The security space is pretty crowded and I see a lot of companies that have come out of stealth, gone back into stealth, come out of stealth, gone back into stealth, because they haven’t got it right or they’re trying to feel their way through a really crowded field. I wanted to avoid that as much as possible.

Odds are, you haven’t heard of Eastwind Breach Detection.

Now, before you go beating yourself up for failing to keep up with the Utah tech and startup scene, rest easy — nobody has really heard of Eastwind Breach Detection because they have spent the last 15 months in stealth mode, lying in the weeds and building a solution designed to detect security breaches before they have a chance to act. December 16 marked the end of stealth and now it’s time to start familiarizing yourself with one of the new faces of cyber security.

“The problem I’m trying to solve is against the ever-emerging, ever-changing threat landscape,” said Paul Kras, CEO and Founder of Eastwind. “It seems like there’s an opportunity for me to bring together really smart guys who understand storage, analytics, security, search, and also understand instant response. Bring them together and offer this as a product platform and service to not only Fortune 100s, but to enterprises of all sizes.”

Kraus comes from a background that you should be familiar with — Omniture, Adobe, Solera Networks, all opportunities that helped create solid expertise in the areas of storage, search, and security. A Signal Peak-led exit from Solera created another opportunity, this one geared towards a problem Kraus has been passionate about.

“All the Signal Peak guys who were involved with the Solera exit said, ‘If you ever decide to go out and do your own thing, come and talk to us first before heading out to Sand Hill Road.’” Kraus said. “And I have a great relationship with (Managing Directors) Ron Heinz and Brandon Tidwell throughout the process. I wanted to keep the investment in Salt Lake, I wanted to build a Utah company with Utah engineers solving Utah problems. But everyone knows post-breach detection is not just a Salt Lake or Utah problem.”

Eastwind quickly came to terms with Signal Peak, becoming the first and only seed company currently in their portfolio. Kraus put together a team of professionals, many of whom have been working with him since Omniture, and then dedicated the last 15 months to proving they can build a world-class solution.

“I wanted it to be as bulletproof as possible,” said Kraus. “The security space is pretty crowded and I see a lot of companies that have come out of stealth, gone back into stealth, come out of stealth, gone back into stealth, because they haven’t got it right or they’re trying to feel their way through a really crowded field. I wanted to avoid that as much as possible.”

Drawing from a broad-reaching network of advisors and companies, Kraus has been running Eastwind’s solution through these organizations, giving them a chance to garner feedback and fine-tune things before coming out of stealth. The confidence built during this time now allows Eastwind to come to market with something they believe will strengthen and transform traditional IDS (intrusion detection systems) and firewalls.

“They’re very pattern-based, there’s a short memory on how to characterize network behavior, how to characterize what’s normal,” said Kraus. “What’s normal to a firewall is the last eight hours, what’s normal to me is the last 13 months. So I look at the breach landscape that’s using commercially and socially available applications — Twitter, Facebook, Skydrive, GitHub — and attacks pulling together applications that are in common use today that take days or even weeks to pull off. The idea that a traditional pattern-based system that limits itself to a few hours to detect anomalous behavior, that doesn’t make any sense to me.”

It’s common for hackers to spend large amounts of time within a network before they actually take action. If you are trying to detect these breaches based on eight hours worth of information, this can be problematic.

“You look at the threat landscape where threats are sitting in networks for 200+ days, but the security tools only have hours or days of context,” said Kraus. “There’s a tremendous mismatch there. Solving that problem using not only my experience, but the experience of the people who have been with me throughout my career for the past 25 years, just seemed like it made absolute sense.”

Eastwind is geared specifically to providing advanced security at a federal and enterprise level. Their cloud-based detection system mines and examines data for the past 13 months (or more, if necessary) and uses this to understand normal patterns and behaviors for each customer. Network threats hoping to bide their time within a system and then strike, beware.

“Leveraging cloud infrastructure gives us a higher level of computing and at the same time, we can continue to add storage,” said Kraus. “So I take those two limitations away that traditional security solutions have today — I’ve erased those. Now I can really apply more in-depth modeling.”

Riding the promise of their security platform, Eastwind was recently named as a Dell Founders 50 member, “an exclusive list of global startups that are disrupting their respective industries and poised to be household names in the coming years.” You can’t disrupt an industry without a solid team, and Kraus believes he has access to one of the best.

“The bulk of my team has been with me since Omniture,” Kraus said. “We built that platform, which is pretty well-documented in the area….We have the best engineering team in Utah, I would say that hands down, and probably the best in the country trying to solve a really hard problem. We are a world-class team of professionals. I’m happy that everyday I get to go hang out with these guys, I know that’s not a very professional thing to say, but I am truly impressed with what they bring to the table.”

By now, if you still aren’t aware of Eastwind Breach Detection, you should start beating yourself up — they are out of stealth mode, all relevant information is at your fingertips (and in this article), now all that’s left to do is sit back and watch the future unfold. Cyber security is constantly evolving and Eastwind is prepared to be the next stage in that evolution.

“I want to make sure our customers can understand and root out the breaches that are happening to them today,” Kraus said. “They all have tremendous defense strategies, amazing firewalls, amazing anti-virus, amazing IDS, amazing malware analysis solutions. But they are getting breached through sometimes straight-forward ways.”

Published 12/29/2015