Ziften, New CEO, Focus on Simplified Endpoint Security


By: R. Scott Raynovich

Las Vegas -- Endpoint security startup Ziften's new CEO Mike Hamilton says the goals for the company include driving growth through a partnership with Microsoft and a focus on integrating and simplifying a variety of endpoint protection technologies.

Endpoint security companies are hot these days, with Carbon Black recently launching an initial public offering (IPO) and Cylance expected to file soon. But the endpoint security market is also complex, requiring coverage of many different components, which might include laptop and desktop computers, servers, Internet of Things (IoT) devices, and cloud components.

Ziften is looking to differentiate itself by including patch management, advanced antivirus (AV) and threat detection in one package. This helps solve trends in the industry: Security pros are overwhelmed with the number of security tools and alert systems the need to manage, so they are seeking products that integrate multiple capabilities. Ziften says this also helps security teams reduce the number of security agents running on their system.

This year they company struck a broad partnership with Microsoft, contributing its macOS and Linux visibility, behavioral analytics, and threat hunting capabilities to the Windows Defender Advanced Threat Protection (ATP) project. Here at the Black Hat conference, Ziften this week announced that its Zenith endpoint protection platform now includes advanced AV protecting all enterprise endpoints from known and unknown modern targeted attacks.

"Our focus is on simplifying on the endpoint," said Hamilton, in an interview here. "The endpoint market is super noisy. We now deliver full endpoint functionality. Enterprises have IT operations and security operations. IT operations own AV but no other security tools. There are not a lot of endpoint products that deliver to both."

Mhamilton Ziften

The trend of integrating system operations and security operations is known as SysSecOps, a trend that Futuriom helped define an an industry-leading report last year.

Ziften started with its approach to system hardening and visibility to help IT managers find unpatched systems and application vulnerabilities. Its recent addition of advanced AV and detection and response capabilities round out the features need to address both systems and security operations

"We are the only one out there that can flip the security equations. Most people put AV in place and then respond," says Roark Pollock, Ziften's senior VP of marketing. "We fix the hygiene problems and after getting the hygiene better, run AV on top of that."

The endpoint market is growing fast, with many larger companies than Ziften making waves. Carbon Black went public in May and recently reported $50 million in quarterly revenues, up 31% year-over-year. However the company is still in re-investment mode and is not profitable, reporting a loss of $19 million. The company raised $152 million in the IPO.

Ziften, a smaller company, sees opportunities for growth. The Microsoft partnership is key. While Microsoft is not a direct distributor, Ziften gets packaged with Windows Defender ATP in deals with distributors. This has led to recent deals in Germany and the Netherlands to protect endpoints using Microsoft Azure.