Investors Dive Into Breach

Can encryption and security analysis be done without hurting network performance? Breach Security Inc. is betting that they can do it, and investors yesterday gave the emerging vendor more cash to ride out that bet.

Breach, an application security vendor, received $6 million in second round financing from two investment firms: Sid R. Bass Associates and Enterprise Partners Venture Capital. Analysts say the investment could be a shrewd one, even though a near-term mega-payout seems unlikely.

"Vendors have talked for a few years about customers’ need to secure transactions at the application, rather than the network level," said Michael Gavin, a senior analyst at Forrester Research Inc. "It seems that companies are now finally willing to take that step."

Founded in 2004, Breach offers three products: BreachGate Sitegrity, which secures data as it leaves an organization's application and perimeter; BreachView SSL, which performs SSL traffic encryption and decryption; and BreachGate WebDefend, which serves as an application firewall that automates the manual task of profiling possible outside attacks.

While other vendors' products perform these functions "in-line" -- meaning that encryption and packet analysis take place on the network during transmission, Breach offers an "out-of-line" approach where transactions have no impact on network performance.

Both approaches have plusses and minuses, analysts say. The in-line option enables a security product to perform multiple functions, including application acceleration, simultaneously. The downside is that these devices take more time to configure than an out-of-line system and can hurt network and application performance.

The out-of-line products are quick and easy to install; in most cases, a user can simply drop them into the network and begin collecting security data. However, these devices are a one-trick pony (security only) and may offer hackers a desired network entry point.

Breach has a number of enhancements in the pipeline, such as developing agents that will enable companies to collect security information from a wide range of devices. "Breach offers companies a great deal of flexibility in configuring security checkpoints," noted Scott Crawford, a senior analyst with Enterprise Management Associates.

Consequently Breach supporters view its out-of-line approach as a key market differentiator. "Breach has the products and management team to emerge as a strong independent security supplier," remarked Perse Faily, partner at Sid R. Bass Associates.

To accomplish that, Breach must clear a number of hurdles. The growing user interest in Web application security has lured a slew of companies into this space. Check Point Software Technologies Ltd., Citrix Systems Inc., eEye Digital Security Inc., F5 Networks Inc., Imperva Inc., NetContinuum Inc., Protegrity Corp., Watchfire Corp. and Whale Communications Ltd. offer competitive products.

Breach thinks that its out-of-line approach providing a significant differentiator may be offbase. "Many of the in-line vendors recently added out-of-line functionality to their products," noted Forrester Research's Gavin. In addition, Imperva relied on an out-of-band approach in its products, delivered them to market sooner than Breach did, and recently added in-line functionality to its lineup. And established vendors Citrix and F5 decided to compete by acquiring startups whose products they viewed as stronger than Breach's offerings.

The new round of venture capital means that Breach has received $13.5 million since its inception, enough to enhance its marketing programs and build up its name recognition. While investors may imagine the startup building itself into the next Symantec Corp., that scenario seems unlikely, given all the competition it faces. A more likely end game would be one of the large, established suppliers adding Breach's products to its line via acquisition.

— Paul Korzeniowski, Special to Dark Reading

Companies mentioned in this article: