The engineers at nPulse Technologies, Crozet’s favorite contender among information technology innovators, have emerged from their below-the-radar profile as experts in computer network forensics.
“The company’s name is a concoction of network pulse,” explained founder Randy Caldejon. He started it his basement in Vienna, Virginia, in 2006. A few months later he and his wife made the decision to move their family to Crozet.
“We drove through,” said Caldejon, “and we said, ‘why don’t we move here?’ We thought we’d be here a year, and we’ve been here ever since. It’s been great here. The lack of traffic. Just being able to slow down. It’s the biggest decision my wife and I have ever made and now we have many good friends. It’s a great place. We’ve never regretted it.”
Caldejon had been in signals intelligence in the Marine Corps and fought in the First Gulf War. Afterward he could have worked for a No-Such-Agency that may not exist in Maryland, but it’s unclear.
“This started as a services company,” said Caldejon. “It’s a black box that is continuously recording that allows you recreate a scenario in a network. We were making custom products and we decided to make one that we could just sell.
“We can figure out how a network was broken into and how it can be prevented. Target is a recent example of what can happen. We have huge customers, on Wall Street, the government networks and the Telcos [telephone service providers]. I draw an analogy to Claudius Crozet. He did an amazing engineering feat. Our firm’s boxes are monitoring some of the world’s cyber tunnels.
“Network forensics is the niche we’re in. Of our four competitors, we are the fastest. When it comes to performance, people come to us. The Department of Homeland Security has a project called Einstein that has trusted gateways that use our boxes. If there is a hack, we can figure out how it happened. In cyber space there are incidents every day, so we are trying to automate it so it’s not overwhelming.”
He likened the job his product does to a convenience store camera set-up that records everything that goes on in the store.
“In our field we deal with what are called ‘big pipes’ that transmit at 10 gigabytes per second. For sure you will find a weak point. Everybody has an IP address, so in some cases you can trace back and find out who broke in. Whatever happens, it’s all there for re-examination.”
The box that is capturing all that data, in every detail, virtually instantly, is important, but more important is the software that makes it possible to investigate the data that is captured. nPulse’s multi-threaded software can detect a network compromise in minutes, rather than hours later, and reconstruct every step in what Caldejon called the “kill chain,” the vital series of events that led to the break-in.
nPulse has two patents on algorithms, specific mathematical procedures for making calculations. The firm has 12 engineers, all with computer science degrees, including Ph.D.s. “We’re a family-oriented place,” said Caldejon. “We take off a week at Christmas and we work 9 to 5 hours. nPulse now has 30 employees, some of whom work remotely, and a sales office in Chantilly.
“We do all the software here in Crozet,” said Caldejon. “Our competence is the software. The hardware is shipped worldwide out of a manufacturer in Chicago, MBX Systems.”
Caldejon said he intends to keep going independently. “We’ve been approached many times about getting acquired, but it’s status quo,” said Caldejon, who is now chairman of the board. In 2011, in order to bring in private investment, the company went from being a limited liability company to incorporation with a board.
nPulse engineers were in San Francisco last week for the RSA Security conference, the main such event in the cyber security industry. They won a silver Info Security Global Excellence Award for the Most Innovative Security Product of the Year (Hardware).
“For the first time we had our own booth and we unveiled a new product, nSpector. It’s our next generation product. It’s what customers have been asking for. Now we have what we call distributed boxes that supply a central site. We’re responding to what our customers are asking for. We call our products user-based.
“We’ve gone into an agile development model and that’s helped us get ahead, rather than just be reactive. Now we’re in a three-year program. The first stage is packet analysis, second is forensic analysis and next year we’ll have threat analysis. We’re moving into being predictive. We’re trying to give warnings when we see a trend building. Our software is designed to work on multiple cores and it will take us up to 100 gigabyte-per-second volumes. We’re working on a shoestring budget. We boot-strap ourselves.”
But nPulse has attracted partnerships with such well-known names as Cisco, Intel, NetApp, Fire-Eye, Splunk and Symantec. Caldejon said the company expects to earn $10 million in revenue next year.
Everything under development at nPulse is kept encrypted and Caldejon is studiously vague about some aspects of network forensics. But when you next hear about a network break-in and precious data being ripped-off, remember we’ve got the heroes in the white hats here in Crozet and they are riding to the rescue.