Xage adds full-stack data protection to blockchain security platform

Xage, a startup that has been taking an unusual path to secure legacy companies like oil and gas and utilities with help from the blockchain, announced a new data protection service today.

Xage CEO Duncan Greatwood, says that up until this point, the company has concentrated on protecting customers at the machine layer, but today’s announcement involves protecting data as it travels between parties, which is more of a classic blockchain security scenario.

“We are moving beyond the protection of machines with greater focus on the protection of data. And this announcement around Dynamic Data Security that we’re delivering today is really a data protection layer that spans multiple dimensions. So it spans from the physical machine layer right up to business transaction,” Greatwood explained.

He says that what separates his company from competitors is the ability to have that protection up and down the stack. “We can guarantee the authenticity, integrity and the confidentiality of data, as it’s produced at the machine, and we can maintain that all the way to [delivery to the various parties],” he said.

Greatwood says that this solution is designed to help protect data, even in highly complex data sharing scenarios, using the blockchain as the trust mechanism. Imagine a supply chain scenario in which the parties are sharing data, but each participant only needs to see the piece of data they need to complete their part of the transaction and no more. To do this, Xage has the concept of security fabric, which acts as a layer of protection across the platform.

“What Xage is doing is to use this kind of security outsource approach we bring to authenticity, integrity and confidentiality, and then using the fabric to replicate all of that security metadata across the extent of the fabric, which may very well cover multiple locations and multiple participants,” he said.

This approach enables customers to have confidence in the providence and integrity of the data they are seeing. “We’re able to allow all of the participants to define a set of security policies that gives them control of their own data, but it also allows them to share very flexibly with the rest of the participants in the ecosystem, and to have confidence in that data, up to and including the point where they’ll pay each other money, based on the integrity of the data.”

The new solution is available today. It has been in testing with three beta customers, which included an oil and gas customer, a utility and a smart city scenario.

Xage was founded in 2016 and has raised just over $16 million, according to PitchBook data.


By Ron Miller

Xage now supports hierarchical blockchains for complex implementations

Xage is working with utilities, energy companies and manufacturers to secure their massive systems, and today it announced some significant updates to deal with the scale and complexity of these customers’ requirements including a new hierarchical blockchain.

Xage enables customers to set security policy, then enforce that policy on the blockchain. Company CEO Duncan Greatwood says as customers deploy his company’s solutions more widely, it has created a set of problems around scaling that they had to address inside the product including the use of blockchain.

As you have multiple sites involved in a system, there needed to be a way for these individual entities to operate whether they are connected to the main system or not. The answer was to provide each site with its own local blockchain, then have a global blockchain that acts as the ultimate enforcer of the rules once the systems reconnected.

“What we’ve done is by creating independent blockchains for each location, you can continue to write even if you are separated or the latency is too high for a global write. But when the reconnect happens with the global system, we replay the writes into the global blockchain,” Greatwood explained.

While classical blockchain doesn’t allow these kinds of separations, Xage felt it was necessary to deal with its particular kind of use case. When there is a separation a resynchronization happens where the global blockchain checks the local chains for any kinds of changes, and if they are not consistent with the global rules, it will overwrite those entries.

Greatwood says these changes can be malicious if someone managed to take over a node or they could be non-malicious such as a password change that wasn’t communicated to the global chain until it reconnected. Whatever the reason, the global blockchain has this power to fix the record when it’s required.

Another issue that has come up for Xage customers is the idea that majority rules on a blockchain, but that’s not always a good idea when you have multiple entities working together. As Greatwood explains, if one entity has 600 nodes and the other has 400, the larger entity can always enforce its rules on the smaller one. To fix that, they have created what they are calling a super majority.

“The supermajority allows us to impose impose rules such as, after you have the majority of 600 nodes, you also have to have the majority of the 400 nodes. Obviously, that will give you an overall majority. But the important point is that the company with 400 nodes is protected now because the write to the ledger account can’t happen unless a majority of the 400 node customer also agrees and participates in the write,” Greatwood explained.

Finally, the company also announced scaling improvements, which reduce computing requirements to run Xage by 10x, according to the company.


By Ron Miller

Xage brings role-based single sign-on to industrial devices

Traditional industries like oil and gas and manufacturing often use equipment that was created in a time when remote access wasn’t a gleam in an engineer’s eye, and hackers had no way of connecting to them. Today, these devices require remote access and some don’t have even rudimentary authentication. Xage, the startup that wants to make industrial infrastructure more secure, announced a new solution today to bring single sign-on and role-based control to even the oldest industrial devices.

Company CEO Duncan Greatwood says that some companies have adopted firewall technology, but if a hacker breaches the firewall, there often isn’t even a password to defend these kinds of devices. He adds that hackers have been increasingly targeting industrial infrastructure.

Xage has come up with a way to help these companies with its latest product called Xage Enforcement Point (XEP). This tool gives IT a way to control these devices with a single password, a kind of industrial password manager. Greatwood says that some companies have hundreds of passwords for various industrial tools. Sometimes, whether because of distance across a factory floor, or remoteness of location, workers would rather adjust these machines remotely when possible.

While operations wants to simplify this for workers with remote access, IT worries about security and the tension can hold companies back, force them to make big firewall investments or in some cases implement these kinds of solutions without adequate protection.

XEP helps bring a level of protection to these pieces of equipment. “XEP is a relatively small piece of software that can run on a tiny credit-card size computer, and you simply insert it in front of the piece of equipment you want to protect,” Greatwood explained.

The rest of the Xage platform adds additional security. The company introduced fingerprinting last year, which gives unique identifiers to these pieces of equipment. If a hacker tries to spoof a piece of equipment, and the device lacks a known fingerprint, they can’t get on the system.

Xage also makes use of the blockchain and a rules engine to secure industrial systems. The customer can define rules and use the blockchain as an enforcement mechanism where each node in the chain carries the rules, and a certain number of nodes as defined by the customer, must agree that the person, machine or application trying to gain access is a legitimate actor.

The platform taken as a whole provides several levels of protection in an effort to discourage hackers who are trying to breach these systems. Greatwood says that while companies don’t usually get rid of tools they already have like firewalls, they may scale back their investment after buying the Xage solution.

Xage was founded at the end of 2017. It has raised $16 million to this point and has 30 employees. Greatwood didn’t want to discuss a specific number of customers, but did say they were making headway in oil and gas, renewable energy, utilities and manufacturing.


By Ron Miller

Xage secures $12 million Series A for IoT security solution on blockchain

Xage (pronounced Zage), a blockchain security startup based in Silicon Valley, announced a $12 million Series A investment today led by March Capital Partners. GE Ventures, City Light Capital and NexStar Partners also participated.

The company emerged from stealth in December with a novel idea to secure the myriad of devices in the industrial internet of things on the blockchain. Here’s how I described it in a December 2017 story:

Xage is building a security fabric for IoT, which takes blockchain and synthesizes it with other capabilities to create a secure environment for devices to operate. If the blockchain is at its core a trust mechanism, then it can give companies confidence that their IoT devices can’t be compromised. Xage thinks that the blockchain is the perfect solution to this problem.

It’s an interesting approach, one that attracted Duncan Greatwood to the company. As he told me in December his previous successful exits — Topsy to Apple in 2013 and PostPath to Cisco in 2008 — gave him the freedom to choose a company that really excited him for his next challenge.

When he saw what Xage was doing, he wanted to be a part of it, and given the unorthodox security approach the company has taken, and Greatwood’s pedigree, it couldn’t have been hard to secure today’s funding.

The Industrial Internet of Things is not like its consumer cousin in that it involves getting data from big industrial devices like manufacturing machinery, oil and gas turbines and jet engines. While the entire Internet of Things could surely benefit from a company that concentrates specifically on keeping these devices secure, it’s a particularly acute requirement in industry where these devices are often helping track data from key infrastructure.

GE Ventures is the investment arm of GE, but their involvement is particularly interesting because GE has made a big bet on the Industrial Internet of Things. Abhishek Shukla of GE Ventures certainly saw the connection. “For industries to benefit from the IoT revolution, organizations need to fully connect and protect their operation. Xage is enabling the adoption of these cutting edge technologies across energy, transportation, telecom, and other global industries,” Shukla said in a statement.

The company was founded just last year and is based in Palo Alto, California.


By Ron Miller