Software-as-a-Service and cloud computing have introduced a host of new security problems. But some companies are turning this problem on its head and using the cloud to deliver Security-as-a-Service. The Security-as-a-Service paradigm promises an end to expensive appliances and complex software deployment. We don't see most companies giving up firewalls and end-point protection clients yet, but here are three examples of how security in the cloud can work.

This series on data security and privacy is brought to you by IBM. Find out more about how IBM is creating a Smarter Planet.


Zscaler offers cloud-based protection from malware and other security threats by routing all of an customer's Internet traffic through its own proxy servers. The company can then analyze and detect any threats being passed through the network traffic without requiring any hardware or software installation. Customers don't have to worry about outdated signature files or disabled end-point protection clients since all of the analysis is done outside of the actual PCs.

Zscaler was founded by CEO Jay Chaudhry and CTO K. Kailash, industry veterans who had both worked at CipherTrust and AirDefense. Kailash was previously the chief architect of NetScaler. The company was an Information Week startup of the week in 2008 and received a generally favorable review from eWeek recently. Zscaler has landed several big name customers like La-Z-Boy and ING.


Like Zscaler, a service from Israeli startup Seculert requires no installation of software or hardware to monitor for threats. However, it doesn't need to route traffic through its servers eithers. "Customers provides us with enough information about the company infrastructure to monitor for cyber threats," says co-founder and VP of products Dudi Matot. Matot and Seculert weren't forthcoming about other details of how the service works, saying only that the company uses "advanced patent-pending technology" to monitor, detect and analyzes threats. Matot also could not disclose any of Seculert's customers.

Without more information on its technology or customer base, it might not be worth mentioning the company if not for the experience of its founders and an investment from YL Ventures. However, even the amount of the investment has not been disclosed (TechCrunch suggests it was a "very significant" seven digit figure).

Matot previously worked for SanDisk and CheckPoint. The other co-founders - CEO Ron Kraitsman, COO Alex Milstein and CTO Aviv Raff have all worked for Finjan Software among other companies.

The Media Trust

The Media Trust was founded six years ago as an online advertising verification service, but for the past year has been offering an anti-malvertising service that competes with ClickFacts and Dasient.

The Media Trust's original service consists of ensuring to advertisers, publishers and ad networks that the right ads are running at the right times in the right geographic locations. The company's customers include Google, Yahoo! and AOL. According to CEO Chris Olson, the company found itself constantly combating malware and malvertising on its own systems as a result of processing so many ads. The company built effective detection and prevention measures and realized it would be possible to market those solutions as an additional service.

The company added a privacy monitoring service a few months ago as well. This service makes sure advertisers aren't over-zealous in collecting personal information from viewers. The Media Trust analyzes every aspect of a Web page, from cookies to JavaScript.