Pelican Security: The exterminators

When worms like Melissa or I Love You hit the headlines, everyone says that security loopholes are an inherent part of the Internet, and that familiar anti-virus software is incapable of fighting new pests anyway. For their part, web managers shrug unhappily and explain that only one worker is needed to open a contaminated piece of mail for the entire organization to become paralyzed. They always issue warnings and always get burned, upgrade (again) the anti-virus and wait for the next plague.

Tel Aviv-based start-up Pelican Security is a player in this field. The company developed a product for protection against dynamic content and is capable of fighting all sorts of worms and other evils.

Melissa, I Love You and other worms that have surfaced in the brief history of the Internet constitute dynamic content. Pelican Security’s product defines the frontier between the content and the user, i.e. it does not permit content to make decisions for users. The software sits behind the scenes and monitors all actions than can induce parts to run automatically. When that happens, the software operates an authorization system on the part that is separate from the user’s authorization system.

Penetrating the US military

Pelican Security (originally named Soliton) was founded in late 1997 by CEO Irit Rapaport and CTO Gilad Golan, long before the enormous size of the market was known. At the beginning, the company worked against one type of pest (ActiveX), but following the Melissa outbreak, the product was broadened to provide a solution for a wider range of troubles.

Rapaport, who formerly managed Elisra’s investment activity, and Golan, one of the founders of the Menta Software start-up, raised $1.6 million from local security company Memco Software (sold to Platinum, which was later sold to CA), Ophir Holdings and private investors. In 1999, another $5 million was raised from the Challenge Fund – Etgar, William Harris Investors, Aura Investments and others. To date, $6 million has been raised in bridging loans from existing investors and Clal and the company is planning to raise a further $4 million at a company value to be determined at the end of the financing round.

Pelican has a team of 15 for sales and support in the US and concluded its first three deals in recent weeks with Level 3, a large US telecom company and a leading investment bank. Rapaport and Golan anticipate several millions of dollars in sales in the coming year. A pilot project is also underway in the US military.

Long sales process

Why are sales taking place only ten months after the I Love You virus? Golan explains that the sales process is relatively long. Initially, lab tests are conducted at the potential customer, later followed by trials of limited groups, then larger divisions in the organization. Golan: “We have installations in an overall 30 organizations, at various stages.”

How does a small company like you conduct sales?

Rapaport: ”We sell directly to customers. We’re also in initial contacts with distributors.”

But who knows about you?

”We’re not known in Israel because our target market is in the US. We have been written about at length in the US press and in analysts’ reports. It’s true that a small set up has difficulty in selling – the problem is that we have to prove we are reliable. However, now that we have customers from among the best we could have hoped for, it will be easier. Great importance is attached to the fact that the product is already installed and working at top-tier customers.”

Who do you sell to? What is your potential?

”We sell to organizations that have decided a solution needs to be found for active content and to those that have allocated resources. The task is to find those who believe it is important enough and want to deal with it. This normally means large organizations.

“It is now clear that organizations’ priorities have changed. In the past we talked with security experts, whereas today we’re in contact with decision makers in the organizations. The matter is simply critical. Our product provides an answer to the questions ‘How many work days will you lose?’ ‘Is your organization exposed to external theft?’ and ‘How much bad publicity will you save by thwarting attempts to steal?’ and so on.”

Pelican’s competitors include Israeli companies Finjan and Aladdin Knowledge Systems (Nasdaq: ALDN), German company Sandboz Security, InDefense of the US and naturally anti-virus companies. At the same time, Golan says, “There are signs that we’re the first ones to receive significant orders from large organizations (unless Aladdin’s eSafe is taken into consideration, but this is a different type of product). The market is only just being formed.”

The market is only just beginning but Pelican’s solution might have solved the problem last October when Microsoft’s network was broken into. Giga Information Group analyst Steve Hunt wrote in a report that Pelican Security had the most elegant solution to the problem of worms, viruses and other pests. Hunt also stated that the competitors claimed they could solve the problem as well.

Rapaport and Golan are aware of the real potential. They know that very few start-ups have the luxury of a clear-cut product answering a clear-cut market need.

With compliments from the analysts and initial sales, all that remains is the work that Israelis are least skilled in: marketing.

Published by Israel's Business Arena on 25 January, 2001