It doesn’t matter what size you are when it comes to protecting your network. Big company, small company, startup: Hackers will still want your information and they’ll still stealthily poke holes in your network wherever they can.

You need to get security measures in place and fast.

That’s why “security as a service” companies have become vital for anyone looking to deploy security for everything from documents to your entire business.

Security as a service can be loosely described as a “software as a service” security tool that doesn’t require any on-premise hardware or software distribution. Unlike older security tools, like anti-virus software that needs to be installed on every single computer on your network, it’s almost plug and play — you click a button (and likely put in some credit card information) and suddenly you’ve got major security resources at your fingertips.

AI Weekly

The must-read newsletter for AI and Big Data industry written by Khari Johnson, Kyle Wiggers, and Seth Colaner.

Included with VentureBeat Insider and VentureBeat VIP memberships.

These security services aren’t the same as an on-premise firewall that watches the network from a physical appliance attached in your data center. But these products promise to protect you from malware, help you keep track of who signs into your network, monitor all your other cloud applications such as Salesforce and Google Docs, and more.

Small businesses can benefit from this kind of distribution model because it doesn’t require a big IT or security teams to get it up and running. Of course, you’re trusting a lot of your security to another company, but in reality these security-focused third parties have more resources (read: time and money) to focus on security than you do.

So what are the best security-as-a-service products out there? We talked to experts in the security community to compile this initial list of the top-tier providers.

Here are our top 10 in no particular order. What did we miss? Let us know in the comments below!


VentureBeat is researching cloud platforms and we’re looking for your help. We’re starting with marketing — specifically marketing automation. Help us by filling out a survey, and you’ll get the full report when it’s complete.


Qualys

Qualys secures your devices and web apps, while helping you remain compliant through its cloud-only solution — no hardware or software required. The company analyzes threat information to make sure nothing gets in your system. If some malware already happens to be there, it will give you the steps to fix the problem. Beyond that, Qualys will verify that the issue has been fixed. It scans any and all web apps you use for vulnerabilities as well, keeping your data safe while you head out in the wonderful world of SaaS, IaaS, and PaaS. In the future, Qualys plans to create a cloud-only firewall to even further protect your websites from harm.

White Hat Security

White Hat Security is focused on protecting your website from the ground up, including in the coding process. It provides its Sentinel product suite as a service to help your protect your websites with five different products.

These include a product that gives you current threat information so you can avoid coding vulnerabilities into your website from the get go. Another helps you identify issues in pre-production before the website is ever launched, and its enterprise product helps you test for major logic issues once you’re live. The overall Sentinel line will help your assess your Web apps for holes and will even act as a firewall that virtually patches found problems. White Hat further takes advantage of its research arm in order to provide you with updated information on threats found outside your network.

Okta

One of the most important parts about securing your network is simply knowing who is inside of it. Okta focuses purely on identity management — knowing who is where and why. It knows both your employees for people accessing information on the backend, as well as your forward-facing access-ers, which include customers and partners. It will help you manage logins across all of your applications as well, including Google Apps, Salesforce, Workday, Box, SAP, Oracle, Office 365, and more. Furthermore, it can track all of these from any type of device. Features include privilege provisioning from one dashboard, the ability to implement policies across devices, single sign-on options, and more.

Proofpoint

When we talk about attack vectors — holes in the network where bad guys can get in — email pops out as one of the weakest links. Proofpoint focuses specifically on email, with cloud-only services tailored to both enterprises and small to medium sized businesses. Not only does it make sure none of the bad stuff gets in, but it also protects any outgoing data. Proofpoint further promises that while it stores that data to prevent data loss, it does not have the keys to decrypt any of the information.

Zscaler

Zscaler calls its product the “Direct to Cloud Network,” and like many of these products, boasts that it’s much easier to deploy and can be much more cost efficient than traditional appliance security. The company’s products protect you from advanced persistent threats by monitoring all the traffic that comes in and out of your network as a kind of “checkpost in the cloud.” But you don’t have to filter all that traffic in from one central point. You can monitor specific, local networks as well given the flexibility of the cloud. Zscaler also protects iOS and Android devices within your company, which can then be monitored through its special mobile online dashboard.

CipherCloud

CipherCloud is here to secure all those other “as a service” products you use, such as Salesforce, Chatter, Box, Office 365, Gmail, Amazon Web Services, and more. It promises to protect that prized company data you’re just giving away to these services, as well as your communications, and more. It does this through many of the means we’ve already seen including encryption, traffic monitoring, anti-virus scans, and more. It also provides mobile security support.

DocTrackr

DocTrackr is a security layer that sits on top of file sharing services such as Box and Microsoft Sharepoint. It is built on the idea that once you send a document out of your system, it is truly out of your hands: People can save it, change it, send it, and more, and you’ve lost control of it. DocTrackr aims to stop that from happening. It lets you set user privileges for each person you share a document with. It further tracks everyone who opens the file, so you know who’s looking at your stuff — and you can even pull documents back, effectively “unsharing” them, if you want.

Centrify

Similar to Okta, Centrify also focuses on identity management across a number of devices and applications. The idea is to put all of your users — employees and customers alike — into one central area to be monitored and controlled through enforced company policies. Centrify will protect anywhere a person signs into your network be it through on-premise software or cloud applications. It also has a product that works specifically Samsung Knox — the smartphone manufacturer’s supposedly extra-protected mobile security software. This product provides devices running Knox with single sign-on options and helps IT departments manage these devices through Centrify.

Vaultive

Vaultive acts as a “transparency network proxy,” that is, it sits between your network and the Internet without needing any on-premise equipment. From there, Vaultive encrypts any data leaving the network heading to apps such as Microsoft Office 365. In other words, if you want to use cloud-based services but don’t trust the companies operating them, you can encrypt everything — before it gets into their servers — while continuing to use their clouds. The company plans to help people protect more than just Office 365 and Exchange. Soon, it will extend into customer relationship management software, file-sharing applications, communication services, and more.

SilverSky

SilverSky wants to be your one-stop-shop for cloud-based security. It offers email monitoring and protection, network protection, and will help you become HIPAA and PCI compliant — the two compliance measures that regulate how companies dealing with healthcare information and companies accepting online payments must secure their systems. It also taps into a big data store of threat information to keep your systems up to date on the latest malware and attacks heading for businesses like yours.


VentureBeat is researching cloud platforms and we’re looking for your help. We’re starting with marketing — specifically marketing automation. Help us by filling out a survey, and you’ll get the full report when it’s complete.


VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn More