Secludit, an European cloud security startup based in Sophia Antipolis, France, announced today the availability of Elastic Detector.
Elastic Detector is a security event detection tool targeted at Amazon EC2 infrastructures, engineered as a SaaS: the pricing model follows the cloud logics, charging $0.025 per server per hour (the first 30 days are provided for free).
Secludit, co-founded and led by former Eurecom researcher Sergio Loureiro, managed to reach the finals of Global Security Challenge and SeedCamp last year, and has launched a private beta of Elastic Detector in December 2010.
The key point of the solution is its high degree of automatism: according to Secludit, the product should auto-discover servers and applications and auto-configure a set of security checks based on an internal, shared knowledge base, with absolutely no burden for the administrators. The potential for leveraging shared and cross-tested best practices is very interesting and has been one of the key problems in baseline security in the last years. Even if the solution’s highly-automated nature is a good match for the elastic infrastructure Amazon is powering, the main challenge will probably be accomodating customized, specific infrastructures and services: the ability to do that will be highly dependent on the semantic power of the underlying, patent pending Elastic Security technology.
Elastic Detector is one of the first cloud based security tools, a delivery model which can only gain traction if the trust for cloud based solutions will be increasing in time, with companies becoming more and more used to cloud-based services for their most critical assets. However, Elastic Detector is targeting a very specific market, i.e. companies who are already using Amazon public cloud: as such, it takes security services in an area where there is a definite lack – and need – of solutions.
Wheter they will be as effective as the market is demanding has to be seen.