My latest blog post for CIOUpdate.com went live this morning. I talk about some of the trends I saw at RSA last week including emphasis on securing virtual and mobile environments.
M86 SWG deployment options, including appliance, hybrid cloud and now virtual appliance, showcased at RSA 2011 in San Francisco
Orange, CA – Feb. 14, 2011 – M86 Security, the global expert in real-time Web and email threat protection, has announced a virtual appliance version of their award-winning Secure Web Gateway (SWG), providing more options for organizations to deploy M86’s industry leading real-time malware detection as an appliance, hybrid cloud service, and now virtual appliance. The new virtual appliance gives organizations the flexibility to deploy the SWG on their own hardware of choice and in smaller environments.
In addition, the new release, M86 Secure Web Gateway 10.1, features an advancement in M86’s Real-Time Code Analysis (RTCA) anti-malware technology, which provides the industry’s best malware detection against Web-based threats. These enhancements increase visibility into malicious code and correlate the individual Web page elements to detect and protect against dynamic threats and cross-component attacks and provide the industry’s most accurate malware detection.
“The enhancements we have made to our Real Time Code Analysis represent the most accurate malicious code detection and malware protection, even on the most complex dynamic and Web 2.0-based threats,” says Werner Thalmeier, vice president of product management, M86 Security. “Just as exciting is M86’s ability to offer our industry-leading Web security in a virtual appliance version of our Secure Web Gateway, which meets a real market need for flexible deployment of Web security.”
The virtual appliance version of the Secure Web Gateway utilizes VMware to virtualize the Secure Web Gateway from the underlying hardware, giving users the ability to deploy on their own preferred hardware. Many organizations are already moving towards server consolidation using virtualization. This new virtual appliance option gives organizations the same benefits of saving on hardware costs, using their preferred hardware vendor, and the flexibility to deploy the Secure Web Gateway where their needs dictate. With this new virtual appliance option, M86 Security now offers the widest range of Secure Web Gateway deployments in the industry, including appliance, hybrid cloud, and virtual appliance options.
“We have been partnering with M86 for six years and our customers are impressed with the functionality and flexibility that the M86 Secure Web Gateway provides. The M86 SWG 10.1 virtual appliance option is exactly what our customers need,” says Brij Patel, CEO, FortNET Security, recent recipient of the M86 Business Partner of the Year award presented at the 2011 M86 Partner Conference. “Strategically, this new deployment option strengthens our secure Web gateway practice, provides additional value to our current customers and brings new enterprise opportunities for our growing business.”
The M86 Secure Web Gateway 10.1 will be available through authorized channel partners and distributors in April 2011. M86 will be showcasing the Secure Web Gateway, at the RSA conference in San Francisco, February 14-18.
About M86 Security
M86 Security is the global expert in real-time threat protection and the industry’s leading Secure Web Gateway provider. The company’s appliance, software, and Software as a Service (SaaS) solutions for Web and email security protect more than 25,000 customers and 26 million users worldwide. M86 products use patented real-time code analysis and behavior-based malware detection technologies as well as threat intelligence from M86 Security Labs to protect networks against new and advanced threats, secure confidential information, and ensure regulatory compliance. The company is based in Orange, California with international headquarters in London and development centers in California, Israel, and New Zealand. For more information about M86 Security, please visit: www.m86security.com. Follow M86 Security on Twitter at: http://twitter.com/M86Security Facebook at: http://www.facebook.com/M86Sec M86 Security Labs Blog at: http://labs.m86security.com/.
M86 Security bi-annual report focuses on second half of 2010 cyber threats and key trends; more complex Trojans and next generation malware on the way, social network attacks continue to increase
Orange, Calif. – February 14, 2011 – Frustrated email users may have noticed a significant drop in spam in recent months, but cybercriminals are gaining ground with creative new phishing methods and making exploit kits more robust, according to the latest Security Labs Report from M86 Security, the global expert in real-time Web and email threat protection, which was released today.
Investigating the cyber threat trends in the second half of 2010 for its bi-annual report, M86 Security Labs analyzed spam, phishing, and malware activity, and tracked global Internet security trends. Millions of email messages, infected Web pages and malware samples were reviewed and then correlated with their own Web exploit and vulnerability research, providing M86 with a unique vantage point to report on these trends.
“What is especially noteworthy is that our findings demonstrate that vulnerabilities already patched are continuing to be successfully used for malicious gain. Organizations and individuals must get better at updating their applications and staying ahead of attacks on their devices and their networks,” said Bradley Anstis, vice president of technical strategy, M86 Security. “While the M86 Security Labs report notes that great strides are being made in thwarting cyber-criminal attempts, there is always something else coming through the back door.”
Key findings by the M86 Security Labs for the second half of 2010:
Email Spam is Declining, though Far from Dead: According to the M86 Security Labs research, spam volume has slowed considerably, down to one-third the level at year end when compared to June 2010. Using the M86 Security Labs Spam Volume Index, which tracks changes in the volume of spam received by representative domains, the research shows that spam reduction was affected by botnet disruptions and the closure of a popular affiliate program. This is the lowest since November 2008, when the rogue hosting provider McColo was taken offline.
Botnet Take-downs and Spamit.com Closure: Notably, Spamit.com, an underground affiliate program used by several spamming botnets, was shut down in late September 2010. Spamit.com was linked to Glavmed and the “Canadian Pharmacy” brand of bogus online pharmacies. The Rustock botnet was most affected, with its spam output drastically reduced. However, plenty of other botnets moved up to take its place, and trends in this threat category will continue to be monitored for changes and increases. Other spamming categories in the top four include those for replica watches, fake diplomas and cheap watches. In August, notorious spammer/botnet, Pushdo/Cutwail, was taken down, resulting in a significant spam volume decrease due to a coordinated takedown attempt by security researchers. According to Anstis, such efforts are typically short lived, with the botnets returning to their normal activities. Another well-known botnet, Mega-D, has been taken down multiple times since 2008, only to return. In November 2010, the FBI identified and apprehended Oleg Nikolaenko, a Russian behind the botnet. The botnet since has generated less than 5 percent spam by volume. M86 Labs analysts point to the continuing need to go after and prosecute botnet operators for more long-term impact on spam operations and volumes.
Third-Party Phishing on the Rise: The good news about phishing is that such practices delivered via email are declining dramatically as users are becoming more aware of fake e-mails claiming to be from banking institutions. The bad news: cyber-thieves have found more effective means of stealing bank information from users visiting legitimate banking websites. Malware, including Trojans like SpyEye and ZeuS, are increasingly popular methods for criminals to make off with personal and financial information.
Additionally, attacks posing as third-party agencies such as the IRS and the New Zealand Department of Inland Revenue are being used to phish for a user’s bank account information under the guise of receiving bogus tax refunds. This makes it easier for thieves to obtain information from unsuspecting users by providing multiple options to the user to select the bank of their choice, thus eliminating the guessing game typically played to determine where a user conducts their banking. UK banking customers have been similarly affected, receiving a falsified email purporting to be from HM Revenue and Customs with the same legitimate looking page with options for all banks in that specific region.
Exploit Kits with Virus Scanners, Social Network Attacks Increase: As previously reported by M86 Security, the popularity of exploit kits is on the rise. The newest trend is that more kits are offering services to their customers thus becoming more of a “one-stop shop.” The scanning module in the Siberia Exploit kit and Neosploit’s new Malware-as-a-Service offering are just a couple of significant examples signaling a shift in exploit kit capabilities.
While traditional forms of spamming via email are down, spam techniques using such social networking sites as Twitter, Facebook and LinkedIn, continue to expand. The LinkedIn scam has a legitimate look and feel, inviting users to connect with others in their “network,” only to be connected with the Phoenix exploit kit infection page, which tries to exploit the victims’ computer through various vulnerabilities. The M86 Security Labs report also tracks the top 10 exploit kits being used worldwide.
To download the complete version of the latest M86 Security Labs Report, please go to http://m86.it/2h2010
About M86 Security Labs
M86 Security Labs is a group of security analysts specializing in Email and Web threats, from spam to malware. They continuously monitor and respond to Internet security threats. The Security Labs’ primary purpose is to provide a value-added service to M86 customers as part of product maintenance and support. This service includes frequent updates to M86’s unique, proprietary anti-spam technology, SpamCensor, as well as Web threat and vulnerability updates to the M86 Secure Web Gateway products. The updates allow M86 customers to proactively detect and block new and emerging exploits, threats and malware.
Data and analysis from M86 Security Labs is continuously updated and always accessible online at http://www.m86security.com/labs and on Twitter at http://twitter.com/m86labs
About M86 Security
M86 Security is the global expert in real-time threat protection and the industry’s leading Secure Web Gateway provider. The company’s appliance, software, and Software as a Service (SaaS) solutions for Web and email security protect more than 24,000 customers and over 17 million users worldwide. M86 products use patented real-time code analysis and behavior-based malware detection technologies as well as threat intelligence from M86 Security Labs to protect networks against new and advanced threats, secure confidential information, and ensure regulatory compliance. The company is based in Orange, California with international headquarters in London and development centers in California, Israel, and New Zealand. For more information about M86 Security, please visit: www.m86security.com.
San Antonio, TX – February 14, 2011 – Digital Defense, Inc. (DDI), a leading provider of information security governance, risk management, and compliance (GRC) solutions, today announced they have released a new vulnerability scanner for the Frontline™ Solutions Platform (FSP). DDI delivers the FSP as a SaaS (Software as a Service) automated service, which proactively identifies security vulnerabilities, evaluates priorities and tracks risk reduction activities. The new scanner is faster, more efficient, uses fewer client resources, and has the ability to be deployed virtually.
“We are currently phasing in DDI’s new scanner,” said Bill Welch, Senior Director of IT Security at CA Technologies. “The results we see to date indicate an ability to scan our global network for security vulnerabilities more quickly and efficiently. A key security objective is to reduce cyber risk in our business, and the faster scanning will help us to be even more effective with that element of our information security program.”
“We are excited about our new cutting edge technology,” explained Gordon MacKay, CTO and EVP of Technology of Digital Defense. “It utilizes fewer client resources, and is also many times faster than previous generation scanners, allowing large enterprises to scan their networks in much less time, all without compromising the comprehensiveness of the vulnerabilities discovered. Existing clients are enjoying the benefits of the new scanner via a seamless software upgrade of the existing appliance, which they previously deployed for our service. New clients can order the new scanning engine in the traditional form of an appliance or also as a virtualized image. The virtualized scanner has been developed in response to our many clients’ green initiatives, where they are striving to minimize the amount of additional hardware in their enterprise and improve their carbon footprints either by internal IT platform consolidation or outsourcing certain applications to hosting providers.”
Clients will access this latest release via the Frontline Client Portal in order to retrieve real time reports, schedule scans, track remediation activities, and export results to third party applications via a Service Oriented Architecture Application Programming Interface (SOA-API). In addition to the benefits of using the Frontline service which supports OVAL interoperability, clients avail themselves of a security solution provider that is a five time PCI-ASV (Payment Card Industry-Approved Scanning Vendor) and has received SCAP validation twice, which speaks to their adherence to industry standards.
About Digital Defense
Digital Defense, Inc. (DDI) is a leading provider of security governance, risk management, and compliance (GRC) solutions. The company provides managed and client-directed security GRC services directly and through its business partners to organizations of all sizes and industry types. DDI clients enjoy greater visibility and management insight of their enterprise-wide GRC programs using DDI’s proprietary Software as a Service (SaaS) delivery platforms and assessment tools. For more information about Digital Defense, please visit our web site at www.ddifrontline.com or contact us at 888.273.1412.
Vendors and Service Providers Benefit from Simplified Access to Messaging Security, Web Security, Antivirus
RSA Conference, San Francisco, CA – February 14, 2011 — Commtouch® (NASDAQ: CTCH) today announced the introduction of its new unified Internet security solution, which brings together messaging security, Web security and antivirus into a single engine.
The unified engine can be integrated into the products of security and networking vendors and into service providers’ infrastructure. Typical solutions that would benefit from the unified engine are software or hardware solutions or services that combine multiple security technologies, such as unified threat management (UTM), secure content filtering gateways and SaaS security solutions.
“With a combined ‘triple-play’ solution, each technology leverages the other to create an even stronger barrier against ever-increasing blended threats,” said Amir Lev, Commtouch’s CTO. “From a business perspective, the single interface also reduces short and long-term integration and operational costs.”
The three security technologies cross-enhance each other by sharing intelligence about Internet threats, providing better protection overall. There are several instances in which this information exchange would take place. For example, if a phishing web site threat is detected, the malicious URL is shared with Commtouch Anti-Spam so that emails containing the phishing link can be blocked. This data-sharing is enabled by Commtouch’s cloud-based GlobalView™ Network, which collects and analyzes billions of Internet transactions in real-time.
Using an integrated detection engine offers some clear technical benefits to the vendors and service providers that incorporate it into their solutions:
- Enhances performance by reducing resource utilization compared to the larger footprint required by separate components
- Significantly reduces integration time of all three services since there is a unified interface
The unified solution is a win-win on the business side, since it significantly simplifies operations. There is:
- one vendor to manage
- one invoice to process
- one address for support
- one company to interface with for training, roadmap discussions, or any type of technical or operational updates
Each of the three solutions within the unified engine is best-of-breed, and they are available individually as well. These industry-leading stand-alone solutions also benefit from the shared security information distributed via the GlobalView Network.
“This new engine presents a unified interface across our product lines, providing a thoroughly integrated, simplified, and cost-effective combination of technologies for our partners,” concluded Mr. Lev.
The single engine includes the following products: GlobalView™ Web Security, Anti-Spam, Command Antivirus®, and Zero-Hour™ Virus Outbreak Protection. The Command Antivirus division was acquired from Authentium in September, 2010.
To learn more about Commtouch’s new triple-play product, contact firstname.lastname@example.org.
Commtouch® (NASDAQ: CTCH) provides proven Internet security technology to more than 150 security companies and service providers for integration into their solutions. Commtouch’s GlobalView™ and patented Recurrent Pattern Detection™ (RPD™) technologies are founded on a unique cloud-based approach, and work together in a comprehensive feedback loop to protect effectively in all languages and formats. Commtouch’s Command Antivirus utilizes a multi-layered approach to provide award winning malware detection and industry-leading performance. Commtouch technology automatically analyzes billions of Internet transactions in real-time in its global data centers to identify new threats as they are initiated, enabling our partners and customers to protect end-users from spam and malware, and enabling safe, compliant browsing. The company’s expertise in building efficient, massive-scale security services has resulted in mitigating Internet threats for thousands of organizations and hundreds of millions of users in 190 countries. Commtouch was founded in 1991, is headquartered in Netanya, Israel, and has a subsidiary with offices in Sunnyvale, California and Palm Beach Gardens, Florida.
Stay abreast of the latest news at the Commtouch Café:
http://blog.commtouch.com. For more information about enhancing security offerings with Commtouch technology, see http://www.commtouch.com or write to email@example.com.
Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch, Authentium, Command Antivirus and Command Anti-malware are registered trademarks, of Commtouch. U.S. Patent No. 6,330,590 is owned by Commtouch.
New Solution Allows Users to Integrate Critical Security Event Information in Minutes
(Los Angeles, CA – February 15, 2011) Security information and event management (SIEM) solutions have become a must-have in IT environments because the technology helps make sense of the vast quantities of data provided by security software and appliances across the network. But for all the advantages of SIEM, until now the solutions had one troubling blind spot. While SIEM can correlate volumes of security data to create a picture of singular events, by itself it lacks the ability to tie those events to the most powerful users and processes within IT.
Lieberman Software Corporation today announced that the latest version of Enterprise Random Password Manager™ (ERPM), the company’s flagship privileged identity management (PIM) solution, provides deep, out-of-the-box integration with ArcSight ESM™, RSA enVision™, and the Q1 Labs QRadar™ Security Intelligence Platform. Available at no additional cost to supported customers, ERPM now includes an intuitive setup Wizard that customers can use to configure integration with these SIEM systems in only minutes.
Once customers enable the integration features in ERPM, the PIM and SIEM technologies work in concert to ensure that only authorized personnel can access an organization’s most sensitive data, change configuration settings, and run programs on the network.
“Our collaboration with leading SIEM providers has eliminated a single, critical blind spot that was present in these solutions,” said Philip Lieberman, president of Lieberman Software. “These technical integrations allow IT staff to correlate the most powerful and potentially disruptive human and automated actions with the individuals responsible. Prior to this integration, the lack of individual accountability was a key missing element in SIEM.”
About the PIM and SIEM Integration
In most large organizations, IT staff and the software that links computers, databases and applications all maintain access through privileged account credentials. Widely shared and seldom changed, these “super user” accounts grant access to read and alter sensitive data, change configuration settings and run programs everywhere on the network.
Because SIEM systems were not designed with privileged identities in mind, they have no way to tie security events that are triggered through use of these accounts with the individuals and processes responsible. This lack of visibility can leave IT staff with too little information to make informed decisions and the inability to differentiate between routine security events and potentially damaging – or even criminal – activity.
The integrations between ERPM and SIEM technology close this visibility gap by showing IT staff not only when and where critical events occurred, but also precisely who was responsible for any action that required the use of highly “super user” accounts. ERPM and leading SIEM solutions also work together to generate an audit trail to correlate the actions taken by privileged users with the security events that might result. By removing anonymity, the products introduce accountability for all users who access the organization’s most critical IT resources – revealing who had access to what systems and data, when and for what purpose.
The ERPM integrations with SIEM solutions are available immediately at no cost to supported customers. The company anticipates announcing additional integrations with SIEM systems in the near future.
Lieberman Software is exhibiting the latest version of ERPM in booth 529 at RSA Conference in San Francisco, CA this week.
About Lieberman Software Corporation
Lieberman Software provides privileged identity management and security management solutions that protect the multi-platform enterprise. By automating time-intensive IT administration tasks, Lieberman Software increases control over the computing infrastructure, reduces security vulnerabilities, improves productivity and helps ensure regulatory compliance. As Pioneers of Privileged Identity ManagementSM Lieberman Software not only developed the first software solution to address this need, its products continue to lead the market in features and functionality. The company is headquartered in Los Angeles, CA with an office in Austin, TX. For more information, see www.liebsoft.com.
Increased 64 GB Storage Capacity and New Software Tools Help Organizations Better Protect Data at Rest
SAN FRANCISCO (Feb. 14, 2011) – Imation Corp. (NYSE: IMN), a leading global technology company dedicated to helping people and organizations store, protect and connect with their digital world, today introduced the latest expansion to its award-winning Defender Collection™ portfolio at the 2011 RSA Conference held this week at the Moscone Center. To meet the rapidly growing need for data-at-rest security solutions, Imation is unveiling 64 gigabyte capacities of its Defender F100, F150 and F200 +Biometric Flash Drives in booth number 1132. The company also is showcasing new security management software options. These enhancements help small- to medium-sized businesses where data security is paramount – sectors such as government, healthcare, retail and financial services – better manage the risks and responsibilities of increasing data growth and portability.
Part of the full line of Imation’s Defender Collection secure data storage solutions, the Defender F200 +Biometric Flash Drive is engineered to meet and exceed the most advanced international standards for data encryption. A fast and efficient hardware-dedicated security processor provides advanced portable security through FIPS (Federal Information Processing Standards) 140-2, Level 3 validated AES 256-bit hardware encryption, authentication, manageability and biometrics. The advanced security features of the F200 include an ergonomic swipe sensor for two-factor authentication with strong password and/or biometric fingerprint identification. It also provides protection against malware in virtually any environment, securing users’ digital information. Housed in a rugged metal casing, the F200 is tamper resistant, crush resistant, waterproof and dustproof, designed to meet many international military and International Electrotechnical Commission (IEC) specifications.
“Imation’s Defender Collection provides businesses and government agencies with the added versatility and functionality that is needed to protect critical data,” said Jason Elles, Imation brand manager. “With the average U.S. data breach costing companies $6.6 million, risk-intensive organizations are rapidly adopting the use of portable data defense. The Defender Collection offers the necessary tools to secure sensitive data.”
In addition to the F200 flash drive, Imation recently announced the Defender Collection Software Suite. Defender Collection software offers government agencies, health care industry, financial services, and small- to medium-sized businesses (SMBs) the ability to customize and enforce device authentication and security policies, and the capability to deploy and manage any removable storage device. The Defender Collection Software Suite offers robust reporting, as well as the ability to recover passwords, manage keys and remotely disable devices that are lost or stolen.
Launched in mid 2010, the Imation Defender Collection offers the industry’s broadest portfolio of products to secure data at rest stored on portable devices and media. For more information about the Defender Collection, visit the Imation booth (number 1132) at the 2011 RSA Conference, log on to http://www.imation.com/en-us/Imation-Products/Defender-Collection, or view the company’s RSA Conference online press kit at http://www.tradeshownews.com/events/RSA-Conference-2011/imation/.
About RSA Conference
RSA Conference helps drive the global information security agenda with annual events in the U.S., Europe and Japan. Throughout its 20-year history, RSA Conference consistently attracts the best and brightest in the field, creating opportunities to learn about information security’s most important issues through face-to- face and online interactions with peers, luminaries and emerging and established companies. As information security professionals work to stay ahead of ever-changing security threats and trends, they turn to RSA Conference for a 360-degree view of the industry. RSA Conference seeks to arm participants with the knowledge they need to remain at the forefront of the information security business. More information on events, online programming and the most up-to-date news pertaining to the information security industry can be found at www.rsaconference.com.
About Imation Corp.
Imation Corp. (NYSE: IMN) is a leading global technology company dedicated to helping people and organizations store, protect, and connect their digital world. Our portfolio of data storage and security products, electronics and accessories reaches customers in more than 100 countries through a powerful global distribution network. Imation Corp.’s global brand portfolio includes Imation, Memorex, XtremeMac, and TDK Life on Record brands. Additional information about Imation is available at http://www.imation.com.
Demonstration systems include a standard laptop, a 2nd Generation IntelR CoreT processor reference platform and a network malware security system
SAN FRANCISCO, CA, RSA Conference 2011-February 14, 2011-As a new participant to the RSA Conference, LynuxWorks, Inc., will demonstrate its LynxSecure high-performance, secure virtualization platform. The LynxWorks platform allows multiple guest operating systems (OSes) and applications to run safely and independently on a single device. Originally built for security-critical military, medical and avionics embedded applications; this market leading technology has now been extended to support the Enterprise.
The demonstration systems in the LynuxWorks booth (#240) include a standard laptop with secure Internet access, a reference platform running the latest 2nd Generation IntelR CoreT processor and the ValidEdge Network Malware Security (NMS) system running LynxSecure (booth #241).
According to Robert Day, VP of Marketing at LynuxWorks, “At the RSA Conference we are showing that it is now possible to run multiple copies of the Windows OS, each held in their own secure enclave, running at near native-speed on a LynxSecure-based endpoint. It is now possible to secure corporate sensitive applications and data on a machine browsing the open Internet without compromising the performance or functionality of the system.”
Robert Day further explained that the same LynxSecure technology can be used to secure the next generation of devices and appliances based on Intel’s latest 2nd Generation IntelR CoreT processors, allowing developers to build security into their new systems at the lowest level, and then use the hypervisor functionality built into LynxSecure to run legacy OSes and applications on this secure platform.
Also being announced at the RSA Conference is the ValidEdge NMS system that uses the LynxSecure platform and helps augment network protection offered by traditional security appliances, either off-line or in-line modes. This is particularly important for Enterprise organizations that want to protect critical assets from new and custom malware-based attacks, which go undetected by firewalls or endpoint security products. For more details, please refer to www.validedge.com.
About LynxSecure LynxSecure provides one of the most flexible secure virtualization solutions for use in IntelR architecture-based embedded and computer systems. Designed to maintain the highest levels of military security and built-from-the-ground-up to achieve it, LynxSecure 4.0 now offers an industry-leading combination of security with functionality, allowing developers and integrators to use the latest software and hardware technologies to build complex multi-OS based systems.
LynxSecure offers two virtualization schemes, para-virtualized guest OSes such as Linux and LynxOS-SE offering maximum performance, and fully virtualized guest OSes such as Windows, Solaris and Chromium OS requiring no changes to the guest OS. Another key feature that LynxSecure offers is the ability to run guest OSes that have Symmetric Multi-processing (SMP) capabilities. The new quad-core IntelR CoreT i7 processor makes this feature a reality by allowing one of the guest OSes to run across multiple cores, offering performance never seen before in a virtualized embedded system.
LynuxWorks, a world leader in the embedded software market, is committed to providing open and reliable real-time operating systems (RTOS) and software tools to embedded developers. The company’s LynxOS family of operating systems offers open standards with the highest level of safety and security features, enabling many mission-critical systems in defense, avionics and other industries. The latest product in the portfolio, the award winning LynxSecure offers a secure separation kernel and embedded hypervisor that forms a platform for the development of high assurance systems. Since it was established in 1988, LynuxWorks has created technology that has been successfully deployed in thousands of designs and millions of products made by leading communications, avionics, aerospace/defense and consumer electronics companies. LynuxWorks’ headquarters are located in San Jose, CA. For more information, visit www.lynuxworks.com.
Mobile Security Solution Provides SMS Encryption
SAN FRANCISCO, February 14, 2011 — SRA International, Inc. (NYSE: SRX), a leading provider of technology and strategic consulting services and solutions to government organizations and commercial clients, today announced the launch of SRA One Vault Messenger, an encryption solution for Short Message Service (SMS) transmissions (text messages) for BlackBerry smartphones. One Vault Messenger is a new addition to the SRA One Vault™ suite of products, which was released in 2010 as the first and only hardware-anchored voice security solution for an off-the-shelf BlackBerry.
Designed for executives, first responders and government agencies that currently ‘text in the clear’, One Vault Messenger features an intuitive interface and leverages technology from Koolspan – the developers of a tamper-resistant microSD encryption card (TrustChip) – to defend against unwanted surveillance and cyber hacking. Combined with SRA One Vault Voice, which encrypts voice communication, and built-in email encryption from Research in Motion (RIM), One Vault Messenger offers a secure texting environment for BlackBerry smartphone users.
“Today, both GSM and CDMA mobile networks lack the cyber security protection necessary to prevent sensitive information from being exposed,” said SRA Senior Vice President of Offerings and Products Pat Burke. “As the mobile workforce expands at an unprecedented rate, mobile security requirements are a priority consideration across enterprises. One Vault Voice and One Vault Messenger provide a layer of security never before available for BlackBerry smartphone users.”
One Vault Messenger will be available by Spring 2011, and will be delivered through a hosted environment or a private offering. One Vault Voice and Messenger will be showcased to security professionals at RSA Conference 2011, held at Moscone Center in San Francisco February 14 – 17, 2011. Additional information can be found at www.sra.com/one-vault-voice/.
About SRA International, Inc.
SRA and its subsidiaries are dedicated to solving complex problems of global significance for government organizations and commercial clients serving the national security, civil government and global health markets. Founded in 1978, the company and its subsidiaries have expertise in such areas as air surveillance and air traffic management; contract research organization (CRO) services; cyber security; disaster response planning; enterprise resource planning; environmental strategies; IT systems, infrastructure and managed services; learning technologies; logistics; public health preparedness; public safety; strategic management consulting; systems engineering; and wireless integration.
SRA and its subsidiaries employ more than 7,300 employees serving clients from its headquarters in Fairfax, Va., and offices around the world. For additional information on SRA, please visit www.sra.com.
San Ramon, California – February 14, 2011 – DeviceLock, Inc., a worldwide leader in endpoint data leak prevention (DLP) software solutions, today announced that DeviceLock 7—the first version to extend its leading contextual controls to a wide breadth of network protocols and to expand its content filtering features for endpoint security—is production-ready and generally available for purchase.
The DeviceLock Endpoint DLP Suite addresses the needs of medium to large enterprises that require a simple and affordable approach to preventing unauthorized data loss from Microsoft Windows endpoints. DeviceLock 7’s core component exerts contextual control over local data channels on protected computers. These include all peripheral devices and ports, connected smartphones/PDAs, and even document printing locally or to the network. From familiar and centralized Microsoft Windows Active Directory Group Policy Objects (GPOs) and companion consoles, DeviceLock administrators can dynamically manage distributed agents that enforce centrally defined DLP policies that permit, mitigate or prohibit data flows based on user, data type, interface, flow direction, state of encryption, date and time, and other threshold criteria.
With the separately licensed NetworkLock component, contextual protocol control is extended to FTP/S, HTTP/S, SMTP/S, Telnet, instant messengers, webmail, and social networking applications such as Twitter, MySpace and Facebook. Another new module, ContentLock, enables the monitoring and filtering of files, communications, and other data objects based on content rules that leverage context, regular expressions, numerical conditioning and Boolean operators. Pre-configured templates for detecting common data patterns, sensitive keywords, document properties, file types, and more are included and simple to configure or copy to make customized rules. The complete package delivers an unprecedented level of functionality among endpoint DLP solutions in the same price range.
“Few enterprises have implemented DLP despite the fact that data security is a #1 concern. A 2010 Forrester study found that just 15% of the market has a solution in place. Cost and complexity are holding back the remainder. This release of DeviceLock breaks that log jam on both counts,” said David Matthiesen, Director of Sales for DeviceLock in the Americas. “DeviceLock 7 makes enterprise-class endpoint DLP practical for the mainstream corporate market and affordable for organizations of any size and budget. Its modular structure and licensing program make it convenient to step up from DeviceLock’s leading contextual control over peripheral PC ports and devices to add the equivalent controls over endpoint network communications. From there, you can easily add content filtering for the most sensitive or suspect data flows across any of these channels. Each step can be taken when it makes sense per compliance needs and within budget cycle constraints.”
Recognizing more than 80 data file formats and over 4,000 file types, ContentLock extracts and filters the content of data copied to removable drives and plug-n-play storage devices, as well as all shadowed printing operations and data that are transmitted over other input/output channels on endpoint computers. This includes endpoint IP protocols, network-aware applications, email, instant messengers, clipboard, and social media sites covered by NetworkLock if both modules are licensed and configured. A packaged file-archive handling feature provides further protection from leakage from compressed file archives. NetworkLock adds port-independent network protocol and application detection and filtering, message and session reconstruction with file, data, and parameter extraction, as well as event logging and full or conditional data shadowing.
In the same effective way that DeviceLock currently integrates with TrueCrypt, PGP, and other removable device encryption products, DeviceLock 7 supports the Windows 7 native data encryption solution for removable drives – BitLocker To Go™. DeviceLock customers can use Microsoft-backed data encryption technology with DeviceLock on their Windows 7 endpoints at no additional cost. As BitLocker To Go can be centrally managed via Microsoft Active Directory like DeviceLock, their combination delivers to customers all the capabilities of endpoint DLP with built-in removable media encryption, while offering both functional advantages and significant cost savings.
Content filtering brings new efficiency and scalability to DeviceLock’s data shadowing function across the spectrum of endpoint data and communication channels. Now customers can filter recorded data streams down to just those pieces of information meaningful to security auditing, incident investigations and forensic analysis before saving in the shadow log. This tremendously reduces storage space and network bandwidth requirements for shadow log collection back to the central database.
DeviceLock 7 is designed to seamlessly scale from small to large installations and simplify DLP deployment and management that is normally performed by in-house Windows administrators using available server and network resources. Customers can enhance their endpoint data security with content-aware and network control capabilities through the same well-proven MMC-style management interface instantly familiar to Windows security administrators. Most new users can learn and configure DeviceLock for the enterprise in just a few days. With DeviceLock Group Policy Manager, a custom-made MMC snap-in for Windows Group Policy Object Editors, DeviceLock’s transparent agents can be deployed, fully managed and maintained across the organization from within an existing Active Directory domain or forest. DeviceLock also supports LDAP, workgroup, and standalone Windows endpoint implementations.