One new security startup, Menlo Security, just exited stealth and is ready to show the public just what it’s technology can do to filter out the malware and viruses that hackers use to breach systems inside corporate walls.
The Menlo Park-based company, which also closed a $25 million Series B investment round and now has a total of $35.5 million in funding, believes that malware and malicious software code is the primary culprit for most hacks, said Amir Ben-Efraim, co-founder and CEO of Menlo Security.
Ben-Efraim, who used to work at the security firm Check Point Software (chkp), claims that over 90 percent of attacks come from malware. This malware usually gets into a company via employees who click around on an infected website or open an email with a link to a booby-trapped site which then loads a virus onto the computer.
Because malware is constantly mutating and employees just can’t seem to stop clicking on bad websites, Ben-Efraim believes that we must accept the fact that people will continue to hit on buggy sites.
So, to stop the bugs from entering the corporate environment, Menlo Security created a type of isolation technology that it claims can let users still access all the sites they want, but prevent any malware from transferring to their computers.
“With Menlo, we feel that we have the ability to remove malware from web and email,” said Ben-Efraim.
The way it works is through using a trendy technology called a container— a type of virtualization technology that allows developers to load up applications or services inside a software shell hosted on the same operating system. In this virtual shell, an application is essentially isolated from other applications sitting on the same machine while still getting access to the resources required for it to function.
Menlo Security uses Linux containers (LXC), and not those offered by the hot startup Docker, as a middleman of sorts that stand between a user and the webpage he or she wants to access. When a person wants to open a website, Menlo Security creates a custom container running on Amazon (amzn) Web Services that will load up the website for the user.
The website then runs in the container just like it would run on a user’s machine. If there were any malicious code hidden in the site that could spread to one’s computer, it wouldn’t be able to do so because it’s stuck in the container and can’t get out. However, the user can still move around the webpage and click on things like he or she would normally do and can interact with the website even though the website hasn’t been loaded up on their computer.
“If there was anything wrong with [the website], the isolated container takes the bullet and not you,” said Ben-Efraim.
The idea is a bit different from other startups that scan for bad guys that may be lurking in a company’s infrastructure like vArmour and Illumio because it’s not scanning and analyzing an organization’s network. It faces competition from legacy security companies like Symantec (symc) .
While setting up a middle man to load a website for a user seems like it would create some delay for the user, Ben-Efraim said speed hasn’t been a problem. The big test will be if the technology can handle a large deployment where hundreds, or even thousands of containers will need to be spun up.
“Sure there is a scale problem,” Ben-Efraim said, but he seemed confident that the company’s technology will be able to handle an increase of users and won’t overburden people with latency.
Without getting specific, Ben-Efraim said the company has 30 to 50 employees and dozens of clients.
Sutter Hill Ventures drove the latest funding round along with previous investors General Catalyst, Osage University Partners, and Engineering Capital. Sutter Hill Ventures managing director Stefan Dyckerhoff is joining the company’s board of directors.