With its three award-winning products, Pervade Software has applied fresh thinking to the processes of cyber security. It’s an approach that has won the company a wide and varied client base, from multinational tech firms to law enforcement agencies.
Like many start-ups, Pervade owes its existence to a specific technical challenge – and a “eureka” moment when its founders realised how it could be solved. In their case, the issue was one of cybersecurity, and the fact that many businesses needed multiple pieces of software to keep their computer systems safe.
Managing director John Davies says: “The problem is that you need to monitor different sources of data, such as the logs that register what’s happening at any given moment, and configuration files that tell you what’s installed on your system. These are very different types of data, so you need a separate database for each one.
“My business partner, who’s a programmer, said ‘I think there’s a way to solve that, and create a database that can include all data types in one.’ After further discussion, we decided to go for it. He quit his job as a tech manager at a big American firm. We started Pervade in 2009 and by the end of 2012, he’d written the entire database from the ground up – every line of code.”
This formed the basis for the company’s first product, OpView. Now deployed in more than 80 countries by clients including BT, Hitachi and JCB, it allows security managers to collect, correlate and report all data types in one system, rather than have to manually cross-reference information from different screens.
At the end of 2013, a surprising piece of business intelligence prompted Pervade to tweak its business strategy. Business solutions manager Mark Howells says: “We decided to do some research, and asked our clients why they’d bought our product. It almost seemed too obvious to ask: after all, it remains the only product on the market that can do the job of several monitoring systems in one.
“However, it turned out that the real driving force was compliance. Companies needed to prove they had robust IT policies in place to put tenders in for large contracts or deal with government agencies, and we could help provide that certification.”
Taking these insights on board, Pervade quickly developed a second product. OpAudit is a tracking tool that allows businesses to gather and manage all evidence of compliance in one system. This includes technical data, signed statements from data handlers and questionnaires from staff and suppliers. It’s a painless way of ensuring both internal policies and external standards are upheld.
Pervade’s portfolio has been expanded with a third product, OpIndex. Designed to sniff out threats in the Dark Net – the parts of the internet beyond the reach of search engines – it has found favour with businesses and law enforcement agencies alike. UK police forces now rely on it for intelligence gathering, and it has already delivered the insight that there more than six times as many servers on the Dark Net than previously believed.
“That work, in turn, has attracted the interest of the military,” says Howells, “and we’ve had enquiries from the armed forces about our original product, OpView. The ability to have one person monitoring multiple streams of data would be very useful in a forward operations base – perhaps in a tent in the middle of nowhere.”
A key to Pervade’s success has been its decision to go for steady growth rather than take venture capital, John Davies believes. He says: “We’re 100% self-owned, and we’ve never taken finance. We wanted to grow organically. It’s slow, but it gives us total control over what we do next. If we’d been about massive growth, we’d have taken venture capital in 2012 for our monitoring software.
“That would have locked us into one road: we’d still be a monitoring company, and would never have pivoted into the compliance market. That’s not what we’re about. We’re doing what we want to do. We’re making a difference, creating some really cool stuff, and enjoying every minute of it.”