News Article | March 1, 2017
LOS ANGELES--(BUSINESS WIRE)--Gurucul, a leader in user and entity behavior analytics (UEBA) and identity analytics (IdA) for on-premises and the cloud from the context of big data with machine learning, today announced that Borderless Behavior Analytics - Who’s Inside? What’re They Doing? by CEO Saryu Nayyar is now available for Kindle. According to Jim Routh, CSO of Aetna, this book “is a collection of thought-provoking content from industry luminaries presenting practical guidance based on expertise essential to the impact of models on security risk-based maturity, for enterprises large and small, moving at customer speed.” WHO: Borderless Behavior Analytics features chapters by Gary Eppinger, CISO of Carnival Corporation; Jerry Archer, CSO of a Major Financial Services Company; Joe Sullivan, CSO of Uber; Teri Takai, former CIO of the Department of Defense (DoD); Robert Rodriguez, chairman, founder of Security Innovation Network (SINET); Leslie K. Lambert, former CISO of Juniper Networks and Sun Microsystems; Gary Harbison, CISO of Monsanto. WHAT: Borderless Behavior Analytics is a compilation of articles by these top CISOs and CSOs on how identity has become the fulcrum for most of today’s more serious attacks and data theft. The book captures shared experiences and best practices, while exploring the growing importance and lack of awareness of identity as an access risk and threat plane, also known as the CIO and CISO divide. WHERE: Borderless Behavior Analytics for Kindle can be downloaded at https://www.amazon.com/Borderless-Behavior-Analytics-Inside-Whatre-ebook/dp/B06X9T3PSL/. The free Kindle App is available at: https://www.amazon.com/kindle-dbs/fd/kcp. WHEN: Borderless Behavior Analytics is available immediately for $0.99 until March 3rd. The cost beginning March 4th will be $8.95. HOW: Visit https://www.amazon.com/Borderless-Behavior-Analytics-Inside-Whatre-ebook/dp/B06X9T3PSL/ to download Borderless Behavior Analytics for the Kindle App. The editorial team has already started working with new contributors and an early preview of their articles is included in the first edition of the book. Jairo Orea, Chief Information Security Architect for a Fortune 10 company, weighs in on hybrid environment architecture and the role of data brokers, cloud brokers and identity brokers. Devin Bhatt, CISO and Chief Privacy Officer for the U.S. Federal Government, provides a focused perspective on insider threats as a new chapter in the second edition. Those individuals interested in future editions, supporting blogs and comments about the book should visit www.borderlessbehavioranalytics.com. Gurucul is changing the way enterprises protect themselves against insider threats, account compromise and data exfiltration on-premises and in the cloud. The company’s user behavior analytics and identity access intelligence technology use machine learning anomaly detection and predictive risk-scoring algorithms to reduce the attack surface for accounts, unnecessary access rights and privileges, and to identify, predict and prevent breaches. Gurucul technology is used globally by organizations to detect insider threats, cyber fraud, IP theft, external attacks and more. The company is based in Los Angeles. To learn more, visit http://www.gurucul.com/ and follow us on LinkedIn and Twitter.
News Article | March 2, 2017
WILMINGTON, Mass., March 02, 2017 (GLOBE NEWSWIRE) -- Security Innovation, a pioneer in software security, announced the hiring of Christina Howe as VP of Marketing. Chris will be responsible for all facets of the company’s go to market, thought leadership, and demand generation strategies. Additionally, Chris will be a major stakeholder in the company’s sales strategy, ensuring that revenue growth accelerates. 2016 was the company’s 4th consecutive year of record sales and is rapidly expanding into new markets. Chris is a proven leader in the successful development and implementation of global marketing strategies that drive revenue. Prior to joining Security Innovation, she was the Director of Digital Marketing for Compuware’s Application Performance Management business unit. Prior to that, she held various executive marketing positions at technology firms such as Avid, Rational/IBM, and Sybase where she honed her customer experience and market analytical skills. Chris also founded C Change Consulting where as Principal, she provided strategic consulting services including interim and transitional leadership. “Security Innovation has a long-standing reputation as a trusted advisor for organizations in need of enterprise grade application security solutions,” said Edward Adams, CEO. “Chris is an exceptional leader with a remarkable track record. Her creative thinking and next generation marketing skills will build the platform we need to elevate our expert profile and scale our business globally.” Chris’s experience at Rational/IBM and Compuware brings specialized knowledge into how software applications are built and the pressures put on development teams. Leveraging this insight, Chris will be tasked with building strategic programs that elevate the company’s profile as the foremost experts in application security assessment and training. “I’m excited by the opportunity to join the Security Innovation team and look forward to contributing to greater success,“ said Howe. “We have already established a leading position in application security solutions space and now have the opportunity to extend our solutions and services to new markets. I look forward to helping support our next phase of growth.” Since 2002, Security Innovation has been the trusted partner for software security for the world’s leading companies. Security Innovation is dedicated to securing and protecting sensitive data in the most challenging environments - automobiles, desktops, web applications, mobile devices and in the cloud. Security Innovation is privately held and headquartered in Wilmington, MA USA. For more information please visit: www.securityinnovation.com or connect with us on LinkedIn or Twitter.
News Article | February 14, 2017
WILMINGTON, Mass., Feb. 14, 2017 (GLOBE NEWSWIRE) -- Security Innovation, the worldwide leader in application security training and testing services, today has announced that it intends to spin off its SI-Embedded business unit and create a sister company called OnBoard Security. The company will comprise the SI-Embedded business unit that has in recent years emerged as a leading provider to the Vehicle-to-Vehicle (V2V) security, trusted computing and advanced cryptography markets. The move sharpens the strategic focus and shareholder value of both companies. “Security Innovation is thrilled to bring OnBoard Security into the world,” said Ed Adams, CEO of Security Innovation and Chairman of OnBoard Security. “I’m confident that they will flourish and become an even more potent force for the future of IoT security. As a sister company with complementary solutions, we expect to enjoy a close and mutually profitable relationship long after the divestment.” Peter Samson will be named president of the new company. He is currently the senior vice president responsible for the SI-Embedded business. “We will continue to be the security expert that car makers, PC manufacturers, cryptographers and IoT companies have admired and trusted for years,” Samson said. “As an independent company, we will intensify the already laser-like focus on our niche products and global customers while accelerating the new research and development needed to continue delivering innovation and thought leadership.” OnBoard Security products will include the award-winning Aerolink® Vehicle-to-Vehicle (V2V) security libraries and related products, the NTRU post-quantum cryptography algorithm that solves the existential threat to internet security and TCG Software Stacks (TSS) that simplify the implementation of Trusted Platform Modules (TPMs). Services include Transportation Infrastructure Security Consulting, Connected and Autonomous Vehicle Security Consulting and IoT Secure Boot/Attestation Consulting. This divestiture is expected to be completed within the first quarter. About Security Innovation Since 2002, Security Innovation has been the trusted partner for cybersecurity risk analysis and mitigation for the world’s leading companies. Security Innovation is dedicated to securing and protecting sensitive data in the most challenging environments - automobiles, desktops, web applications, mobile devices and in the cloud. Security Innovation is privately held and headquartered in Wilmington, MA USA. For more information please visit: www.securityinnovation.com or connect with us on LinkedIn or Twitter.
News Article | February 14, 2017
Dr. William Whyte, Chief Scientist for Security Innovation, a leader in automotive, embedded, and IoT cyber security, will be presenting at the 2017 RSA Conference in San Francisco, CA. His presentation, titled Choosing Parameters for NTRUEncrypt in the Public Key Implementations session, will give guidance to cryptographic professionals on choosing the best parameters for NTRU, the world’s most trusted quantum-resistant crypto algorithm. The session on Tuesday Feb 14th at 1:15 PM - 2:00 PM in Yerba Buena 10 at the Marriott Marquis will also feature Marc Joye, Security Technologist from NXP Semiconductors. About RSA Conference 2017 Held on Feb 13-17 at San Francisco’s Moscone Center, the RSA Conference’s mission is to connect you with the people and insights that will empower you to stay ahead of cyber threats. RSA Conference is your best resource for exchanging ideas, learning the latest trends and finding the answers you are looking for. About Security Innovation For over 10 years, the world-renowned experts at Security Innovation’s Embedded Security Division, OnBoard Security, have been pioneering technologies that protect the Internet of Things, now and for the future. We address three significant challenges: ensuring the security and privacy of connected vehicles, making hardware roots of trust easy to use, and avoiding the existential threat from quantum computers to the integrity of the internet. Headquartered in Wilmington, MA, we are best known for the award-winning Aerolink® V2X libraries that are the de facto standard for connected vehicle security and privacy; our patented NTRU algorithm which is the most tested and trusted quantum-resistant cryptosystem; and our TSS 2.0 & 1.2 middleware that simplifies implementation of Trusted Platform Modules. For more information please visit: www.securityinnovation.com or connect with us on LinkedIn or Twitter.
News Article | May 25, 2017
BROOKFIELD, Wis.--(BUSINESS WIRE)--Fiserv, Inc. (NASDAQ: FISV), a leading global provider of financial services technology solutions, today announced that its clients Bangkok Bank and Gesa Credit Union were recognized for their innovative use of technology by Retail Banker International (RBI) at the Retail Banking Conference and Awards 2017. Thailand’s Bangkok Bank won Best Mobile Banking Strategy for delivering ‘everyday, everywhere’ banking to its customers with Mobiliti Edge™ from Fiserv. Gesa Credit Union, located in Richland, Washington, won Retail Banking Security Innovation of the Year for pioneering the use of biometrics in their branches with Verifast™: Palm Authentication from Fiserv. The Retail Banking Awards by RBI highlight the achievements of retail banking organizations throughout the past year. Award winners are highly regarded within the industry as top performers representing an exceptional level of achievement. “These awards are a testament to the vision of Bangkok Bank and Gesa Credit Union, both of which are powerful examples of financial institutions that are using technology innovation to deliver experiences that fit seamlessly into people’s everyday lives,” said Andrew Steadman, vice president, Product Management and Marketing, International Group, Fiserv. Further details of the winning entries include: With fast-growing smartphone adoption in Thailand and the rising demand from customers for on-the-go banking tools to complement their mobile lifestyles, Bangkok Bank has been continually adding new functionality to its mobile banking proposition, Bualuang mBanking. With Bualuang mBanking, which is built on the Mobiliti Edge mobile banking and payments platform from Fiserv, Bangkok Bank customers have the ability to access financial services via a mobile phone, tablet or the Apple Watch. Additionally, the bank added mobile peer-to-peer (P2P) payments and advanced push notifications and alerts that can be received directly through the app. Almost one year after launching the P2P service and other enhancements of the user experience, the average payment transaction volume per month increased by 350 percent and revenue increased by 300 percent. Gesa Credit Union piloted the use of Verifast: Palm Authentication, a fast, secure and convenient biometric authentication solution based on near-infrared scanning of an individual’s palm vein patterns. Gesa reduced the time to authenticate a member in the branch by 93 percent, speeding up the teller line while enhancing security and improving the customer experience. On a 1-to-5-point scale with 5 being the best, about 99.9 percent of Gesa members using the solution rated the palm vein technology a 5 on both the registration process and use. In a world that is moving faster than ever before, Fiserv helps clients deliver solutions that are in step with the way people live and work today - financial services at the speed of life. Learn more at fiserv.com. Bangkok Bank, established in 1944, is one of Southeast Asia’s leading regional banks and Thailand’s market leader in international, corporate and business banking. It has the country’s largest customer base, more than 1200 branches, and a modern self-service network that includes its award-winning mobile banking service. The bank's ongoing market leadership is due to its philosophy of developing long-term supportive partnerships with customers. The bank’s scope of operations and complementary synergies means its offers an impressive breadth and depth of services to both local and international clients. Gesa Credit Union has served Washington State’s Tri-Cities community since 1953, and is one of the state’s largest credit unions with $1.8 billion in assets and 150,000 members. Gesa is a full service financial institution that offers a complete array of consumer, mortgage and business products and services. Headquartered in Richland, Washington, Gesa operates 18 branch offices in the Kennewick, Richland, Pasco, West Richland, Walla Walla, Wenatchee, East Wenatchee, Spokane, Spokane Valley, Yakima and Moses Lake communities. Gesa also supports ten student-operated high school branches – the most in the state. Gesa’s commitment to local communities includes support for Junior Achievement, Habitat for Humanity, annual youth scholarships, and free financial seminars open to members and the general public. For more information visit www.gesa.com. Fiserv, Inc. (NASDAQ: FISV) enables clients worldwide to create and deliver financial services experiences that are in step with the way people live and work today. For more than 30 years, Fiserv has been a trusted leader in financial services technology, helping clients achieve best-in-class results by driving quality and innovation in payments, processing services, risk and compliance, customer and channel management, and insights and optimization. Fiserv is a member of the FORTUNE® 500 and has been named among the FORTUNE Magazine World's Most Admired Companies® for four consecutive years, ranking first in its category for innovation in 2016 and 2017. For more information, visit fiserv.com.
News Article | April 18, 2017
MCLEAN, Va.--(BUSINESS WIRE)--BAE Systems’ Peder Jungck has been named president of the Information Technology - Information Sharing and Analysis Center (IT-ISAC), an influential not-for-profit organization composed of member companies dedicated to enhancing cyber security by sharing threat information and collaborating on effective mitigations of cyber risk. IT-ISAC members include C-suite technology and security leaders from the world’s largest technology companies, including Intel, Oracle, and Hewlett Packard Enterprise. IT-ISAC members actively collaborate to protect their enterprises and the collective global information infrastructure. The exclusive, industry-only forum also works closely with the U.S. Department of Homeland Security to help companies around the world minimize threats, manage risk, and provide near real-time responses to real-world cybersecurity challenges. “IT-ISAC engages a global network of subject-matter experts from the world’s leading technology companies to enhance cross-industry awareness of emerging cyber threats,” said Jungck, chief technology officer of BAE Systems’ Intelligence & Security sector. “The organization is itself a cyber defense force multiplier that is helping to protect global commerce and enhance international security.” Cyber security is of paramount importance for BAE Systems. The company shares more information about cyber threats than any other member of the defense industrial base. BAE Systems also made international news in May 2016 for its strategic cyber threat intelligence (CTI) sharing partnership with Fujitsu of Japan. “As a best practice, BAE Systems harnesses all of the data surrounding cyber-attack strings, etc. that target our network,” Jungck said. “When we identify and neutralize these threats to our own network, we can share this cyber threat data with our industry partners. Industry collaboration through crowdsourcing is an effective way to share the rewards of a safer cyberspace, at a reduced cost. CTI sharing is the logical first step for any organization seeking to implement a holistic cyber defense strategy.” Jungck has more than 20 years of experience within the IT industry, dealing with information assurance, secure computing, and network security challenges. Over the course of his career, Jungck has served as a CTO of a Silicon Valley venture capital firm and led a variety of IT and cybersecurity businesses, which have developed large-scale managed service offerings providing trusted IT infrastructure and cyber defense for commercial enterprises, telecommunications carriers, and the U.S. government. In recognition of his work, Jungck has earned 26 patents in networking and security, as well as published a book and peer-reviewed works on secure computing and software defined networking. He has also spent considerable time and effort with start-ups and developing industry communities related to cyber, including being an early board member of Cyber Maryland, a member of the National Initiative for Cybersecurity Education’s NICE365 Industry Advisory Board, a Security Innovation Network (SINET) 16 Advisor, and a STARS Mentor for Mach37 (Virginia Cyber Accelerator). BAE Systems provides intelligence and security services to manage big data, inform big decisions, and support big missions. BAE Systems delivers a broad range of solutions and services including intelligence analysis, cyber operations, IT, systems development, systems integration, and operations and maintenance to enable militaries and governments to recognize, manage, and defeat threats. The company takes pride in supporting critical national security missions that protect the nation and those who serve.
News Article | April 17, 2017
Lumeta Corporation, the authority on providing cyber situational awareness for rapid security response, today announced that its Lumeta Enterprise Situational Intelligence (ESI) platform now integrates with McAfee ePolicy Orchestrator® (McAfee® ePO™). This technology integration provides customers real-time visibility to proactively identify, manage and respond to endpoint security issues and threats across dynamic cloud, virtual, mobile and physical networks. Lumeta ESI recursively and authoritatively indexes all connected endpoints, networks and devices across environments and immediately detects new devices connecting to the network, allowing companies to quickly and effectively identify and remediate threats. McAfee® ePO™ includes McAfee® Active Response, a comprehensive Endpoint Detection and Response (EDR) feature for Indicator of Attack (IoA). The integrated Lumeta ESI and McAfee® ePO™ solutions are now available and deliver continuous, real-time detection of and response to advanced security threats to help security practitioners monitor security posture, improve threat detection, and expand incident response capabilities through forward-looking discovery, detailed analysis, forensic investigation, comprehensive reporting and prioritized alerts and actions. Users can launch directly into McAfee® ePO™, including McAfee® Active Response, to deliver continuous detection of and response to advanced security threats. Forward-looking discovery, detailed analysis, forensic investigation, comprehensive reporting, and prioritized alerts and actions enable security practitioners to monitor security posture, improve threat detection and expand incident response capabilities. “Lumeta uniquely provides companies with accurate endpoint visibility to automate and expose threats in real-time so companies gain the foundational intelligence needed to properly secure their networks,” said Reggie Best, chief product officer at Lumeta. “The integrated Lumeta ESI and McAfee® ePO™ solutions deliver comprehensive endpoint threat detection and response capabilities to help companies achieve a new level of cyber situational awareness that gives them the context and intelligence required to detect and remediate threats before a breach.” With Lumeta ESI, McAfee® Active Response can now manage, on average, more than 20 percent of devices on an IT infrastructure (including networks and endpoints) that are unknown to other solutions, providing better infrastructure protection. Optimized to meet stringent endpoint detection and response (EDR) criteria, McAfee® Active Response uses predefined and user-customizable collectors to search deeply across all accessible systems to find indicators of attack (IoAs) that are not only present via running processes, but also may be lying dormant or may have been deleted. “Providing our mutual customers with better data protection and an improved Threat Defense Lifecycle are the top priorities for the McAfee Security Innovation Alliance,” said D.J. Long, head of the McAfee Security Innovation Alliance. “Partnering with Lumeta to combine the strengths of both companies is key to being able to deliver on those goals and minimizing the toll of advanced threats troubling business, government and consumer data.” ABOUT LUMETA Lumeta delivers real-time cyber situational awareness that quickly and effectively identifies and remediates threats before a breach impacts an organization. Lumeta’s cyber situational awareness platform, ESI, reduces the risk to companies by streamlining network response and change, and adding security intelligence to dynamic network elements, endpoints, virtual machines, cloud-based infrastructure, policies and segmentation changes. Lumeta complements and optimizes existing network and security product investments by feeding them accurate, comprehensive network intelligence. Headquartered in Somerset, New Jersey, Lumeta has operations and clients throughout the world. Visit us at http://www.Lumeta.com or follow us on Twitter at @Lumeta.
Security Innovation | Date: 2014-07-22
A method for signing a digital message, including the following steps: selecting parameters that include first and second primes, a ring of polynomials related to the primes, and at least one range-defining integer; deriving private and public keys respectively related to a random polynomial private key of the ring of polynomials, and to evaluations of roots of unity of the random polynomial to obtain a public key set of integers; storing the private key and publishing the public key; signing the digital message by: (A) generating a noise polynomial, (B) deriving a candidate signature by obtaining a hash of the digital message and the public key evaluated at the noise polynomial, and determining the candidate signature using the private key, a polynomial derived from the hash, and the noise polynomial, (C) determining whether the coefficients of the candidate signature are in a predetermined range dependent on the at least one range-defining integer, and (D) repeating steps (A) through (C) until the criterion of step (C) is satisfied, and outputting the resultant candidate signature as an encoded signed message.
Security Innovation | Date: 2015-01-05
A method for signing and subsequently verifying a digital message, including the following steps implemented using at least one processor-based subsystem: selecting parameters including an integer q and a relatively smaller integer p that is coprime with q; generating random polynomial f relating to p and random polynomial g relating to q; producing a public key that includes h, where h is equal to a product that can be derived using g and the inverse of f mod q; producing a private key from which f and g can be derived; storing the private key and publishing the public key; producing a message digest by applying a hash function to the digital message; producing a digital signature using the message digest and the private key; and performing a verification procedure utilizing the digital signature and the public key to determine whether the signature is valid.
News Article | February 15, 2017
CAMPBELL, CA--(Marketwired - Feb 8, 2017) - Bitglass, the total data protection company, today announced that it won the "Security Innovation of the Year" category in the 2016-2017 Cloud Awards, coming out ahead of several first-generation cloud security solutions. Bitglass is the only Cloud Access Security Broker (CASB) on the market offering real-time data protection on any device without agents. Now entering its seventh year, the cloud computing awards program celebrates excellence and innovation in the rapid-growth cloud computing market. The awards program accepts entries from across the globe, from organizations of any size. "Cloud adoption is at an all-time high and enterprises of all sizes and in all verticals are searching for ways to secure sensitive corporate data across applications," said Nat Kausik, CEO, Bitglass. "Bitglass is the leader in real-time data protection and we are continually innovating to address the changing threat landscape and meet the needs of our customers." Bitglass offers comprehensive end-to-end data protection for SaaS, IaaS, custom apps and workloads. In minutes, Bitglass can be configured to protect any application, whether hosted in the public cloud or in private infrastructure, all supported with Bitglass' agentless proxy architecture. Only Bitglass secures traffic from any app without cumbersome software or agents on the endpoint. "We live in a rapidly-changing world, and the sands are shifting every day in the cloud space," said Cloud Awards organizer Larry Johnson. "Cloud service providers need to be constantly innovating to stay relevant, which is why the awards program is so relevant year-on-year. As ever, the entrants for the Software-as-a-Service category have been particularly strong, and we would encourage everyone to keep their eyes on the upcoming SaaS Awards, catering specifically to this area of cloud computing." Visit Bitglass at booth #2244 in the South Expo Hall at the Moscone Center to learn more about CASBs and for a chance to win an Oculus Rift. About Bitglass Bitglass is a global next-generation Cloud Access Security Broker and agentless mobile security company based in Silicon Valley. The company's solutions enable real-time end-to-end data protection, from the cloud to the device. Bitglass is backed by tier-1 investors and was founded in 2013 by a team of industry veterans with a proven track record of innovation and execution. About the Cloud Awards The Cloud Awards is an international program which has been recognizing and honoring industry leaders, innovators and organizational transformation in cloud computing since 2011. The awards are open to large, small, established and start-up organizations from across the entire globe, with an aim to find and celebrate the pioneers who will shape the future of the Cloud as we move into 2017 and beyond. Categories include Most Promising Start-Up, Best SaaS, and "Best in Mobile" Cloud Solution. Finalists were selected by a judging panel of international industry experts. For more information about the Cloud Awards please visit http://www.cloud-awards.com/.