Randy Caldejon of Crozet and Peter Shaw, his partner in founding nPulse Technologies, have formed a new company that will use machine learning, also called artificial intelligence, to help protect computer networks from intruders.
Crozet-based nPulse Technologies, which developed technology that allows speedy forensic analysis of computer security breaches, was acquired in 2014 by San Jose, California-based FireEye, a leading international cyber security firm. Caldejon described nPulse’s box as similar to an airplane’s flight data recorder that helped networks know promptly when they needed to react to a threat. FireEye’s acquisition included a three-year non-compete clause that has now lapsed.
CounterFlow AI goes the next step in cyber security and directs the network to where the breach has occurred. This changes a company’s security mindset from wait-and-see about threats to search-and-destroy them.
“The market is still hot for cyber security,” said Caldejon, whose new firm set up shop on the fourth floor of Piedmont Place on Labor Day. Besides Shaw, who resides in Boston and will handle business operations and sales, Caldejon, an expert in computer security monitoring and forensics, is joined by Andrew Fast, a Ph.D. in computer science who will lead the firm’s data science efforts; Erik Breuhaus, a marketing expert; Brendan Richardson, who specializes in low-power semiconductors; and Jeffrey Woodruff.
“Machine learning is writing software that can learn from examples. It can find patterns in data and then guide human action. A big part of it is in the filter component. The machine focuses human attention in the right places. The term is ‘threat hunting’. This is like a handful of Dobermans patrolling the grounds and looking for threats. The key for machine learning is data—as much as you can feed it. Data is traffic analysis.”
Cyber security is beset by three problems, Caldejon said. First is the new, overwhelming flow of data and security events. Second is the increased sophistication of the attackers and third is the lack of skilled analysts available to respond.
Caldejon said it was particularly important to him to establish the business in Crozet, and he pointed to the recent move of Perrone Robotics to downtown as a sign that Crozet can attract modern technology companies if a nucleus forms. “We want Crozet and Charlottesville to be known for data scientists.
“We plan to fund-raise this fall,” said Caldejon. “We’re looking for an angel investor. We have a very aggressive schedule. We have to have a minimum viable product by the end of this year,” he said. “We have three prospective customers. We want them to be able to test our product before they make annual budget decisions. Our stuff will be working on a network. It will sit inside a corporate network and observe the traffic. AI is really statistics. It’s all mathematics.”
Caldejon said his likely main customers are Fortune 500 companies and the U.S. government.
Threat-hunting involves detecting patterns and then filtering them to find the highest priority threats. “AI helps us to look here and not there. There are too many variables to consider,” Caldejon said.
Besides being able to detect a security attack and now also know where to find it, the company also expects to develop software that will confront attacks and block them.