Tag Archives: security

LogRhythm Partners with VMware to Automate Regulatory Compliance in Virtualized Environments

LogRhythm today announced that it has partnered with VMware to contribute to its newly introduced VMware Compliance Reference Architectures, a set of resources including solution guides and design architectures intended to simplify compliance for business-critical applications in the cloud era. As part of this initiative, LogRhythm has published the LogRhythm Solution Guide for Payment Card Industry (PCI), an addendum to the VMware Solution Guide for PCI. The LogRhythm solution addendum is a QSA-reviewed guide that outlines how the company’s SIEM 2.0 platform complements existing VMware security capabilities to help customers assure PCI compliance when virtualizing mission-critical business applications with VMware vSphere®.

“Security and compliance are top concerns for organizations seeking to virtualize critical business systems such as PCI payment processing,” said Parag Patel, vice president, Global Strategic Alliances, VMware. “We’re committed to helping customers address these concerns on their journey to the cloud, and partners like LogRhythm extend our native security capabilities to make this possible. Through our solution guides, VMware and LogRhythm are delivering a validated roadmap that details how organizations can achieve PCI compliance in virtualized environments.”

LogRhythm’s SIEM 2.0 platform delivers the visibility and insight needed to detect, defend against and respond to increasingly sophisticated cyber threats, efficiently meet compliance requirements, and proactively respond to operational challenges. The company provides out-of-the box compliance solutions that enable organizations to meet their requirements for log data collection, review, archive, reporting, and alerting under mandates such as PCI, HIPAA, NERC-CIP, GLBA, Sarbanes Oxley, GPG 13, and other regulatory regimes. LogRhythm’s PCI compliance package features specific investigations, alarms and reports designed to meet PCI reporting requirements, and directly addresses or augments at least 80 individual PCI controls. With fully integrated file integrity monitoring, advanced multi-tenant support, robust reporting, and rapid search and drill-down capabilities, LogRhythm is an ideal solution for addressing PCI compliance requirements in virtual environments. LogRhythm can ensure that sensitive data, such as credit card account information, is not inappropriately accessed by shared virtual resources or unauthorized individuals. LogRhythm is field-proven in numerous deployments where the solution is being used to automate and assure regulatory compliance in virtual environments.

“We’re very pleased to have been selected by VMware to help address the compliance requirements of customers moving their critical systems to virtual and private cloud environments,” said Matt Winter, vice president corporate and business development at LogRhythm. “LogRhythm has a significant track record helping customers meet their regulatory compliance obligations in virtual, physical and hybrid environments. Our compliance capabilities dovetail well with VMware’s native security offerings to create a robust and comprehensive solution. With the VMware Solution Guide for PCI and LogRhythm’s addendum solution guide, organizations can have confidence that there is a detailed, validated path to maintaining PCI compliance in virtualized environments.”

The LogRhythm Solution Guide for PCI has been reviewed by Coalfire, an independent Qualified Security Assessor specializing in IT audit, risk assessment and compliance management, and is available for download on the LogRhythm website and VMware Solution Exchange.


New SafeNet Authentication Service Designed for Service Providers

SafeNet, Inc. today announced the immediate availability of SafeNet Authentication Service, a new cloud-based authentication service. The cloud authentication solution was designed and engineered specifically for the service provider environment and allows service providers to rapidly introduce authentication-as-a-service to their enterprise customers. By doing so, it enables service providers to increase their average revenue per user (ARPU), significantly reduce the cost and complexity associated with offering and implementing strong authentication, and strengthen their security and compliance posture.

SafeNet Authentication Service extends the company’s portfolio of two-factor authentication solutions, providing enterprise and government organizations with  choice and flexibility to best customize their authentication solutions to meet current and future security needs.

SafeNet Authentication Service’s automated, customizable cloud platform can reduce authentication-related operational costs through the elimination of manual tasks associated with the provisioning, administration, billing, and management of users and tokens. Service providers can manage their customers from a multi-tier, multi-tenant platform that is vendor-agnostic and will work with an organization’s existing token technology, enabling a quick migration to a centralized cloud environment with minimal disruption to end users. In addition, the service can be white-label branded and completely customizable to the service provider’s needs, enhancing the service brand and overall awareness. In addition, the platform is highly scalable, which enables service providers to accommodate a growing number of customers added to the service without requiring costly infrastructure upgrades.

Strong authentication has also become a major challenge for today’s “extended enterprise,” in which remote employees, partners, customers, and other third parties require access to an organization’s systems, applications, and data. With no infrastructure required, enterprises can quickly turn to service providers for SafeNet Authentication Service to simplify the implementation of strong authentication in this environment—providing “security without borders” from a fully automated, high-assurance, trusted cloud environment.

In addition, SafeNet Authentication Service enables service providers to free up their customer’s IT staff to focus on higher-value activities. By doing so, this automation facilitates real-time policy application to ensure regulatory compliance and improved business efficiency.

According to Chris Morales of the 451 Research Group, “The consumerization of IT, the adoption of mobile computing and SaaS applications, and the incipient growth of desktop virtualization places identity front and center of emerging security and management concerns. As identity assumes more centrality for IT (in terms of both industry and organizational function) in coming to terms with these trends, securing the integrity of the identity assertion, characterizing it in terms of risk assessment, and supplementing (or supplanting) user name and password comprise the initial set of security hurdles. Also, as enterprises and organizations assess the requirements for authentication against the cost and flexibility of the options available from incumbent vendors, authentication-as-a-service, and new form factors or channels such as smartphone tokens and one-time passwords delivered as an SMS have gained in appeal.”

SafeNet Authentication Service reflects the combined offering resulting from SafeNet’s acquisition of Cryptocard in March 2012. This new service combines SafeNet’s market-leading authentication solutions with Cryptocard’s innovative, scalable, and flexible platform.


Avira Launches 2013 Antivirus Security Software Line; Extends Protection from Computers to Consumers

Avira today announced the Avira 2013 product line, which includes Avira Free Antivirus, Avira Antivirus Premium 2013, Avira Internet Security 2013, and Avira Internet Security Plus.

The 2013 version of Avira’s Free Antivirus software adds 6 new security features making it the most comprehensive free antivirus products on the market. Avira’s premium products have 8 new features. These new features give consumers a more secure browsing experience by protecting them from Internet scams and threats, in addition to keeping their computers free of viruses and malware.

“With over 100 million users worldwide, our goal with Avira 2013 was to offer protection to people no matter what device they use, and we did that by adding many user oriented features to this release, making it the most feature-rich solution we’ve ever made,” said Sorin Mustaca, product manager and data security expert at Avira. “We’ve also kept the resources footprint small, so users will not notice any slowdown in computer performance.”

The following new features added to the Avira 2013 family of products are all designed to protect not just computer devices, but also computer users — wherever they are and whatever device they’re using:

  • Avira Protection Cloud – Avira’s leading cloud technology
    identifies malware faster by uploading suspicious files for instant
    analysis. (Available for paid users)
  • Browser Tracking Blocker – Gives users control over their
    privacy while browsing the internet by blocking trackers that gather
    data about your browsing activity.
  • Website Safety Advisor – Protects users from scams, phishing
    and suspicious sites by displaying safe, low-risk or high-risk icons
    on the search results and any webpage they visit.
  • Social Network Protection – Notifies parents and children of
    suspicious or worrisome activity on social networks (such as predators
    or your child being bullied online) so they can take appropriate
    action.
  • Android Security – Safeguards users’ Android phones and the
    valuable data it holds. Users can locate it when lost, lock it and
    even wipe the data remotely.
  • More Frequent Updates for Free Users – Avira Free Antivirus now
    updates every 6 hours instead of every 24 hours, giving users more
    current protection.
  • Network Folder Scanning – Shared folders like Dropbox and
    network folders are becoming more common, and with it comes the
    increased risk of spreading malware. Avira now scans network folders
    in addition local folders to keep computers free of infection.
    (Available for paid users)
  • No Advertising Pop-ups for Avira Free Antivirus Users Users
    who install Avira’s SearchFree toolbar will no longer have pop-up ads
    displayed to them. The SearchFree toolbar includes Browser Tracking
    Blocker and Website Safety. As always Avira’s paid products are
    without advertising, independent of toolbar installation.


A More Practical View of Cloud Brokers

#cloud The conventional view of cloud brokers misses the need to enforce policies and ensure compliance

cloudbrokerviews During a dinner at VMworld organized by Lilac Schoenbeck of BMC, we had the chance to chat up cloud and related issues with Kia Behnia, CTO at BMC. Discussion turned, naturally I think, to process. That could be because BMC is heavily invested in automating and orchestrating processes. Despite the nomenclature used (business process management) for IT this is a focus on operational process automation, though eventually IT will have to raise the bar and focus on the more businessy aspects of IT and operations.

Alex Williams postulated the decreasing need for IT in an increasingly cloudy world. On the surface this generally seems to be an accurate observation. After all, when business users can provision applications a la SaaS to serve their needs do you really need IT? Even in cases where you’re deploying a fairly simple web site, the process has become so abstracted as to comprise the push of a button, dragging some components after specifying a template, and voila! Web site deployed, no IT necessary.

While from a technical difficulty perspective this may be true (and if we say it is, it is for only the smallest of organizations) there are many responsibilities of IT that are simply overlooked and, as we all know, underappreciated for what they provide, not the least of which is being able to understand the technical implications of regulations and requirements like HIPAA, PCI-DSS, and SOX – all of which have some technical aspect to them and need to be enforced, well, with technology.

See, choosing a cloud deployment environment is not just about “will this workload run in cloud X”. It’s far more complex than that, with many more variables that are often hidden from the end-user, a.k.a. the business peoples. Yes, cost is important. Yes, performance is important. And these are characteristics we may be able to gather with a cloud broker. But what we can’t know is whether or not a particular cloud will be able to enforce other policies – those handed down by governments around the globe and those put into writing by the organization itself.

Imagine the horror of a CxO upon discovering an errant employee with a credit card has just violated a regulation that will result in Severe Financial Penalties or worse – jail. These are serious issues that conventional views of cloud brokers simply do not take into account. It’s one thing to violate an organizational policy regarding e-mailing confidential data to your Gmail account, it’s quite another to violate some of the government regulations that govern not only data at rest but in flight.

A PRACTICAL VIEW of CLOUD BROKERS

Thus, it seems a more practical view of cloud brokers is necessary; a view that enables such solutions to not only consider performance and price, but ability to adhere to and enforce corporate and regulatory polices. Such a data center hosted cloud broker would be able to take into consideration these very important factors when making decisions regarding the optimal deployment environment for a given application. That may be a public cloud, it may be a private cloud – it may be a dynamic data center. The resulting decision (and options) are not nearly as important as the ability for IT to ensure that the technical aspects of policies are included in the decision making process.

And it must be IT that codifies those requirements into a policy that can be leveraged by the  broker and ultimately the end-user to help make deployment decisions. Business users, when faced with requirements for web application firewalls in PCI-DSS, for example, or ensuring a default “deny all” policy on firewalls and routers, are unlikely able to evaluate public cloud offerings for ability to meet such requirements. That’s the role of IT, and even wearing rainbow-colored cloud glasses can’t eliminate the very real and important role IT has to play here.

The role of IT may be changing, transforming, but it is no way being eliminated or decreasing in importance. In fact, given the nature of today’s environments and threat landscape, the importance of IT in helping to determine deployment locations that at a minimum meet organizational and regulatory requirements is paramount to enabling business users to have more control over their own destiny, as it were. 

So while cloud brokers currently appear to be external services, often provided by SIs with a vested interest in cloud migration and the services they bring to the table, ultimately these beasts will become enterprise-deployed services capable of making policy-based decisions that include the technical details and requirements of application deployment along with the more businessy details such as costs.

The role of IT will never really be eliminated. It will morph, it will transform, it will expand and contract over time. But business and operational regulations cannot be encapsulated into policies without IT. And for those applications that cannot be deployed into public environments without violating those policies, there needs to be a controlled, local environment into which they can be deployed.


Related blogs and articles:  
 
lori-short-2012clip_image004[5]

Lori MacVittie is a Senior Technical Marketing Manager, responsible for education and evangelism across F5’s entire product suite.

Prior to joining F5, MacVittie was an award-winning technology editor at Network Computing Magazine. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.

She is the author of XAML in a Nutshell and a co-author of The Cloud Security Rules

 

F5 Networks

clip_image003[5]clip_image004[5]clip_image006[5]clip_image007[5]clip_image008[5]


read more

Aujas Launches Phishnix for Cloud Services

Aujas Information Risk Services today announced the launch of Phishnix for cloud services, a new product that will help clients protect their sensitive information on the cloud by strengthening their weakest link in the security chain, their own employees. The product is targeted for major cloud services such as Salesforce, Google Apps, Netsuite etc.

Salesforce.com is the most popular cloud CRM company in the world with more than 75,000 companies who trust their customer data on Salesforce. The Salesforce security guideline specifically warns against the threat and says, “As the Salesforce.com community grows, it has become an increasingly appealing target for phishers. Phishers often direct users to enter details at a fake website whose URL and look-and-feel are almost identical to the legitimate one.”

One example is a recent scam that involved an email luring receivers to participate in the beta test of ‘Dreamforce,’ promising discounts and requesting receivers to fill a form, in a fake web link. In such a case, employees who are unaware of it being a phishing attack may easily fall prey to it. Any company is likely to face heavy business loss, when employees become victims of phishing attacks. According to the RSA Fraud report 2011, global loss from phishing is estimated to be about $1 billion.

Phishnix does a behavioral analysis of employees when faced with a phishing attack. It is integrated with Salesforce and has ready Salesforce scenarios which the client can select. They can start the assessment in a matter of hours and analyze how their employees react to a phishing attack. That data is then used to create awareness and train the employees on how to respond to a phishing attack.

Speaking on the occasion Mr. Karl Kispert, Vice President at Phishnix said, “A single assessment and training cycle of Phishnix reduces the phishing fall rate by almost 35%. That is a huge reduction in the phishing risk for any organization.”

The product will be showcased by our partner Exafort at Dreamforce 2012, booth number 326 at the Moscone Center, San Francisco, on 18—21 September 2012. Stop by Exafort’s booth and ask for a demo and additional information about Phishnix. Dreamforce 2012 is the cloud computing industry event of the year with more than 50,000 attendees and 350 cloud computing companies showcasing more than 1000 solutions.

“Data security and confidentiality on the cloud is one of the biggest concerns for all our clients using cloud based services to run their business. Cloud service providers are addressing this concern to a large extent by building robust and secure applications and platforms. By adding Aujas’ Phishnix to our tool belt we can now gain valuable insights of our clients’ employees’ behavior with respect to information security and act upon them,” said  Arun Kanchi, CEO of Exafort Inc.

As cloud adoption increases within organizations, more sensitive data will be stored in the cloud. “We will see more focused phishing attacks targeting popular cloud applications. The road-map is to enable Phishnix for all popular cloud platforms, and help clients reduce phishing risk for all their cloud applications. It would become an integral part of their cloud security program,” said Sameer Shelke, CTO at Phishnix.


Next Level Security Systems Cloud Services Releases Cloud Security Management

Next Level Security Systems, a provider of unified, networked security solutions, today announced the availability of NLSS Cloud Services, which offers users remote access and multi-site security management from anywhere in the world.

NLSS Cloud Services are available for use with the entire suite of NLSS Gateway technologies. Powered by NextConnectTM, a patent-pending peer-to-peer technology that efficiently streams live video to an unlimited number of users from a single site, NLSS Cloud Services delivers access to the NLSS Gateway’s features through any Web browser or mobile device. Users can access camera settings, live surveillance video and door controls, and even view video streams from up to four different sites simultaneously on a single screen. In addition, software can be updated remotely, eliminating the need for on-site support.

“NLSS Cloud Services provides our customers with peace of mind that their security systems are operating and updated from anywhere in the world,” said Peter Jankowski, Chairman and CEO, Next Level Security Systems. “Our managed services used in conjunction with the NLSS Gateway truly delivers a comprehensive view of an entire security infrastructure to simplify system administration and management.”

NLSS Cloud Services improves upon traditional models of hosted video and access control by eliminating the need to route video and other data through a host computer for each update. NextConnect establishes a direct connection between the remote user and the NLSS Gateway, allowing video to stream faster and smoother with reduced bandwidth consumption. In addition, video quality is not degraded as more users log in to view the same video stream.


Next Level Security Systems Cloud Services Releases Cloud Security Management

Next Level Security Systems, a provider of unified, networked security solutions, today announced the availability of NLSS Cloud Services, which offers users remote access and multi-site security management from anywhere in the world.

NLSS Cloud Services are available for use with the entire suite of NLSS Gateway technologies. Powered by NextConnectTM, a patent-pending peer-to-peer technology that efficiently streams live video to an unlimited number of users from a single site, NLSS Cloud Services delivers access to the NLSS Gateway’s features through any Web browser or mobile device. Users can access camera settings, live surveillance video and door controls, and even view video streams from up to four different sites simultaneously on a single screen. In addition, software can be updated remotely, eliminating the need for on-site support.

“NLSS Cloud Services provides our customers with peace of mind that their security systems are operating and updated from anywhere in the world,” said Peter Jankowski, Chairman and CEO, Next Level Security Systems. “Our managed services used in conjunction with the NLSS Gateway truly delivers a comprehensive view of an entire security infrastructure to simplify system administration and management.”

NLSS Cloud Services improves upon traditional models of hosted video and access control by eliminating the need to route video and other data through a host computer for each update. NextConnect establishes a direct connection between the remote user and the NLSS Gateway, allowing video to stream faster and smoother with reduced bandwidth consumption. In addition, video quality is not degraded as more users log in to view the same video stream.


Securadyne Systems Acquires Surveillance Specialties

Securadyne Systems, LLC  and Pamlico Capital announced today that they have completed the acquisition of Surveillance Specialties, Ltd., a  New England-based security systems integrator. The SURV acquisition is the second for Securadyne, which was founded in February 2012 in partnership with Pamlico.

“The acquisition of SURV, which enjoys a commanding market presence in New England, ideally complements our build-up strategy focusing on best-in-breed operating platforms,” explained Carey Boethel, President and CEO of Securadyne Systems. “The addition of SURV considerably expands our geographic reach and our ability to deliver high-end, fully integrated solutions in a number of key vertical markets,” Boethel added.

SURV was founded in 1986 as a covert surveillance company by Arthur and Joan Bourque. The company changed its business model to a full-service systems integrator in 1999. Since then, the company has achieved considerable and consistent growth, and has emerged as the top independently-owned and operated security systems integrator in New England. SURV currently has branch offices in Wilmington, MA and Portland, ME.

Arthur Bourque, President and CEO of SURV, stated “We were fortunate to have a number of viable strategic alternatives for our business, but it was clear that Securadyne represents the future of our industry and is the best possible fit for SURV’s employees, customers and shareholders. We’re very excited about joining the Securadyne team and the opportunities for growth that will be created by this partnership.”

Mr. Bourque will join Securadyne’s Board of Directors and be active in setting the business’s strategic direction and helping with future M&A activities. Justin Davis, Chief Operating Officer for SURV, will join the Securadyne Systems executive team and will be responsible for leading the company’s Northeast Region.

Stuart Christhilf, Principal at Pamlico, noted “We are excited to be partnering with Arthur, Justin and the SURV team, as their passion for integrity, quality service, and industry-leading technologies represent exactly what we are trying to build with Securadyne. We expect them to be valuable contributors as we look to expand the combined business going forward.”


Tenable Network Security Gets $50 Million for Vulnerability Management

Tenable Network Security, Inc., whose software identifies network security gaps before they are exploited by attackers, today announced $50 million in first-round funding from Accel Partners.

Tenable will use the funds to expand its innovative security offerings and accelerate global growth – while deepening its research into evolving threats that are becoming a critical trust issue for CEOs, regulators and customers worldwide.

“Security is a mainstream issue – especially with the explosion of mobile, cloud and virtual computing,” said Ron Gula, CEO of Tenable. “Serious network attacks are far more common than anyone wants to publicly admit – and our customers count on us to keep their networks safe.”

Tenable is the top choice for businesses of all sizes, governments and universities to manage network threats. The company’s flagship vulnerability management products, Nessus and SecurityCenter, are used by the most demanding security professionals and compliance auditors at 15,000 organizations worldwide, including:

  • The entire U.S. Department of Defense, where Tenable has become the
    vulnerability management standard
  • 12 of the 14 U.S. Federal Civilian Departments
  • Top Financial Services Companies: Barclays, Deloitte, RBS, Morgan
    Stanley, T. Rowe Price, Visa
  • Technology Leaders: Spotify, Dell, Etsy, Google, Intel, Microsoft,
    Skype, Apple, Yahoo
  • Top Universities: Brown, Dartmouth, Michigan, Ohio State, Purdue
  • Healthcare Leaders: Coventry, HealthSouth, Johnson & Johnson,
    Merck, Scripps, Sutter Health
  • Key Energy Players: Chevron, Chesapeake Energy, ConocoPhillips,
    ConEdison, Duke Energy, TXU
  • Retailer Innovators: Chipotle, GSI, Meijer, Diapers.com, Zappos.com
  • Media Visionaries: British Sky Broadcasting, CBS, Comcast, Time
    Warner, 20
    th Century Fox
  • Telecom Providers: Alcatel Lucent, Bell Canada, British Telecom,
    Softbank Mobile, Verizon

Tenable’s user community has 1 million people who have learned the benefits of automated vulnerability scanning through their viral adoption of Nessus.

“Tenable is the thought leader in the rapidly growing and critical area of vulnerability assessment,” said Ping Li, General Partner at Accel, who will join Tenable’s board of directors. “IT security practitioners fight the constant battle to stay ahead of network attacks, and it’s only getting harder. Many of these practitioners globally rely on Tenable for their vulnerability management platform.”

Tenable’s SecurityCenter is the only security platform combining essential active and innovative passive vulnerability scanning, real-time network monitoring, and configuration and compliance management. Tenable’s Nessus, the industry’s most widely deployed vulnerability scanner, provides the deepest database of known vulnerabilities and compliance risks on the market today.