Sanctum (company) explained

Sanctum was a Santa Clara, California-based information technology company focused on application security. Sanctum offered a firewall, AppShield, and scanner, AppScan, for application-layer security for Web environments.^[1]

In 2003 Sanctum was merged with Watchfire and the company was subsequently acquired by IBM.^[2]

History

Sanctum was founded in 1997 as Perfecto Technologies, by Eran Reshef and Gili Raanan.

The company released its first product AppShield in summer of 1999.^[3]

The company has done an extensive research in application security and applying formal methods to real life software^[4] in collaboration with Turing Award winner Professor Amir Penueli. Early research in 1996 and 1997 led to the invention, in parallel to other teams, of CAPTCHA technology, and the application for a US patent for CAPTCHA.^[5]

In 2000 the company renamed itself to Sanctum.^[6] The company was backed by investors Sequoia Capital, Intel Capital, Goldman Sachs, DLJ, Walden and Mofet.^[7]

Products

The AppShield product was the first product to inspect incoming Hypertext Transfer Protocol requests and block malicious attacks based on a dynamic policy which was composed by analyzing the outgoing HTML pages.^{[8] [9]}

Later in June 2000 the company introduced AppScan the world's first Web Security Vulnerability Assessment solution.^[10] Among the first clients for AppScan were Yahoo!,^[11] Bank of America and AT&T.^[12]

Notes and References

1. Web site: What the Watchfire-Sanctum acquisition means for Web app security. en-US. 2016-09-12.
2. Web site: IBM Buys Watchfire. PCWorld. 2016-09-12. 2007-06-06.
3. Web site: CNN - New tool blocks wily e-comm hacker tricks - September 7, 1999. Messmer. Ellen. edition.cnn.com. 2016-09-12.
4. Book: FM'99 — Formal Methods. Kesten. Yonit. Klein. Amit. Pnueli. Amir. Raanan. Gil. 1999-09-20. Springer Berlin Heidelberg. 9783540665878. Wing. Jeannette M.. Lecture Notes in Computer Science. 173–194. en. Woodcock. Jim. Davies. Jim. 10.1007/3-540-48119-2_12. 41193257 .
5. US20050114705A1. Method and system for discriminating a human action from a computerized action. 2005-05-26. Reshef. Raanan. Solan. Eran. Gil. Eilon.
6. Web site: Perfecto Changes Name to Sanctum - Globes English. Globes. 21 June 2000 . 2016-09-12.
7. Web site: DLJ'S Sprout Group Leads $16 Million Investment in Perfecto Technologies; Premier Venture Firm Backs eBusiness Security Software Company. - Free Online Library. www.thefreelibrary.com. 2016-09-12.
8. US6311278B1. Method and system for extracting application protocol characteristics. 2001-10-30. Raanan. Moran. Galant. El-Hanani. Gil. Tal. Yoron. Yuval.
9. US20030226038A1. Method and system for dynamic refinement of security policies. 2003-12-04. Raanan. Linhart. Gil. Chaim.
10. Web site: Sanctum Introduces AppScan: Industry's First Automated Web Application Security Audit Tool. - Free Online Library. www.thefreelibrary.com. 2016-09-12.
11. Book: Network World. 2000-06-19. IDG Network World Inc. en.
12. Web site: Sanctum, Inc. cited as leader in key web security sector. 5 August 2002 . 2016-09-12.