What I saw at RSA Conference 2017

In which I meet Avanan and Kaymera, and observe much buzz about identity, mobile threat detection, phishing, and machine learning.

RSA may be one of the most important security conferences of the year, but for those of us in the EMM, desktop virtualization, and EUC space, it’s not quite as big. Regardless, it’s going on right now just a few blocks from TechTarget’s San Francisco office, and I’ve always found it a convenient place to have meetings, observe trends, and occasionally make serendipitous discoveries, so I descended into the depths of Moscone Center to check it out. This article isn’t a comprehensive summary of RSA, but I did want to report on a few notable things I saw. (I’ll also cover more RSA-related announcements tomorrow in our Friday Notebook.)


One interesting vendor that I learned about was Avanan, which links newer cloud applications to more conventional security products.

On one end, Avanan connects to APIs provided by SaaS such as Office 365, G Suite, Box, or Dropbox. On the other end, it connects to dozens of security products, including offerings from  Symantec, McAfee, Check Point, and other big names. Avanan sits in the middle, acting as a type of broker or aggregation point; customers can chose which SaaS apps and security products to connect to each other, as well as do some reporting. Avanan emphasizes that they’re not a CASB or any type of proxy, rather they’re more like a marketplace that helps make the various connections that customers need.

The idea is that customers can take all the types of security products that might be used to do malware detection, DLP, encryption, AV, and etcetera for on-premises apps, and connect them to cloud apps, in order to add another layer of security. Avanan can act as a service provider, and they host and configure many of these security products on their own.

Avanan is based in New York, and was founded in 2014 by a team that came from Forescout. According to Crunchbase, Avanan has $16.4 million in funding.


Another interesting vendor I learned about was Kaymera, an Israeli mobile security company that provides a highly-modified and security-oriented version of Android.

Kaymara’s Android variant starts with plain AOSP, then adds encryption at rest and in transit, threat detection, DLP, and fine-grained app permission controls, all baked directly into the operating system. It can be deployed by replacing the OS images on Google Pixel or Nexus devices. Kaymera also provides a secure VoIP and messaging service, and split work/personal capabilities are included in their version of Android.

I’ve written about many special versions of Android in the past, ranging from the likes of Samsung Knox, the most well known, to others, like Cellrox, Graphite, and Silent Circle. At first glance (I had a brief demo in their booth), Kaymera’s Android variant seems to have more lower-level modifications than other specialty offerings, with the possible exception of some of the images used by virtual mobile infrastructure vendors.

More recently, Kaymera has also released mobile threat detection agents for iOS and Android. Kaymera can do some basic MDM on their own, if desired, or integrate with AirWatch and MobileIron.

Kaymera told me that they have been working with government customers for about 3 year. According to Crunchbase, they received $10 million in funding a little over a year ago. Interestingly, according to Forbes, Kaymera was founded by Omri Lavie, who also founded the NSO Group, the company that’s believed to be behind the Pegasus malware from last fall. They say there’s no relationship between the two companies, though.

Grab bag

There were a few trends I noticed at RSA. (Again, this isn’t a comprehensive list, just what stood out from our EUC perspective.)

First, I’d say close to half of the exhibitors said they used some type of machine learning or artificial intelligence in the business logic of their products. In a few years we’ll take this for granted, but for right now we must be getting somewhere close to the top of the hype cycle.

After years of the enterprise not really paying attention to mobile threat detection (MTD), this appears to be finally changing. According to data from a recent MobileIron report, less than 5% of their customers are using it, but that’s still higher than I expected. On the show floor, multiple EMM and MTD folks I talked to agreed that there’s been more interest and momentum in the last 12 months.

Identity management for cloud apps (along with identity in general) was a big topic. Of course there’s nothing new about this, but it does underscore the current wave that’s going on. I heard a lot of pitches that sounded like “As you know, all of these cloud apps have their own user databases, and your users will have to deal with a lot of passwords...” What I saw less of than I expected was security for IoT.

Lastly, I noticed several vendors devoted to phishing awareness, training, simulation, and reporting. It makes me think of the debate between the “users need to be more educated” and “security should protect users from themselves” camps. Either way, this is a big deal right now, and both approaches can help. (I also learned some new terms: vishing, for phishing over the phone, and smishing, for phishing via text or SMS.)

This isn’t all the news—come back tomorrow for the Friday Notebook for more from RSA!

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

I also came across Avanan at RSA2017 and it sounded intriguing. Anyone has experience with their platform?