Core Security Technologies

From Wikipedia, the free encyclopedia
  (Redirected from Damballa (company))
Jump to navigation Jump to search
Core Security
IndustryComputer Security
Vulnerability Management
Security Consulting Services
United States of America
Key people
David Earhart (CEO)
Number of employees
~ 200

Core Security is an American computer and network security company that provides an attack intelligence platform, vulnerability management and network penetration testing measurement software products and services. The company’s research arm, CoreLabs, proactively identifies new IT security vulnerabilities, publishes public vulnerability advisories, and works with vendors to assist in eliminating the exposures they find.[1]

In December 2015, Core Security was acquired by identity and access management (IAM) company Courion;[2] in May 2016, Courion rebranded itself with the Core Security name.[3]


In 1996, Core Security was founded in Buenos Aires, Argentina. One year later, the CoreLabs Research group was established and published their first advisory.

Core conducted its first penetration test for a U.S. company in 1998. In the same year, Core Security was recognized as an "Endeavor Entrepreneur" by the Endeavor Foundation, a foundation that supports entrepreneurial projects in emerging markets.

In 2000, the company's first U.S. office opened in New York, NY. Two years later, Core released the first and second versions of their flagship penetration testing product, Core Impact Pro.[4]

In 2003, the company's U.S. headquarters was relocated from New York to Boston, MA. Five years later, Mark Hatton became the CEO of Core Security.[5]

In 2009, Core adds development sites in Boston and India. One year later, Core announced the beta of its new security testing and measurement product, Core Insight.

In 2012, Core announces partnership with nCircle.[6] In the same year, Core announces partnership with NT Objectives.[7]

In 2013, Core Security is named to the 2013 Inc. 500/5000 List.[8]

In 2014, Core Security Adds Intrinium to its Partner Program and extends its reach to the Pacific Northwest.[9] In the same year, Core Security announced the latest version of its Core Attack Intelligence Platform.[10] Also in 2014, Core Security won the Information Security Magazine and 2014 Readers' Choice Awards for "Excellence in Vulnerability Management."[11]

In 2017, Core Security merged with SecureAuth.


IndustryComputer security
FounderMerrick Furst, Wenke Lee, David Dagon, Richard Lipton
Atlanta, GA
United States of America
Key people
David Scholtz; Tom Savini; Stephen Newman; Paul Rolfe; Ron Wilson; David Fortune; Julie Preiss
ProductsAdvanced Threat Protection

Damballa is an American computer security company focused on advanced cyber threats such as zero-day attacks and advanced persistent threats (APT).[12][13] The company’s system uses massive data sets and machine learning to identify malicious activity based on network behavior, content analysis and threat intelligence. The system constantly “trains” on new data, which enables it to detect previously unknown threats.

Damballa was acquired by Core Security Technologies in July 2016 for $US 9 million, a significant loss on the $US 60 million in funding it had received.[14]


Damballa was founded in 2006 in Atlanta, Georgia by Merrick Furst, an associate dean in the Georgia Institute of Technology (Georgia Tech) College of Computing;[15] he was joined by two Georgia Tech colleagues, Wenke Lee, and David Dagon.[16] The company is named after Damballa, a Vodou snake god[17] that protects against zombies, with the implication that Damballa protects against “zombie” computers operating as part of botnets. According to its site, Damballa now seeks primarily corporate clients and ISP.


In April 2014, Damballa secured $US 13 million from its existing investors to grow sales and marketing efforts along with global expansion.[18] Since the company was founded in 2006, Damballa has raised a total of $US 57.5 million in venture capital funding led by the following firms: Sigma Prime Ventures; InterWest Partners; Palomar Ventures; Paladin Capital Group; and, Adams Street Partners. Additional investors include: GRA Venture Fund; Noro-Moseley Partners; and, Imlay Investments.[15][19][20]


Damballa’s current product offerings are:

Advanced Threat Protection[edit]

Damballa's advanced threat protection solution for enterprises, Damballa Failsafe detects successful infections with certainty, terminates their threat activity, and gives incident response the intelligence needed to rapidly prevent data breaches. Damballa Failsafe is able to detection malicious files (malware) and track suspicious behavior over time in the network, delivering actionable information about known and unknown threats regardless of the infection’s source, entry vector or OS of the device. It provides incident responders with definitive evidence so they can rapidly prevent loss on high-risk devices while blocking activity on the rest.[21] It was recommended on the Advanced Threat Protection shortlist buyer's guide for 2015.[22]

ISP Subscriber Protection[edit]

Damballa CSP, which is designed for service providers and ISPs, identifies malicious activity originating from subscriber’s devices, whether PC, tablet or mobile. Damballa CSP sits out-of-band inside the service provider’s network and monitors DNS requests (non-PII traffic) from the subscriber’s IP address, which enables it to identify subscriber devices infected with advanced malware.[23]


In 2013, Damballa was granted its first two patents,[24] related to detecting advanced threats. Patent 8,566,928[25] describes methods for detecting a first network of compromised computers in a second network of computers, while patent 8,578,497[26] describes methods for analyzing domain names that are not registered that are collected from an asset in a real network.

In February 2014, the company was granted a third patent, # US20120198549, for its "Method and system for detecting malicious domain names at an upper DNS hierarchy", which describes a methodology for identifying potential malicious domain names used to propagate threats.[27]

Research and advisories[edit]

According to its website, Core Security's research department, Core Labs, conducts research in system vulnerabilities, cyber attack planning and simulation, source code auditing and cryptography. Core Labs publishes security advisories, technical papers, project information and shared software tools for public use, with its researchers participating in IT security research conferences including the Black Hat Briefings.[28][29]

See also[edit]


  1. ^ "Inc. Magazine Unveils Its Annual Exclusive List of America's Fastest-Growing Private Companies - the Inc.500|5000". CORE Security. Retrieved 2014-02-21.
  2. ^ "Courion Acquires Attack Intelligence Solutions Provider Core Security". Courion. 2015-12-09. Retrieved 2016-06-01.
  3. ^ "Courion has Rebranded as the New Core Security". Core Security. 2016-05-25. Retrieved 2016-06-01.
  4. ^ "Technologies announces first comprehensive penetration testing tool". CORE Security. 2002-03-04. Archived from the original on 2014-02-25. Retrieved 2014-02-21.
  5. ^ "Technologies Appoints New CEO & Relocates Corporate Headquarters to Boston". CORE Security. 2003-05-30. Archived from the original on 2014-02-25. Retrieved 2014-02-21.
  6. ^ "Tripwire, Inc – IT Security Software to improve data security and regulatory compliance". Retrieved 2014-02-21.
  7. ^ "Core Security & NT OBJECTives Partner to Deliver First-of-its-Kind Comprehensive View of Web Application Security Posture". CORE Security. 2012-04-18. Retrieved 2014-02-21.
  8. ^ "Named to the 2013 Inc. 500/5000 List". CORE Security. 2013-08-21. Retrieved 2014-07-15.
  9. ^ Core Security. "Core Security Press Releases Archived 2014-08-26 at the Wayback Machine.." January 30, 2014. July 29, 2014.
  10. ^ "Prioritizing vulnerabilities to close gaps where it matters". Retrieved 2014-08-07.
  11. ^ "Wins 2014 Readers' Choice Award for Excellence in Vulnerability Management". CORE Security. 2014-11-25. Retrieved 2015-01-12.
  12. ^ Markoff, John (2007-01-07). "Attack of the Zombie Computers Is Growing Threat". The New York Times. Retrieved 2007-01-07.
  13. ^ "Enterprise Botnet and Malware Detection". Damballa, Inc. Retrieved 2007-01-07.
  14. ^ "Atlanta's Damballa sold for nearly $9 million - Atlanta Business Chronicle". Retrieved 30 September 2016.
  15. ^ a b "Startup Aims to Detect and Thwart Botnets". Nerd Twilight. 2006-08-17. Retrieved 2007-01-07.
  16. ^ Wilson, Tim (2006-08-15). "Startup to Challenge Botnets". Dark Reading. Retrieved 2007-01-07.
  17. ^ Rubner, Justin (April 7, 2006). "Tech spinoff gets $2.5M to go after 'zombies'". Atlanta Business Chronicle. Retrieved 2007-01-07.
  18. ^ "Atlanta Internet security firm Damballa raises $13M". The Atlanta Business Chronicle. 2014-06-02. Retrieved 2014-06-01.
  19. ^ "Internet Security Firm Lands $6M in New Financing". 2007-08-29. Retrieved 2007-09-01.
  20. ^ "The Daily Start-Up: Damballa Locks Down $15M Series E to Fight Cyberattacks". The Wall Street Journal. 2012-09-17. Retrieved 2013-09-05.
  21. ^ "Advanced Threat Detection and APT Detection". Retrieved 30 September 2016.
  22. ^ "Advanced Threat Detection Buying Guide". eSecurity Planet. 2015-09-03. Retrieved 2016-09-30.
  23. ^ "Advanced Protection for Service Providers and their Subscribers - Damballa". Retrieved 30 September 2016.
  24. ^ Jacques, Couret (2014-01-07). "Damballa adds two patents". Atlanta Business Chronicle. Retrieved 2 June 2014.
  25. ^ Google, Patents. "Patent Search". Google. Retrieved 2 June 2014.
  26. ^ Google, Patents. "Method and system for detecting malware". Google. Retrieved 2 June 2014.
  27. ^ "Damballa Granted Third New Patent For Detecting Advanced Threats". Dark Reading. 2014-02-04. Retrieved 2014-06-02.
  28. ^ "Core Advisories". CORE Security. Retrieved 2014-02-21.
  29. ^ Gregg Keizer (2010-05-06). "Security firm reveals Microsoft's 'silent' patches". Computerworld. Retrieved 2014-02-21.

External links[edit]