Connect with us

Hi, what are you looking for?


Cloud Security

Cloud Security Firm ShieldX Emerges From Stealth

ShieldX Networks Emerges From Stealth Mode With New Product to Protect Cloud Infrastructure

ShieldX Networks Emerges From Stealth Mode With New Product to Protect Cloud Infrastructure

San Jose, CA-based cloud security start-up ShieldX Networks has today emerged from stealth with a new product, Apeiro. Apeiro takes microsegmentation as its baseline, and then layers additional security on top. In November 2015, the company completed a $9 million Series A financing round led by Bain Capital Ventures with participation from Aspect Ventures.

ShieldX delivers its security through microsegmentation that “provides full security controls, as well as visibility, automation and coordination across multiple cloud environments. As a result, a breach in one area of the network will not compromise other areas,” claims the company.

ESG Labs has certified that Apeiro “supports VMware vSphere, OpenStack/KVM, and AWS environments, with additional cloud support on the horizon. Highly available and multi-tenant, Apeiro REST APIs support integration with DevOps-oriented processes.” It also verifies that Apeiro “is fast and easy to deploy over an existing infrastructure (ShieldX boasts 15 minutes), and enables organizations to natively, automatically segment and secure cloud workloads at scale, across both physical and multi-cloud infrastructures.”

But, claims ShieldX, microsegmentation alone is not enough. “Note that microsegmentation only restricts who can communicate to who and not what they say to each other,” Dr. Ratinder Paul Singh Ahuja, CEO and founder of ShieldX told SecurityWeek. “This then creates the situation where a compromised system can still propagate malware because microsegmentation by itself doesn’t inspect that level of detail in the communications between systems.”

In a Friday blog post he gave an example. “The recent WannaCry malware propagated laterally within businesses using the Server Message Block (SMB) protocol. As a matter of policy, you are not going to use micro-segmentation to block the SMB port, or for example, the SQL port, in communications between applications and users in your network as those are used to carry legitimate traffic to conduct business. Yet these are common techniques used for exploits. So, if you now depend on microsegmentation alone to secure your data center or public cloud traffic, you could easily fall prey to WannaCry or the next generation of attack.”

Apeiro provides deep packet inspection (DPI), visibility, policy management, and enforcement at cloud scale. Organizations can implement security policies on-demand, based on microsegmentation application-aware access control; threat detection from a combination of 10,000+ threat definitions; malware detection through integration with third-party products such as FireEye; TLS decryption/termination; and URL filtering. DLP is expected in a future release.

Advertisement. Scroll to continue reading.

Although both the ShieldX announcement and the ESG Labs review specify ‘FireEye’, Ahuja told SecurityWeek that it is singled out only because many of ShieldX customers already use FireEye. “Apeiro can integrate with other advanced malware detection technologies as well as offer that capability from the ShieldX cloud if customers don’t have such systems in place,” he said.

The 10,000+ threat definitions, he added, “are sourced commercially as well as from our own research. These are dynamically updated and pushed out to Apeiro installations from the ShieldX cloud.”

“We chose ShieldX as our cloud security partner,” says Joe Jozen, VP of Tokyo Electron Device Limited (TED), “because our customers want to leverage the power and cost saving benefits of cloud innovation without compromising security. The Tokyo 2020 Olympics are a perfect example of how the partnership between TED and ShieldX will be critical to enabling the secure storage and transfer of information while protecting against cyber threats to provide a safe, enjoyable and connected experience for attendees.”

In May 2017, ShieldX was featured in Gartner’s ‘Cool Vendors in Cloud Security, 2017’. “ShieldX is a pure-play security vendor with a cross-cloud microsegmentation product branded Apeiro that functions as network security middleware to support hosts and containers,” writes Gartner. It “will appeal to I&O and security and risk management leaders in enterprises that have a virtualized infrastructure requiring segmentation, especially where those clouds are or will be heterogeneous, or if the enterprise is more a Mode 2 (i.e., DevOps) style and needs Mode 2 security for it.”

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cloud Security

Cloud Disaster Recovery - Ingredients for a Recipe that Saves Money and Offers a Safe, More Secure Situation with Greater Accessibility