CRN Exclusive: Zvelo Introduces IoT Security Offering To Detect Compromised Devices

Network security company Zvelo Monday unveiled an IoT security offering that uses artificial intelligence to automate the way enterprises discover and profile IoT devices on the network – and detect ones that are compromised.

"Over the past two years, we saw more and more IoT devices shipped without any type of security that were posing a threat to our customers," Zvelo CEO Jeff Finn told CRN. "With this, we also saw that these native IoT devices were being compromised by DDoS [Distributed Denial of Service] attacks and we realized we could help our channel partners get their arms around these devices in profiling them, detecting them and provide alerts around vulnerable devices."

Zvelo's offering uses an API to provide device profiles and compromised device data so that OEM partners can ingest the data into their user interfaces.

[Related: These 6 Artificial Intelligence Startups Could Be Intel's Next Acquisition Target]

Once deployed, the offering continuously monitors the behavior of devices that are connected to the network, looking for abnormal or malicious activity.

As the offering gathers threat intelligence from connected devices, it sends a continuous data stream to Zvelo's cloud for analysis – and in the meantime, network offerings equipped with Zvelo's IoT security features can be configured to automatically take action if anomalous behavior is detected.

The offering is unique in that it inspects all seven layers of a network-connected device's OSI model to recognize the fingerprint of the communications functions performed, making it possible to instantly detect irregular traffic flow with "much more depth and detail than has been available in the market," said Finn.

"Zvelo IoT security offers an effective and much-needed solution to the very real threat of IoT-based security breaches, offering an unprecedented depth of insight into the traffic and behavior exhibited by connected devices – and the ability to mitigate these threats before critical issues occur," he said.

Security vulnerabilities in Internet of Things devices were underscored a year ago when a DDoS attack – launched through IoT devices like webcams, routers and video recorders – overwhelmed servers at Dynamic Network Services, taking down up to 1,200 websites.

Zvelo's offering supports connected devices that could be susceptible to a similar type of attack, such as connected printers, scanners, Bluetooth devices, IP phones and systems, security video, alarm devices and other potential connected devices found in enterprise environments.

The Greenwood, Colol-based company, which sells 100 percent through channel partners including OEMs and systems integrators, wants its system to provide customers with the "best accuracy, fastest performance and lowest rate of false positives" in preventing IoT vulnerabilities.

Finn said the artificial intelligence algorithms help companies safeguard against hackers with "much greater scale and volume" – but partners also have an important part to play in working with customers to set up the offering in key vertical markets such as retail and health care.

"Rather than trying to use a database list of connected devices, we're using AI and machine learning to categorize behaviors and leverage that to alert customers on device vulnerabilities. Security is both a problem but also an opportunity for resellers, channel partners and OEMs," he said.