Meet Tom Millar, CEO at Encrypted Traffic Analysis Platform: Venari Security

We created Venari Security, and our ETA (Encrypted Traffic Analysis) Platform to solve a problem that had been forming for many years. The use of encrypted communications has continued to rise for the past ten years, both for consumers and businesses alike.

We are now in a world where data privacy, regulatory compliance and data protection are critical to organisations. However, the same encrypted communications used to protect the confidentiality of data can also be used to hide malicious activity hidden within legitimate encrypted traffic.

Our solution helps organisations understand their encrypted communications and ensure they comply with their internal or regulatory standards. This enables organisations to get the granularity and clarity they need to implement strong encryption standards whilst maintaining visibility over their network – giving companies confidence that all encrypted communication maintains high standards.
 
 
venari logo
 

What do you think makes this company unique?

 
Over the coming years, most network traffic will be protected by end-to-end encryption. However, encryption is still poorly understood, and it’s becoming a big problem in highly regulated industries. This makes Venari Security an essential in an encrypted world: our solution helps enterprises overcome the challenges introduced by end-to-end encryption, one of the most critical cybersecurity challenges organisations face.

In short, end-to-end encryption renders many established means of detection and countermeasures for malware detection ineffective. The sheer volume of data that organisations hold, and the speed and frequency at which it is shared with different IT environments, make it nigh impossible for teams to rely on decryption to detect all malicious activity leveraging encryption across their networks.

Venari Security helps them to protect their data through the implementation of strong encryption standards whilst gaining visibility of what is happening in their environment. Using artificial intelligence and machine learning, encrypted traffic analysis (ETA) can also offer insights into traffic behaviour across a network and identify anomalous activity without decryption.

The solution also allows organisations to build custom rules for various use cases, from meeting regulatory needs to ensuring the use of strong cryptography for specific applications.
 

 

How has the company evolved over the last couple of years?

 
Over the last couple of years, we have increased our focus on helping organisations with compliance, not just threat detection. We are now in a position where we have moved our solution from proof of concept to actively selling our services.

We have already found that even companies in regulated industries that should have robust encryption are not always aware of what standard of encryption they deploy. In one case, a company thought they were using TLS 1.2, but it turned out it was 1.0 – an outdated encryption standard. Our solutions helped them identify this weak point and improve their security posture.

As an organisation, we recently opened our new Centre of Excellence in Tunis, Tunisia, and continue to expand our team in the UK. We’ve welcomed many highly talented advisors and consultants, including Paddy McGuiness, Former UK Deputy National Security Advisor for Intelligence, Security and Resilience; Cris Conde, Former CEO SunGuard (FIS); Lane Bess, Former CEO Palo Alto Networks and COO ZScaler; and Andreas Wuchner former Group Head IT & Risk Governance.
 

What can we hope to see from Venari Security in the future?

 
Our mission is to become the world leaders in TLS security and compliance, and we intend to be well on the way to delivering against our mission objectives.

The team continues to innovate at pace, accelerate the development of our compliance solutions, introduce new modules and continue to release innovative AI/ML models that identify the encrypted tools used by attackers within an enterprise network.

Ultimately, giving our clients a view of the encrypted communications within their environments can be digested into the Security operations and governance and risk platforms.

 

Longer-term, we will continue to hire some of the best talent to further bolster our AI, machine learning and behavioural analytics capabilities to help automate and continuously validate the encrypted communications between organisations’ users, data and resources. This will enable us to give businesses unparalleled visibility of the encrypted communication on their network.