Seculert was an Israeli cloud‑based cybersecurity company that built AI and big‑data driven breach and advanced persistent threat (APT) detection services and was acquired by Radware in 2017.[2][1]
High‑Level Overview
- Seculert built a cloud-native attack detection and analytics platform that combined big‑data analytics, machine learning and behavioral analysis to detect infections and malicious outbound (beaconing) traffic without on‑premise integration or new hardware.[1][3]
- Its product served enterprises, governments and service providers (notably SOC teams at banks, manufacturers and large organizations) by surfacing high‑fidelity breach alerts, identifying compromised devices and delivering incident‑ready reports to accelerate containment and remediation.[3][1]
- The company addressed the gap of undetected malware/late‑stage attacks (including APTs) that evade traditional prevention controls, improving detection speed and reducing false positives for security operations.[3][2]
- Seculert demonstrated growth and impact through industry recognition, participation in several high‑profile malware discoveries (Ramnit, Kelihos, Mahdi, Shamoon) and eventual acquisition by Radware to fold its analytics and ML capabilities into Radware’s security portfolio.[2][1]
Origin Story
- Seculert was founded in 2010 in Petah Tikva, Israel by Aviv Raff (former RSA FraudAction Research Lab manager), Dudi Matot (former SanDisk product marketing) and Alex Milstein (former Finjan operations VP).[2]
- The idea grew from malware research and the founders’ experience with fraud and malware analysis; the company’s early offerings included Seculert Echo (2011) and Seculert Sense (traffic‑log analysis released 2012), which aimed to detect stealthy infections using cloud processing of crowd‑sourced telemetry.[2][3]
- Early traction included media and industry recognition (named a hot security startup by The New York Times in 2012), public disclosure of notable malware campaigns (Ramnit, Kelihos, Mahdi, Shamoon) that underscored the platform’s detection capabilities, and venture backing from firms including Sequoia, Norwest and YL Ventures prior to its acquisition.[2][1]
Core Differentiators
- Cloud‑first analytics: ran large‑scale big‑data analytics in the cloud so customers needed no new on‑prem hardware or network changes to deploy detection.[3][1]
- High‑fidelity detection: focused on behavioral indicators and outbound beaconing to reduce false positives and produce “incident‑ready” reports for SOCs.[3]
- Crowd‑sourced threat intelligence: leveraged telemetry across its customer base to accelerate detection of new threats once seen in one domain.[3]
- Research‑driven alerts: security research team discovered and publicized major malware campaigns, demonstrating practical detection capability and contributing to broader threat intelligence.[2]
- Integration posture: designed to complement—not replace—existing gateways and firewalls by detecting infections those controls missed, a capability later positioned as a strategic enhancement within Radware.[1]
Role in the Broader Tech Landscape
- Trend alignment: Seculert rode the shift toward cloud‑based security analytics, machine learning for threat detection, and telemetry‑driven, behavior‑based detection as perimeter defenses proved insufficient against targeted APTs.[3][1]
- Timing: founded when enterprises began logging massive telemetry but lacked scalable analytics to surface stealthy compromises, enabling Seculert’s cloud analytics model to add value without heavy integration.[2][3]
- Market forces: growth of endpoint and web‑delivered threats, increased regulatory and operational pressure on SOCs, and demand for faster incident response favored analytics and ML‑based detection providers.[3][1]
- Influence: by publicly exposing major malware campaigns and demonstrating cloud detection approaches, Seculert helped validate behavioral, outbound‑focused detection as a complementary control in enterprise security stacks.[2][3]
Quick Take & Future Outlook
- What was next: Seculert’s acquisition by Radware in January 2017 signaled consolidation—its ML and analytics were intended to expand Radware’s threat analysis and data center protection capabilities.[1]
- Trends shaping the journey: continued centrality of cloud analytics, integration of threat intelligence across vendors, and emphasis on reducing SOC workload through high‑fidelity, automated detection remain the dominant forces that validated Seculert’s approach.[1][3]
- How influence might evolve: Seculert’s core ideas — cloud processing of telemetry, behavioral detection of outbound command‑and‑control, and crowd‑sourced intelligence — continue to appear across modern XDR, SIEM, and cloud‑native security platforms and thus its technical legacy persists within consolidated vendor offerings.[1][3]
Quick reminder: Seculert no longer operates as an independent startup after its 2017 acquisition by Radware; descriptions above reflect its products, achievements and positioning up to that transition.[1][2]
