Company:Sanctum

From HandWiki
Sanctum
TypePrivate Company
IndustrySoftware,
Information Technology
FateAcquired
PredecessorPerfecto Technologies
SuccessorIBM
Founded1997
FounderGili Raanan and Eran Reshef
Defunct2006
HeadquartersHerzliya, Israel,
Santa Clara, California;
ProductsAppShield and AppScan
Websitewww.IBM.com

Sanctum was a Santa Clara, California-based information technology company focused on application security. Sanctum offered a firewall, AppShield, and scanner, AppScan, for application-layer security for Web environments.[1]

In 2003 Sanctum was merged with Watchfire and the company was subsequently acquired by IBM.[2]

History

Sanctum was founded in 1997 as Perfecto Technologies, by Eran Reshef and Gili Raanan.

The company released its first product AppShield in summer of 1999.[3]

The company has done an extensive research in application security and applying formal methods to real life software[4] in collaboration with Turing Award winner Professor Amir Penueli. Early research in 1996 and 1997 led to the invention, in parallel to other teams, of CAPTCHA technology, and the application for a US patent for CAPTCHA.[5]

In 2000 the company renamed itself to Sanctum.[6] The company was backed by investors Sequoia Capital, Intel Capital, Goldman Sachs, DLJ, Walden and Mofet.[7]

Products

The AppShield product was the first product to inspect incoming Hypertext Transfer Protocol requests and block malicious attacks based on a dynamic policy which was composed by analyzing the outgoing HTML pages.[8][9]

Later in June 2000 the company introduced AppScan the world's first Web Security Vulnerability Assessment solution.[10] Among the first clients for AppScan were Yahoo!,[11] Bank of America and AT&T.[12]

References

  1. "What the Watchfire-Sanctum acquisition means for Web app security" (in en-US). http://searchsecurity.techtarget.com/What-the-Watchfire-Sanctum-acquisition-means-for-Web-app-security. 
  2. "IBM Buys Watchfire". 2007-06-06. http://www.pcworld.com/article/132617/article.html. 
  3. Messmer, Ellen. "CNN - New tool blocks wily e-comm hacker tricks - September 7, 1999". http://edition.cnn.com/TECH/computing/9909/07/ecomm.hack.idg/index.html. 
  4. Kesten, Yonit; Klein, Amit; Pnueli, Amir; Raanan, Gil (1999-09-20). Wing, Jeannette M.. ed (in en). FM'99 — Formal Methods. Lecture Notes in Computer Science. Springer Berlin Heidelberg. pp. 173–194. doi:10.1007/3-540-48119-2_12. ISBN 9783540665878. https://archive.org/details/fm99formalmethod0000worl/page/173. 
  5. Method and system for discriminating a human action from a computerized action. 2004-03-01. https://patents.google.com/patent/US20050114705A1/en?q=discriminating&inventor=gil+raanan. 
  6. "Perfecto Changes Name to Sanctum - Globes English". http://www.globes.co.il/en/article-386089. 
  7. "DLJ'S Sprout Group Leads $16 Million Investment in Perfecto Technologies; Premier Venture Firm Backs eBusiness Security Software Company. - Free Online Library". http://www.thefreelibrary.com/DLJ'S+Sprout+Group+Leads+$16+Million+Investment+in+Perfecto...-a058502258. 
  8. Method and system for extracting application protocol characteristics. 1999-07-01. https://patents.google.com/patent/US6311278B1/en?inventor=gil+raanan. 
  9. Method and system for dynamic refinement of security policies. 2002-12-31. https://patents.google.com/patent/US20030226038A1/en?inventor=gil+raanan. 
  10. "Sanctum Introduces AppScan: Industry's First Automated Web Application Security Audit Tool. - Free Online Library". http://www.thefreelibrary.com/Sanctum+Introduces+AppScan%253A+Industry's+First+Automated+Web...-a062851146. 
  11. (in en) Network World. IDG Network World Inc. 2000-06-19. https://books.google.com/books?id=VxsEAAAAMBAJ. 
  12. "Sanctum, Inc. cited as leader in key web security sector". http://www.israel21c.org/sanctum-inc-cited-as-leader-in-key-web-security-sector/.