Zingbox launhces IoT protection for business

Zingbox launhces IoT protection for business

Zingbox, a cloud-based, internet-of-things security startup, is coming out with its first product that it says can tell good IoT behavior from bad and sends alerts when it finds activity outside the norm.

Called Guardian, the solution consists of a virtual appliance that gathers and processes network traffic data and sends it to the Zingbox cloud, where it is analyzed for anomalies. When they are found, it can send alerts to security staff or intervene automatically via integration with firewalls, says May Wang, a founder of the company and its CTO.

Zingbox’s cloud analyzes metadata that is gathered from mirror ports on switches and uses it to discover all of the IoT devices on the network, identify what class of device each is and even the make and model. Machine-learning algorithms in the cloud set a baseline for normal behavior for each device based on the data fed to it by the device but also based on data Zingbox has gathered from similar devices owned by other customers.

For example, a hospital might have a GE X-ray machine. The Guardian virtual appliance would gather metadata from that machine and the cloud engine would analyze its behavior. The analysis would also tap data Zingbox has gathered from other customers’ GE X-ray machines and from X-ray machines made by other manufacturers. All of this input is used to establish what is typical, acceptable behavior of the machine in question, Wang says.

The algorithm creates a white list of acceptable activity and uses it to catch the abnormal, and when it does, that triggers a response in the virtual appliance. The response can be an alert to a human security analyst or an automated response via firewalls, Wang says. Most customers choose to run the alerts by a person rather than let the platform block traffic automatically.

Guardian can integrate with firewalls made by Cisco, Fortinet, Palo Alto Networks and SonicWall through APIs to quarantine devices or shut down their network connections.

The platform can be used to do an IoT inventory. “Right now people don’t even know how many IoT devices they have,” Wang says.

Because the architecture is cloud based, Guardian can scale to accommodate large networks. Wang says it already supports 100,000 devices and can handle more. It delivers very few false positives, she says, because most of these devices have relatively fixed behaviors that occur in simple patterns.

Guardian is available now. Pricing is based on the number of devices being monitored and ranges from $10 to $60 per device per year, with the lower prices being charged for a high number of devices.

IDG Insider


«AMD: Sorry, there will be no official Ryzen drivers for Windows 7


Endpoint security is the new sexy: F-Secure CEO»
IDG Connect

IDG Connect tackles the tech stories that matter to you

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.


Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.



Should the government regulate Artificial Intelligence?