A small group of IT security startups are hoping to cash in on the rise of
the botnet scourge as businesses -- telecommunications carriers and Internet
service providers, in particular -- seek new methods for stopping the attacks.

While larger security software makers, including Symantec, McAfee, and Trend
Micro, have built botnet-fighting functions into their existing products, and
carrier security specialists such as Arbor Networks have added tools for detecting
the threats in their network monitoring systems, a handful of smaller companies
are attempting to market themselves as purists in the anti-botnet field.

As carriers, ISPs, and large enterprises investigate techniques to keep computers
on their networks, and those of their customers, from being recruited into the
zombie armies of botnet-controlled devices, some experts say that there may
be a market for stand-alone technologies that address the problem -- at least
for the next several years.

"If you look at the change in the characteristics of malware attacks over
the last year, and the public outrage over data breaches, private and government
organizations have reached a point where the botnet issue is directly accessible,"
said Nick Selby, analyst at The 451 Group.

"Botnets are very relevant to data loss, and without question, customers
are looking for in-the-cloud protection and clean pipes; the problem is too
complex for any individual user to deal with alone, even large enterprise users,"
he said. "Anti-botnet vendors could see compliance and media-fueled growth
because everyone understands the issue of data loss."

Just as Webroot was able to build and maintain a business dedicated to fighting
spyware -- even in the face of competition from larger rivals who built tools
for warding off those attacks into their integrated security suites -- vendors
staking a claim to the anti-botnet space contend that there will be plenty of
demand for their specialized skills.

Perhaps the two best-known providers making noise in the segment are FireEye,
a Silicon Valley startup backed by funding from Sequoia Capital and Norwest
Venture Partners, and Damballa, an Atlanta-based company with roots at Georgia
Tech backed by Sigma Partners and Noro-Moseley Partners.

Leaders with both companies maintain that their businesses are already taking
off as botnets take over.

"These networks of infected PCs have become, in essence, the world's largest
computing grids. They dwarf the world's supercomputers in terms of their power,
so that tells you something about the severity of the overall threat,"
said Ashar Aziz, chief executive of FireEye, who maintains there are currently
as many as 150 million botnet-infected computers worldwide.

"This is the actual infrastructure that connects all the malware, spam,
and denial-of-service attacks," he said. "A feature built into an
end-point client is not going to

• Email
• Print
• Share
  • Slashdot
  • Digg
  • Stumble
  • Reddit
  • Newsvine