

Snowden breach 'a huge wakeup call' for virty security

Internet Security Threat Report 2014

Business is booming at HyTrust, a maker of policy management and access control software for VMware virtual infrastructure, and whistleblower system admin Edward Snowden, who revealed the National Security Agency's web-spying PRISM project, is doing his inadvertent part to pump it up even further.

"The Snowden breach at the NSA has been a huge wakeup call," Eric Chiu, founder and president of HyTrust, tells El Reg. "Admins have always had access to resources, but in a virtual environment, it is even worse. Admins of virtual infrastructure can copy whole virtual machines. And now customers are shifting from an outside-in security environment to an inside-out model. You have to assume that somebody bad is already in your environment and figure out what you can do to monitor them."

HyTrust has been saying that IT shops should adopt a second approval rule for a lot of things that go on inside the data center for the past year, and the Snowden episode just makes this necessity all that more clear (at least, from the point of view of companies and governments).

The HyTrust virtual compliance appliance, which runs inside of an ESXi virtual machine and can monitor all changes to the hypervisor, its virtual machines, and their software stacks, hooks into LDAP or Active Directory for authentication and supports two-factor authentication with SecurID or smart cards. The HyTrust appliance becomes the "system of record" that snoops on all attempted changes in the virtual infrastructure, as well as approving changes that meet policies.

Funded and ready to expand

At the moment, the HyTrust appliance is restricted to VMware's ESXi hypervisor and its vCenter management console, but Chiu says thanks to $13m that the company just raised in Series C financing, HyTrust can expand out beyond the VMware stack to other hypervisors and cloud controllers used inside corporate and government data centers, as well as the same or similar software layers used on public clouds.

Chiu is not being specific about what other hypervisors or public clouds HyTrust will support next, but he says the company will be able to lock down at least one or two additional platforms this year, with others to follow.

It is ironic that VMware would help fund such moves. But by kicking in some dough, VMware not only keeps HyTrust engaged with its vSphere and vCloud stacks, but also gets insight into the company's future plans and has an inside track on a potential future acquisition.

In-Q-Tel, the venture capital arm of the US Central Intelligence Agency, was also one of the big investors in this third round. Epic Ventures and Trident Capital (which did the company's $5.5m first round) and Cisco Systems and Granite Ventures (which participated in the $10.5m second round) also kicked in dough during the third round.

The In-Q-Tel investment, says Chiu, will help HyTrust enhance its product in ways that help the intelligence community and also benefit both government and corporate customers. At the moment, HyTrust has close to a hundred customers, says Chiu – mostly Fortune 1000–class firms and large governments. He estimates that it has "in the millions of virtual machines under protection at this point."

Chiu says that revenues at HyTrust are expected to triple or quadruple this year, and one of the drivers is that companies want to move from maybe having 50 to 60 per cent of their workloads virtualized to something closer to 80 to 90 per cent. "What is really standing in the way is security for mission-critical workloads and their data," says Chiu, and of course, HyTrust thinks it has just the thing to solve that problem.

The third round of financing is usually a bit early to go public, but it is probably not too early for someone like VMware or Microsoft or Red Hat to swoop in and acquire a company like HyTrust. And that could happen. Chiu says he is working on scaling the HyTrust business right now and might entertain the idea of going public a few years down the road. ®

Internet Security Threat Report 2014

More from The Register

next story
Docker's app containers are coming to Windows Server, says Microsoft
MS chases app deployment speeds already enjoyed by Linux devs
IBM storage revenues sink: 'We are disappointed,' says CEO
Time to put the storage biz up for sale?
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
Symantec backs out of Backup Exec: Plans to can appliance in Jan
Will still provide support to existing customers
VMware's tool to harden virtual networks: a spreadsheet
NSX security guide lands in intriguing format
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.