Skyhigh Security, formed from the Secure Service Edge (SSE) pieces of McAfee Enterprise and FireEye, today announced its name and data-guarding portfolio.
CEO Gee Rittenhouse, who led McAfee Enterprise Cloud and is a former Cisco security executive, said Skyhigh aims to shift practitioners’ focus from granting or blocking network access to resources, to fine-grain monitoring and protection of applications and data even after people have logged in.
Instead of simply securing access to an application, Skyhigh examines what people and machines do with the software, and how they use information with in once their identity has been verified and access granted, Rittenhouse said.
“What happens after you have access? How do I protect the information and the sensitive data after the login, after I’ve done zero trust? Because we operate in an environment that’s highly collaborative, protecting that flow of information is important,” Rittenhouse told The Register.
To this end, Skyhigh strives to secure access to web, cloud-based, and private apps, and then safeguards an organization’s data within those applications, using a policy-based approach: “The policy follows the data instead of being attached to different technologies,” Rittenhouse said.
A quick refresher on how Skyhigh came to be: early last year private equity firm Symphony Technology Group acquired McAfee’s enterprise security business for $4bn, and a few months later bought FireEye’s security products business for $1.2bn.
Then in January, this combined McAfee Enterprise-FireEye outfit renamed itself Trellix, and rolled out an extended detection and response platform. At the time, Symphony announced it would spin off the McAfee Enterprise’s Secure Service Edge portfolio into a company with Rittenhouse at the helm. Skyhigh will maintain a close relationship with Trellix particularly around data-loss prevention, Rittenhouse said.
Skyhigh’s portfolio includes a secure web gateway, cloud access security broker, zero trust network access, cloud data loss prevention, remote browser isolation technology, cloud firewall, and cloud-native application protection platform.
In addition to the combined McAfee-FireEye SSE pieces, the portfolio includes technology from McAfee’s earlier acquisitions, including Skyhigh Networks, Light Point Security, NanoSec, and Secure Computing.
SSE encompasses a set of service services that allow enterprises to adopt a secure access service edge (SASE) architecture — SSE is basically SASE without the networking component — and Skyhigh faces stiff competition from the likes of Zscaler and Netskope.
Rittenhouse says Skyhigh’s approach is unique in that it is “data aware,” and he cites Gartner’s accolades in its SSE Magic Quadrant for the former McAfee platform’s “completeness of vision.” The other two aforementioned vendors ranked higher in their “ability to execute.”
“We were the farthest along on the vision piece of this single view of the data and the single policy element, the single portal,” Rittenhouse said. “It’s not enough just to have a broad portfolio, but it’s how that portfolio interacts to protect this particular use case around data.”
To this end, it sets policies that enforce how data is used, and those policies follow the data where it resides, he explained.
So after an employee uses multi-factor authentication to verify her identity to log onto Box, for example, Skyhigh’s tech will set and enforce policy around what she can do with the application. In this case, uploading corporate secrets to Box would raise red flags.
“It’s this data-aware piece of what [a user is] doing with the data,” Rittenhouse added. ®