News Article | May 10, 2017
NEW YORK--(BUSINESS WIRE)--Avanan, The Cloud Security Platform, today announced the appointment of Brant Kennedy to the position of Executive VP of Worldwide Sales. The addition of Kennedy to the Avanan team further accelerates the company's rapid growth in bringing innovative, next-generation cloud security to the enterprise IT market worldwide. Kennedy brings to Avanan nearly 30 years of sales and marketing experience and an exceptional record in developing and growing tech startups in the areas of information security, mobility, networking, IOT and cloud. His extensive experience includes US and international markets, working with commercial and public sector customers. Before joining Avanan, Kennedy served as EVP of Worldwide Sales at ForeScout, where he expanded the sales organization from 5 people to 200 and let it through the company’s most successful period of customer acquisition. "Brant led our sales organization at ForeScout through six years of hyper growth and we are thrilled to have Brant join us again in Avanan," said Gil Friedrich, Avanan’s founder and CEO. "Our customer base has grown rapidly in the last year with customers ranging from SMB to Fortune 500. Brant’s experience is exactly what we need to build a team that can serve the full range of organizations that are moving to the cloud.” "What excited and compelled me to join Avanan is that it solves a growing problem in a way that was never done before," said Brant Kennedy. “Whether it’s to prevent phishing or malware or the fear of data loss in the cloud, Avanan’s customers can activate security from the leading vendors in one click. This is not even possible in the data center! Security is the primary concern when companies move to the cloud and Avanan is the only vendor that can offer enterprise-class, best-of-breed security for SaaS.” Avanan secures Office365, GSuite, Box, Salesforce, AmazonS3 or any cloud applications with one click, using security technology from more than 70 industry leading vendors. Avanan has been named a 2016 Gartner Cool Vendor, a Red Herring “Top 100 North American Tech Startup” and one of CRN’s 20 Coolest Cloud Security Vendors. Avanan is based in New York City with R&D in Tel-Aviv. (http://www.avanan.com)
News Article | December 14, 2016
NEW YORK, Dec. 14, 2016 (GLOBE NEWSWIRE) -- Avanan cloud security experts have discovered a new twist on a well-known cyberattack exploiting users’ increased online shopping activity around the holiday season. Unlike the recent spate of highly publicized attacks targeting users’ credit card numbers with fake messages about a problem with online orders, this new attack goes after something potentially even more valuable: users’ Office 365 passwords. Once obtained, hackers have full access to the victim’s Office 365 account, providing an unlimited ability to embed malware, launch additional phishing attacks on the victim’s contacts, steal sensitive company information, reroute invoice remittance details, download customer information such as social security numbers and much, much more. The phishing attack starts with an email that appears to come from FedEx, informing the user that an important package is waiting for the victim. The email contains a link, which is displayed as, http://www.fedex.com/us/track. The actual URL that’s embedded within this displayed link starts with http://fedex-international.com but continues with “.xn-sicherheit-schlsseldienst-twc.de/track.” The .xn uses a Unicode-encoding method called Punycode, which effectively fools Office 365 into thinking this is a legitimate URL that doesn’t contain any malicious intent. The resulting page displayed upon clicking this link is a fake Office 365 login page, asking for the user to provide his or her Office 365 password. Users still trying to access information about their package are likely to input their Office 365 password at this point, thinking that they had inadvertently logged out of Office 365, and therefore need to log back in to continue to track their package. In reality, however, they are giving up the keys to their workplace environment to hackers. “The email scanners and threat protection provided by Microsoft are not stopping the latest phishing emails from getting into our organization,” said Matt Litchfield, vice president of Information Technology at JD Norman Industries. “We are experiencing phishing emails that target my users’ Office 365 credentials. These types of attacks represent a very serious security concern for my organization. I no longer believe that Office 365 email scanning offers sufficient protection from phishing attacks by itself; we must layer additional security on top of what Microsoft already provides to ensure a comprehensive email security solution.” “This is a very significant attack,” said cloud security expert Gil Friedrich, Avanan’s CEO. “With this attack, it’s clear that hackers now realize they can exploit victims’ workplace shopping habits to infiltrate corporate networks, which can be potentially much more valuable than petty credit card theft.” This exploit represents the latest attack on business users of Microsoft Office 365 and Google’s business Gmail programs, which have become platforms of choice for attacks since hackers can test the deliverability of their messages through their own low-cost test accounts. Companies that have migrated to these SaaS-based mail programs without adding necessary security layers have effectively exposed their users to the growing world of cloud security attacks. How to protect from this and future attacks Office 365 and Gmail have inherently limited abilities to block these attacks, since hackers can simply keep testing the deliverability of their messages until they successfully bypass built-in security layers. No one vendor can provide total protection, which is why Avanan recommends a multi-vendor, defense-in-depth approach. Avanan’s cloud security platform enables businesses to apply any combination of more than 60 best-of-breed security tools to Office 365, Gmail and any other SaaS application, all in Avanan’s elegant single pane of glass, and all with just one click. The added layers of security via Avanan’s platform make it impossible for hackers to “test-bench” the deliverability of their attacks, making unprotected users even more attractive and vulnerable. Free scan offer Avanan has offered to provide a free tool to scan Office 365 mailboxes to see how many users in an organization were victims of this attack. To take advantage of this limited-time offer, visit http://www.avanan.com/puny-phishing-office-365. About Avanan, the Cloud Security Platform (http://www.avanan.com) Avanan secures any SaaS application, such as Office 365 and Google Mail, or any cloud application with one click, using best-of-breed security technology from industry-leading vendors. Avanan has been named a 2016 Gartner Cool Vendor, a Red Herring Top 100 North American Tech Startup and one of CRN’s 20 Coolest Cloud Security Vendors of 2016.
Pearson S.,Cloud Security |
Benameur A.,Cloud Security
Proceedings - 2nd IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2010 | Year: 2010
Cloud computing is an emerging paradigm for large scale infrastructures. It has the advantage of reducing cost by sharing computing and storage resources, combined with an on-demand provisioning mechanism relying on a pay-per-use business model. These new features have a direct impact on the budgeting of IT budgeting but also affect traditional security, trust and privacy mechanisms. Many of these mechanisms are no longer adequate, but need to be rethought to fit this new paradigm. In this paper we assess how security, trust and privacy issues occur in the context of cloud computing and discuss ways in which they may be addressed. © 2010 IEEE.
Ko R.K.L.,Cloud Security |
Lee B.S.,Cloud Security |
Pearson S.,Cloud Security
Communications in Computer and Information Science | Year: 2011
The lack of confidence in entrusting sensitive information to cloud computing service providers (CSPs) is one of the primary obstacles to widespread adoption of cloud computing, as reported by a number of surveys. From the CSPs' perspective, their long-term return-on-investment in cloud infrastructure hinges on overcoming this obstacle. Encryption and privacy protection techniques only solve part of this problem: in addition, research is needed to increase the accountability and auditability of CSPs. However, achieving cloud accountability is a complex challenge; as we now have to consider large-scale virtual and physical distributed server environments to achieve (1) real-time tracing of source and duplicate file locations, (2) logging of a file's life cycle, and (3) logging of content modification and access history. This position paper considers related research challenges and lays a foundation towards addressing these via three main abstraction layers of cloud accountability and a Cloud Accountability Life Cycle. © 2011 Springer-Verlag.
Pearson S.,Cloud Security
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2013
In conjunction with regulation, information security technology is expected to play a critical role in enforcing the right for privacy and data protection. The role of security in privacy by design is discussed in this paper, as well as the relationship of these to accountability. The focus within these discussions is on technological methods to support privacy and data protection in cloud scenarios. © 2013 Springer-Verlag.
Cloud Security | Date: 2014-04-25
The present invention relates to a camera device, wherein the camera device comprising a base with a fillister; a body with a spherical unit and a neck; and a camera configured onto the body. The spherical unit fits the fillister to form a joint allowing a wide range of rotation in all direction. The base further comprises a first fixing unit and a second fixing unit. Therefore, the camera device is able to be easily mounted onto a targeted surface; and, the camera field of view is able to be rapidly optimized toward a specific direction.
Cloud Security | Date: 2014-04-25
The present invention provides a camera system and the operating method thereof, wherein the camera system transmits a digital token via sound waves and uses the digital token for device pairing, authorizing, or authenticating. The camera system comprises a transmitting device, for converting the digital token to an acoustic signal, and a camera device, for converting the acoustic signal to the digital signal.
Cloud Security | Date: 2014-04-21
Burglar alarms; audiovisual teaching apparatus, namely, speakers, monitors, headphones, and microphones; camcorders; photographic cameras; electric monitoring apparatus, namely, cameras, motion sensors, and burglar alarms; sound recording and transmitting apparatus; electric theft prevention installations, namely, alarms and detectors; electric locks; warning bells; computer software for use with security monitors and alarm systems; data processing apparatus; downloadable image files containing videos and pictures from security monitors and web links relating to theft prevention; electric installations for the remote control of industrial operations; fire alarms; intercommunication apparatus, namely, telephones, intercoms, headphones, and microphones; life-saving apparatus and equipment, namely, telephones, intercoms, headphones, and microphones; computer monitors; push buttons for bells; remote control apparatus for alarm systems and camera systems; signal bells; sirens; sound alarms; alarm signal whistles.
Cloud Security | Date: 2014-04-21
Camcorders; photographic cameras; electric monitoring apparatus, namely, cameras, motion sensors, and burglar alarms; sound recording and transmitting apparatus; computer software for use with security monitors and alarm monitoring systems to collect, process, and organize photographs, videos, and data from security monitors and alarm monitoring systems; downloadable image files containing videos and pictures from security monitors and web links relating to theft prevention; electric installations for the remote control of industrial operations; intercommunication apparatus, namely, telephones, intercoms, headphones, and microphones; remote control apparatus for alarm monitoring systems and camera systems, namely, computers for remotely managing alarm monitoring and camera systems.