When investors backed Sana Security in San Mateo, CA, they took out $1 million in insurance on chief scientist Steven Hofmeyr, because his ideas about computer network security were their most valuable asset. Sana Security (“sana” is Esperanto for healthy) treats intranets and local-area networks much the way the human immune system treats the body: when abnormal activity occurs, Sana software recognizes the problem, isolates and analyzes it, then attempts to fight it off. Network security typically relies on human administrators who often arrive too late to stop intrusions (in January the Slammer virus reportedly infected 75,000 machines within 10 minutes). Other tools, such as software updates, arrive after the fact and can be expensive. Sana’s Primary Response product resides on each computer within a network and continuously interrogates vulnerable applications, such as e-mail programs, at the operating-system level. When it detects abnormal behavior- hackers looking for loopholes, say- it stops the activity, then notifies a system administrator. Within two months of the program’s release, several large organizations became customers, including NASA.