Security that meets needs of cloud

So what does this mean? According to Crosby, StackPath will initially include “some web facing services; content delivery, DDoS protection, VPN services, and a web application firewall.” The developer-centric security platform will get smarter over time, and by the end of the year will include secure compute, storage and DNS, with plans to release new security services every month for the next several years.

The idea for StackPath came to Crosby as he observed serious flaws in cloud security – even at the level of Fortune 500 companies, who spent a fortune on security products they never deployed. Traditional security modded for cloud environments just doesn’t meet the level of scale and automation required.

“After being acquired by IBM I spent the last two years seeing the shortcomings of cloud security,” Crosby says. “We had some security products at SoftLayer but we called them bolt-on; [we] took more traditional firewalls, load balancers and things like that and converted them to cloud but there was nothing that was truly, highly scalable and automated that would work.”

“That’s where the concept came from. I saw companies like Netflix, big banks, and firms that were spinning up literally tens of thousands of virtual machines a day and there were no real security products that would follow that level of automation and scale.”

Developers drive security engine

In last year’s Gartner Magic Quadrant for managed security services, the research firm identified IBM, Dell SecureWorks, Symantec, and Verizon as leaders in the space.

Crosby says StackPath’s global threat intelligence engine across 35 points-of-presence will be available to customers who can integrate the security within their applications via APIs, differentiating it from other security companies.

“We believe we’re going to create a whole new generation of security firms who are going to use this platform to build new widgets on top that we never dreamed about,” Crosby says. “When people ask me what that’s going to be I tell them that I didn’t know in 2005 that Facebook, Tumblr, WhatsApp, and Yelp, and all the other companies that built on top of cloud were ever going to create new verticals and new industries and I think we’re going to see the same thing here.”

StackPath’s technology will not be built from scratch – the company acquired MaxCDN, Fireblade and Cloak to build out its CDN, Web Access Firewall, and VPN, respectively. The company said that its DDoS mitigation technology also includes “an impressive array of IP.”

Crosby tells us that he drew from his past relationships in the cloud space to build a team including COO and president Andrew Higginbotham, who previously led CenturyLink’s Cloud and Managed Services Business, and CFO Kim Sheehy, who prior to joining StackPath served as CFO of CyrusOne. He recruited others from his background at IBM/SoftLayer, Google, and Amazon, as well.

Crosby’s hosting past will also serve StackPath well in its initial stage where it will be targeting internet-centered companies and more traditional hosting companies. Hosting providers will be able to sell the security services offered by StackPath and white-label the platform. Eventually the platform will be available directly to developers.