Sanctum promises application layer security

Gil Raanan is following in the footsteps of almost every software company to emerge from Israel. He spent his military service building highly-sophisticated applications for the Israeli army, and realised this expertise could be put to use in a commercial setting. In this case, protecting corporate organisations' web applications.


Company: Sanctum

Main activity: Application layer security software

Founded: 1997

CEO: Peggy Weigle

HQ: Santa Clara, California

Status: Privately held. Received over $54 million in four rounds of funding from Dell Computer, Sprout Group and Gemini Israel Funds.

Revenues: Not available.

Key competitors: KaVaDo, SPI Dynamics, Stratum8 Networks

Infoconomy comment: Sanctum claims its software can help organisations protect their web applications against both known and unknown security attacks. The company is well-funded and has few competitors in what is still an immature market.



Raanan co-founded Perfecto Technologies in 1997 (later renaming it Sanctum) with a focus on implementing security at the application layer, an area that is still highly vulnerable to attack.

Security attacks on the application layer are more sophisticated than the average attempted hack by a 'script kiddie'. Attacks are typically channelled through an organisation's web server and try to abuse the business logic of an application to execute malicious activities, such as siphoning money from a customer account.

Addressing that threat, Santcum's core product is an application level firewall called AppShield. This is installed either on, or in front of, a web server to automate the process of monitoring traffic and blocking anomalies.

It protects against ten known security segment threats including 'cross site scripting' whereby hackers steal vital components of a system to set up a dummy web site, for example, and 'cookie poisoning', which can help hackers access unauthorised services.

A key differentiator is that AppShield also logs all user activity inside a firewall, not just suspicious behaviour. This may help customers detect any unknown security attacks that emerge, such as new computer 'worms', says Sanctum CEO Peggy Weigle.

Several factors suggest Sanctum is heading for robust growth. It already has more than 150 customers and has few competitors, apart from much smaller companies such as KaVaDo, SPI Dynamics and Stratum8 Networks. Sanctum has also had massive endorsement from investors, having received a total of $54 million in funding over its four years.

Sanctum now needs to increase awareness of the security threat to applications if it wants to mirror the success of other Israeli software giants such as Check Point Software.

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics