What do the human immune system and computer security have in common? The question sounds like the beginning of a good joke, but actually, at Sana Security, it was the start of some serious work.
What do the human immune system and computer security have in common? The question sounds like the beginning of a good joke, but actually, at San Mateo-based Sana Security, it was the start of some serious work. CEO John Zicker chats about pathogens, hackers, and survival of the fittest.
What got you personally interested in doing this work?
After following the research in complex systems with fascination for some years, I learned of the most interesting idea I’d yet to come across. Steven Hofmeyr was doing groundbreaking research, applying the principals of the human immune system to computing and looking at computer applications in the same way our body wards off pathogens.
The damage caused by hackers and worms invading our computer systems today is frightening, with global losses rising to billions of dollars. Upon further investigation, I felt Steven’s innovation had the potential to effectively secure computer applications more than ever before and at a lower cost, even amid increasing system complexity and change. When I was approached to commercialize this science project, I couldn’t get it out of my mind.
What does your software, Primary Response, provide that other security software might not?
The key advantage of Primary Response is that it can, like the human immune system, protect computer applications against both known and unknown attacks. It does so by building up a profile of normal system behavior and blocks abnormal activity, rather than relying upon prior knowledge of attacks as previous-generation systems did.
This is how our immune systems protect us from disease: We each have our own body chemistry, which enables our immune system to reject abnormal activity, such as a new flu virus. The human immune system is in fact the world’s oldest security system, perfected via the concept of survival of the fittest.
How do other security applications work, compared to Primary Response?
Current security software solutions approach the problem by attempting to recognize previous attacks. These approaches can only prevent yesterday’s attacks, altogether missing brand new or “zero-day” attacks. Primary Response does the bulk of this work automatically, instead of requiring extreme effort from the IT staff.
What kind of challenges does the company face in developing its software?
Developing simple, elegant solutions that change the way people secure their computer systems is not trivial. There are only a handful of people in the world that have the technical depth to even attempt bringing this approach to the marketplace. Now that we are shipping the product, we are in an innovation race to stay ahead.
Why do you think that there are still so many security problems, given the host of solutions that have been developed so far?
Part of it has been the approach. A significant amount of early cybersecurity work was focused on having deep knowledge of the attacker and their methods, a paradigm that became more and more difficult with the anonymity shield created by the Internet. When you turn the problem around and focus on preventing abnormal behavior, the cybersecurity arms race starts to tip in favor of the defender.
do you know a local company we should cover? Let us know about it. Send your local profile candidates to [email protected]