Adallom

Adallom is a cloud security company based in Menlo Park, California. It secures enterprise software-as-a-service (SaaS) application usage, audits user activity, and protects employees and digital assets from threats in real time.

Adallom was reportedly acquired by Microsoft for $320 million in July 2015. The Adallom product was rebranded as Microsoft Cloud App Security (MCAS) and announced in general availability as of April 2016. In November 2021, Microsoft Cloud App Security was rebranded as Microsoft Defender for Cloud Apps.

History
Adallom was founded in 2012 by Assaf Rappaport, Ami Luttwak and Roy Reznik, who are former members of the Israeli Intelligence Corps’ Unit 8200 and alumni of the Talpiot program. Adallom’s namesake originates from Ad Halom, otherwise known as the “last line of defense.” In 2013, the founding team was joined by Michael Nicosia, at which point the company pivoted directions using the core solution. Adallom secured $4.5 million (~$ in ) in Series A funding from Sequoia Capital and Zohar Zisapel. The company secured $15 million (~$ in ) in series B funding led by Index Ventures with contributions from Sequoia Capital Israel.

Adallom was named by CRN as the 10 Coolest Security Startups of 2013.

Product
The founders created Adallom with the adage that SaaS as a class is secure but the way employees actually utilize SaaS is not. In November 2013 Adallom launched a complete security solution that audits activities performed in SaaS applications and develops intelligence to predict and protect from IT security issues, providing SaaS end user enablement while maintaining IT control and visibility. It provides tools to build a consistent security policy across all cloud applications at use within an enterprise.

Adallom’s Smart Engines technology works similarly to the way credit card companies track transactions that appear out of the ordinary because it stops attacks by providing real-time reports of odd behavior.

In December 2013, Adallom discovered and reported a token hijacking vulnerability (CVE-2013-5054) bug in Microsoft Office 365. The identity theft vulnerability in Office 365, found in the wild, allowed attackers to grab user identities and steal email and documents. The problem was reported by Noam Liran, chief software architect at Adallom, and the fix was addressed in Microsoft Security Bulletin MS13-104.