The R&D Tax Credit Aspects of Network Security

By , , and

        The NSA scandal involving Eric Snowden and Target's 2013 year end security breach involving 110 million credit card holders has brought the issue of network security to the national forefront. One of the immediate aftermaths is a congressional mandate that all Obamacare website security breaches must be disclosed immediately. The exciting future available from wearable, the Internet of Things (IOT)2, Big Data3, and electronic medical records (EMS) will be compromised unless we can all enjoy personal network security and a secure critical network infrastructure.

        Many innovative, technology-based security companies have recently been created to address the important need for tighter network security. Federal R&D tax credits are available to support this important national need.

The R&D Tax Credit

        Enacted in 1981, the federal Research and Development (R&D) Tax Credit allows a credit of up to 13% of eligible spending for new and improved products and processes. Qualified research must meet the following four criteria:

  • New or improved products, processes, or software
  • Technological in nature
  • Elimination of uncertainty
  • Process of experimentation

        Eligible costs include employee wages, cost of supplies, cost of testing, contract research expenses, and costs associated with developing a patent. On January 2, 2013, President Obama signed the bill extending the R&D Tax Credit for 2012 and 2013 tax years.

Overview of Newtork Security

        Network security companies often have their R&D technology roots in Israel or the Washington D.C. area but they frequently migrate to California where they can develop a commercial business. The U.S. network security industry is comprised of both numerous startups and large industry giants. Previous generations of network security technology were strictly reactive, meaning that when a virus was detected the software removed the virus. The next generation of technology is aimed at preventing and avoiding attacks.

        Often times, startups do not have the tax capacity necessary to utilize R&D tax credits but acquisitions by a larger company usually enable the credits to be monetized. This fast growing industry is already experiencing substantive mergers and acquisitions activity with:

  • Intel's purchase of McAfee for $7.69 billion
  • Cisco's purchase of Sourcefire for $2.7 billion
  • FireEye's purchase of Mandiant for $1 billion
  • Palo Alto Networks' purchase of startup Morta Security for approx. $1 billion

An Epidemic History of Security Breaches

        Target's data breach ran from November 27, 2013 to December 15, 2013. This incident caused 110 million people to have their bank accounts, credit cards, e-mail addresses, phone numbers, and other personal information leaked. Although Target's security system failed, they were not the first company to have a data breach. Other companies such as Zappos, Barnes & Noble, and Neiman Marcus have all had publicized security breaches. Figure 1 below illustrates the major recent security breaches

A History of Security Breaches

Some of the new network security startups and their developing technology initiatives are as follows:

2013 Startups:

        Adallom is headquartered in Menlo Park, California, but has its R&D roots in Israel. Its three co-founders, Assaf Rappaport, vice president of R&D, Roy Reznik, and CTO Ami Luttwak have backgrounds in the Israel cyber-defense forces. The goal of Adallom is to provide real-time analysis and a clear audit trail and reporting related to SaaS (software as a service)-based application usage by the enterprise.

        The monitoring can allows options for automating or manually terminating sessions or blocking content download. Though not wholly similar, its closest competitors could be considered to be two other startups, SkyHigh Networks and Netskope, also are discussed below.

        AlephCloud, headquartered in Sunnyville, CA and founded in 2011 by CEO Jieming Zhu and CTO Roy D'Souza, has not yet made its software and service (AlephCloud Content Canopy) generally available. However, its purpose is to provide controlled encryption and decryption of documents transmitted business-to-business via cloud-based file synchronization and sharing services such as Dropbox, SkyDrive, and Amazon S3.

        BitSight Technologies,
based Cambridge, MA was co-founded in 2011 by CTO Stephen Boyer and COO Nagarjuna Venna. Many companies often want to try and evaluate the IT security of another business before entering into an e-commerce arrangement where networks may be interconnected in some way. BitSight, will provide a security "rating" service to do this.
headquartered in Belmont, CA, is focusing on stopping distributed denial-of-service (DDos) attacks aimed at both enterprises and cloud service providers. Founded by its CTO Barrett Lyon, who started another denial-of-service firm called Prolexic in 2003, relies on a cloud service without the need for an appliance to mitigate against large-scale DDoS assaults.

Companies with Breached Network Security

        Illumio, headquartered in Santa Clara, CA and founded by CEO Andrew Rubin earlier in 2013 has brought in former VMware software technicians and executives. Rubin was formerly CEO at Cymtec Systems, a security firm providing the means for visibility, protection, and control by the enterprise of web content and mobile devices, as well as a means for intrusion-detection analysis.

        Lacoon Mobile Security,
with an R&D arm in Israel and headquarters in San Francisco, CA, has come up with an approach to detect zero-day malware, targeting Android and Apple iOS devices by means of a small lightweight agent that examines mobile applications through behavior analysis and a process tied to the Lacoon cloud gateway. The startup was founded by CEO Michael Shaulov, vice president of research and development Ohad Bobrov, and CFO Emanuel Avner.

        Malcovery Security,
headquartered in Pittsburgh, PA, spun out in 2012 from research on phishing done at the University of Alabama. Targeted phishing attacks can have disastrous outcomes when devices are targeted to infiltrate organizations and steal data. CTO Greg Coticchia says the Malcovery technologies offered to businesses include ways to identify phishing websites and a service that can detect phishing e-mail. The company's founders include Gary Warner, director of research in cyber forensics at the University of Alabama, and the startup has received about $3 million in funding from the university.

based in Los Altos, CA, wants to help businesses monitor how their employees are using cloud-based applications and apply security controls to it, such as giving IT managers the ability to block data transfers or receive alerts. The Netskope service can apply security controls to about 3,000 different cloud-based applications, whether they are SaaS, PaaS, or Iaas.

headquartered in Palo Alto, CA, is a crypto-based security startup, focusing on making use of the central processing unit (CPU) as the trusted component to encrypt data in use. PrivateCore has come up its vCage software that relies on the Intel Xeon Sandy Bridge CPU for secure processing through means of Intel Sandy Bridge-based servers in cloud environments The challenge in processing encrypted data is "having to decrypt to do processing" says Oded Horovitz, PrivateCore CEO.

headquartered in Israel, is focused on mobile-device security, with its initial offering on Apple iOS iPhones and iPads. It recently introduced what is described as an intrusion-detection and prevention package for mobile devices, which relies on the Skycure cloud service for security purposes. Skycure's co-founder and CTO, Yair Amit says the goal is to prevent and mitigate any impact from attackers exploiting configuration profiles on mobile devices. Skycure, obtained venture-capital funding from Pitango Venture Capital and angel investors.

headquartered in Menlo Park, CA, was founded by two former NSA computer network analysts, CEO Jay Kaplan and CTO Mark Kuhr. According to them, Synack is bringing together security experts with expertise in finding zero-day bugs in software, particularly in websites and applications of Synack customers. "We pay researchers for vulnerabilities found," explained Kaplan in August 2013, as Synack officially debuted. He says bug bounty rates typically run a minimum of $500 to several thousand for serious vulnerabilities in databases, for example.

        Threat Stack,
headquartered in Boston, MA and founded by CEO Dustin Webber with Jennifer Andre, wants to give enterprises a way to know if hackers are breaking into Linux-based servers that they may use in their cloud services. To monitor for hacker activity, the startup's Cloud Sight agent software for Linux needs to be installed on the Linux server under administrative control in the cloud environment. "We look for the behavior of the hacker, the enterprise will get an alert if a hacker break-in is underway and a measure of forensics about incidents can be obtained if needed."

Figure 2 below illustrates the rise in network security start-up companies from 2011 to 2013.

Startup payments towards network security

2012 Startups:

        Click Security
, is headquartered in Austin, TX. Co-founded by CTO Brian Smoth and CEO Mac Willebeek-Lemair, Click Security released a product called the Automated Security Analytics Platform (ASAP) whcih is out to provide real-time information to detect stealthy infiltrators into corporate networks. ASAP aggregates information widely across the network but the co-founders reject being bracketed in the security information and event management (SIEM) category, claiming ASAP breaks new ground in threat detection. "While some of the things they do are similar to what SIEM vendors claim to do, they are much more than a central repository for log data," says Richard Stiennon, Chief Research Analyst with consult IT-Harvest.

headquartered in Redwood City, CA was founded by Co-founder and CEO Steve Kirsch. OneID is the "next-generation PayPal for digital identities" according to the CEO. Kirsch also says the basic technology, developed with engineers Jim Fenton, Adam Back, and Bobby Beckman, is integrated into websites to let users create their own digital identities and hold payment information securely to use as a form-filling capability. Kirsch also says the firm intends to tackle hard identity issues such as proving age, citizenship, and residency.

        Pindrop Security,
headquartered in Atlanta, GA works with banks and other organizations that encounter fraud attempts in telephone calls from criminals pretending to be customers. Banks are always looking for new ways to augment the measures they have in place to detect phone fraud and according to Johnny Baker, Pindrop Security's Vice President of Sales and Business Development, the firm's technology is an alternative to caller ID. It can pick up dozens of separate technical factors related to a voice call and put them together into an audio fingerprint of the caller and the call path.

, is headquartered in Tel Aviv and founded by Gilad Parann-Nissany. Porticor is tackling the timely problem of encrypting data at rest in cloud-based computing centers where customers rent disk space or servers. Porticor has developed a unique "split key" method in which the service to encryp and decrypt doesn't work unless both pieces of the key are together. According to Parann-Nissany, the enterprise holds the "master key" and the idea is to foster trust by putting the customer in complete control.

        Pwnie Express
is headquartered in Barre, VT and lead by Dave Porcello. Pwnie Express is developing vulnerability-assessment penetrating tools, which includes their PwnPlug tool. The various tools range in price from about $570 to $800.

is based in San Francisco and lead by CEO Peter Jensen. Malware that hackers embed into websites to launch iFrame and JavaScript code attacks and other assaults on visitors remains a problem. StopTheHacker aims to stop the attacks by detecting it through largely behavior-based methods and Web crawling. The company will be competing against firms such as Armorize and Dasient (recently acquired by Twitter).

headquartered in Bedford, New Hampshire, debuted in February 2012 with founder Gene Shablygin. WWPass has the ambitious goal of revolutionizing how users authenticate to websites through WWPass technology that will give users single sign-on capability and crypto-based authentication that lets users manage their own encryption keys. Neither WWPass nor the website knows what they keys are or who the users are. The user just needs the PassKey, available as USB fobs, smartphone apps, and card form factors. It could be used with the near-field communication technology8 coming into use for smartphones, says Eric Scace, Chief Strategy Officer.

2011 Startups:

Network security startups in 2011 included:

        Armor5, headquartered in Santa Clara, CA, Amour 5 is a cloud service that virtualizes applications, data, and content such as Office documents and PDFs on any mobile device with no configuration and zero data leakage. This reduces the possibility of the mobile device being infected by documents embedded with malware or confidential corporate data being cached on the device where it can later be compromised.

        Bromium vSentry,
headquartered in Cupertino, CA was founded in 2010 with a mission to restore trust in computing. The company's founders, Gaurav Banga, Simon Crosby, and Ian Pratt, have history of innovation in virtualization and security. Inspired by the isolation principles of traditional virtualization, the Bromium team has created an innovative new technology called micro-virtualization to address the enterprise security problem and provide protection for end users against advanced malware. The company is backed by top-tier investors including Andreessen Horowitz, Ignition Capital, Highland Capital Partners, Intel Capital, and Lightspeed Venture Partners.

headquartered in San Jose, CA, is the leader in cloud information protection. CipherCloud enables organizations to securely adopt cloud applications by overcoming data privacy, residency, security, and regulatory compliance risks. CipherCloud delivers an open platform with comprehensive security controls including encryption, tokenization, cloud data loss prevention, cloud malware detection, and activity monitoring. CipherCloud's ground breaking technology protects sensitive information in real time, before it is sent to the cloud, while preserving application usability and functionality.

based in Milpitas, CA, FireEye is a leader in stopping the new generation of cyber attacks, such as advanced malware, that easily bypass traditional defenses and compromise over 95% of enterprise networks. FireEye has invented a purpose-built, virtual machine-based platform that provides real-time threat protection to organizations across all major threat vectors and at each stage of an attack life-cycle. In 2014, FireEye, acquired Mandiant, a company known for emergency responses to computer network breaches. Mandiant is best known for sending emergency teams to root out attackers who have implanted software into corporate computer systems. After their major breach, Mandiant was hired by Target.

is a security software company headquartered in Fairfax, VA. The company has been in market with its award-winning, FreeSpace offering since 2009. In 2011, Invincea was recognized as "Most Innovative Company of the Year" at the annual RSA, a cryptography and information security-related conference. The company's approach to combating advanced cyber attacks is recognized as game changing.Its technology currently protects nearly 10,000 companies around the globe with many more coming online in the near future through its OEM relationship with Dell. Its application can be deployed on Windows endpoints to protect against untrusted content by moving browsers, PDF readers, Office suite, zip files, and other chosen executables into a secure virtual container.

headquartered in Mountain View, CA, is pioneering an innovative new approach to security incident response. Recognizing the dramatic growth in cyber attacks, and the increase in targeted attacks using Advanced Persistent Threats (APTs), NetCitadel realized that there was a need to operationalize the overwhelming volume of security data.

        Nok Nok Labs,
is based in Palo Alto, CA and have developed two-factor authentication systems for desktops, mobile devices, and servers. Their solution is aimed at disrupting the underlying framework on which current authentication solutions depend. Their Unified Authentication Infrastructure leverages a new protocol - the online secure transaction protocol (OSTP), a strong authentication protocol designed for modern computing requirements and the "Internet of Things".

        PrivateCore v Cage,
is based in Palo Alto, CA and co- founded by Oded Horovitz and Steve Weis. In 2012, the company secured server data in use through memory encryption, helping enterprises and service providers deploy applications in entrusted environments while protecting sensitive data. vCage secures OpenStack servers with software-based attestation, full-memory encryption, and operating system hardening, providing a foundation for trusted computing on x86 servers.

Large Cap Public Traded Network Security Company

Figure 3 below table presents three year financial statements per capita R&D expenses for some of the large cap companies with a focus on a major product line engaged in network security.

startup rd expenses


        Almost overnight the network security industry has exploded onto the U.S. business scene. Necessity is the mother of invention and there are unprecedented immediate technology needs in this area. Federal, California, and other state R&D tax credits are available to support the innovation following this important need.

Article Citation List



Charles R Goulding Attorney/CPA, is the President of R&D Tax Savers.

Raymond Kumar is a CPA and Tax Manager with R&D Tax Savers.

Andrea Albanese is a Manager with R&D Tax Savers.

Similar Articles
The R&D Tax Credit Aspects of Blockchain for Supply Chains
The R&D Tax Credit Aspects of Physical Security Technology
The R&D Tax Credit Aspects of Driverless Cars
The R&D Tax Credit Aspects of SaaS Start-Ups
The R&D Tax Credit Aspects of Emotion-Recognition Technology
The R&D Tax Credit Aspects of AI in the Insurance Industry
The R&D Tax Credit Aspects of Emerging AV Trends
Enhanced R&D Tax Credits for Specialized Co-Shared Spaces
Ethereum's Impact on Digital Contracting Creates R&D Tax Credit Opportunities
The R&D Tax Credit Aspects of Geofencing
The R&D Tax Credit Aspects of Distribution Center Automation
The R&D Tax Credit Aspects of Law Firm Artificial Intelligence
The R&D Tax Credit Aspects of Avionics
The R&D Tax Credit Aspects of Telemedicine
Federal Government Provides Faster Approvals and Tax Credits for Consumer FinTech Products
The R&D Tax Credit Aspects of Voice-Activated Software
The R&D Tax Credit Aspects of Artificially Intelligent Hedge Funds
The R&D Tax Credit Aspects of LiDAR
The R&D Tax Credit Aspects of Educational Technology (EdTech)
The R&D Tax Credit Aspects of Cyber Security Start-Ups
The R&D Tax Credit Aspects of Construction Industry IoT
R&D Tax Credits Provide New Opportunities for Artificial Intelligence Start-ups
The R&D Tax Credit Aspects of NYC Start-Ups
The R&D Tax Credit Aspects of Virtual Reality Technology
The R&D Tax Credit Aspects of Water Analytics
The R&D Tax Aspects of Artificial Intelligence Robo-Advisors
The R&D Tax Credit Aspects of Natural Language Processing (NLP) Innovation
The R&D Tax Credit Aspects of Video Compression Technology
The R&D Tax Credit Aspects of Automated Coding
The R&D Tax Credit Aspects of Payment Technology
The R&D Tax Credit Aspects of Restaurant Technology
R&D Tax Credits and the Second Wave of Cloud Adoption
The R&D Tax Aspects of Data Storage Startups
The R&D Tax Credit Aspects of Cyber Security
The R&D Tax Credit Aspects of Mobile Applications
R&D Tax Credits for the Modern Insurance Industry
The R&D Tax Credit Aspects of the Internet of DNA
The R&D Tax Credit Aspects of Modern Dental Labs
The R&D Tax Credit Aspects of IoT Communication
The R&D Tax Credit Aspects of Bitcoin and Blockchain Technology
The R&D Tax Aspects of Near Field Communication
The R&D Tax Aspects of the New FDA Mobile Apps Requirements
Tapping the Power of Big Data and R&D Tax Credits for Utility Companies
The R&D Tax Credit Aspects of the Medical Software Industry
The R&D Tax Aspects of Computer Enabled Human Identification
The R&D Tax Credit Aspects of New York City's Engineering Education and Googlization
The R&D Tax Credit Aspects of Software Modeling Analytics
The R&D Tax Aspects of Cameras of the 21st Century
R&D Tax Aspects of DNA Identification
R&D Tax Credit Aspects of Cyber Security and Homeland Protection
Financial Product Trading Platform Artificial Intelligence R&D Tax Credits
The Internet of Things Creates R&D Tax Credit Opportunity
The R&D Tax Credit Aspects of Mobile Banking Applications
The R&D Tax Credit Aspects of In-Image Advertising
R&D Tax Credits for Hybrid Call Centers - Airline, Hotel, and Car Rental Industries
The R&D Tax Aspects of Advertising Science
The R&D Tax Aspects of Data Science
R&D Tax Aspects of Radio Frequency Identification
The R&D Tax Aspects of Advanced Driver Assist Systems
The R&D Tax Aspects of the Internet of Residential Things
The R&D Tax Aspects of Web Television
R&D Tax Credit Aspects of Medical Robotics
R&D Tax Credit Aspects of Industrial Robotics
R&D Tax Credit Aspects of Service Robotics
Yes Alice, Patents and R&D Tax Credits Remain Available for the Internet of Things!
How Salesmen Can Use R&D Tax Credits to Sell Today's Software Products Engagements
The R&D Tax Aspects of Cloud Computing
The R&D Tax Credit Aspects of Hybrid Call Centers for Health Insurers
The R&D Tax Aspects of Robot Software
The R&D Tax Aspects of Machine-to-Machine (M2M) Innovation
The R&D Tax Aspects of Financial Technology Services
Beacons Create R&D Tax Credit Opportunity
The R&D Tax Credit Aspects of Retail Technology
The R&D Tax Credit Aspects of Improving Virtual Reality Technology
Now Every Business is a Software Business
Gig City Startups and R&D Tax Credits
The R&D Tax Credit Opportunities for Mobile Devices
The R&D Tax Credit Aspects of Wearable Technology
The R&D Tax Aspects of Big Data
R&D Tax Credit Fundamentals
Los Angeles Tech Boom Creates Large R&D Tax Incentive Opportunities
The R&D Tax Aspects of Software Development