WIXLIB

Strong authenticationfor cloud apps fromDuo SecurityDuo Security is expandingtheir security platform to helpcustomers protect access totheir sensitive data residingin cloud-based applications,including Salesforce, GoogleApps, Microsoft Office 365,and Box.We certainly see theeconomic and managementbenefits of the cloud, butwe're only going to takeadvantage of them if we cando so securely," said MarkMaher, Director of CorporateInfrastructure & Technologyat New World Systems. "Theenforcement of strongauthentication empowerscompanies like ours towww.insecuremag.compreserve control by fortifyingaccess to company assets,no matter where they'rehosted, on-premises or in thecloud. We use Duo Securityto protect access to our VPNand Salesforce."Duo Security's two-factorauthentication platform isdesigned to integrate with anexpansive range ofapplications, devices, andservices, providing protectionof user credentials. Toaddress the evolving natureof hybrid IT models, Duo hasexpanded support to protectwidely-utilized, cloud-basedproductivity applications andonline storage services."To date, we've focused onproviding customers with atwo-factor authenticationsolution that is not only easyto use but also flexibleenough to meet the everchanging needs oforganizations large andsmall," said Richard Li.Free vulnerabilitymanagement servicefor SMBsTripwire debuted TripwireSecureScan, acomprehensive vulnerabilitymanagement solution thatrequires no hardware orsoftware to be installed andmanaged. Organizations ofany size can use the serviceto discover detailedinformation about networkeddevices and findvulnerabilities in hardwareand software applicationsthat are used in cyberattacks.The solution discovers thesevulnerabilities and thenprovides users withprioritized, in-depthinformation on how to fixthese security weaknesses.Enterprise crypto andauthentication in onerackmountFuturex announced therelease of CryptoCube, apurpose-built, all-in-onerackmount enclosure for thesecure encryption,decryption, authentication,and validation of sensitivedata.The CryptoCube systemconsists of a customized,multifactor authenticationsecured rackmountenclosure containing a mix ofFuturex Hardened EnterpriseSecurity Platform solutionstailored specifically to theneeds of each organizationusing it.12

www.insecuremag.com13

The DigiCert team at the conference.Identify and fixvulnerabilities in yourSSL certificatesDigiCert announced DigiCertCertificate Inspector, a tooldesigned to quickly findproblems in certificateconfiguration andimplementation, and providereal-time analysis of anorganization’s entirecertificate landscape,including SSL terminationendpoints.SSL/TLS certificates are akey defense againstunwanted surveillance ofonline user activity. Yet, toooften system administratorsfail to properly configurecertificates, unknowinglyleaving open vulnerabilities.www.insecuremag.comKeeping up with the latestsecurity best practices aswell as monitoring certificatesis a daunting task,particularly for enterprisesmanaging thousands ofcertificates. Frequently,manual tracking processesare used, which introducehuman error and result indowntime or unknownsecurity vulnerabilities suchas configuration with ciphersuites vulnerable to CRIME,BEAST, BREACH or otherattacks.In other cases, departmentsoutside of IT might deploytheir own certificates,creating a blind spot forAdministrators. This also canlead to configurationchallenges that downgradethe effectiveness of the SSLcertificates upon whichorganizations rely.With Certificate Inspector,security professionals candiscover forgotten, neglectedor misconfigured certificates,and identify potentialvulnerabilities, such as weakkeys, problematic ciphersand expired certificates. Foreach potential threatdetected, the tool provides alist of remediation activities.Certificate Inspector scansthe user’s network detectingall certificates in use,inspects SSL configurationand implementation, andthen displays the results inan intuitive and interactivedashboard.14

DB Networks' virtualIDS stops advancedSQL injection attacksDB Networks introduced theIDS-6300v intelligent securityvirtual appliance, a newsolution based on the nextgeneration Core IDS platformintroduced last year in DBEncryptionmanagement platformfor protection in hybridcloudsAFORE Solutionsannounced the addition ofCloudLink SecureVM andCloudLink SecureFILEmodules to the CloudLinkencryption platform.www.insecuremag.comNetworks’ IDS-6300 CoreIDS hardware appliance.Now, cloud providers andMSSPs can easily delivernew security SaaS offeringsbased on DB Networks’patented behavioral analysistechnology forcomprehensive SQL injectionintrusion detection anddefense.Additionally, organizationsoperating virtualized datacenters interested inprotecting their core networkcan benefit from the costsavings delivered inIDS-6300v over hardwarealternatives, while largeenterprises can leverage itsenhanced ease-ofmanagement features.The recent high-profileattacks on major retailerssuch as Target and the theftThe additions build on theexisting CloudLinkSecureVSA and provideAFORE customers withflexibility to layer encryptionat multiple points of the cloudcomputing stack withstorage, virtual machine, fileand application levelsolutions deployed andmanaged from a commonframework.of millions of customers’private information serve asa strong reminder thatdatabase networks are highlysusceptible to attacks. DBNetworks’ intelligent securityvirtual appliance deliversadvanced and Zero-DaySQL injection attackdetection. The IDS-6300v isthe industry’s first Core IDSas a virtual appliance thatcombines behavioral analysisand advanced continuousdatabase monitoring thatalerts of attacks anddatabase network behavioralanomalies in real-time.The solution, which enablessecurity as a serviceofferings, also addressesspecific compliancerequirements withinregulations such as PCIDSS, HIPAA, GLBA, andNIST spec 800-53.CloudLink integration withhypervisor and cloudplatforms enables ITpersonal to efficiently deploysecurity controls at all levelsof the infrastructure. The netimpact is better control, lowerTCO and improved businessagility to secure sensitivedata and embrace the cloudwith confidence.16

www.insecuremag.com17

Egnyte appoints newCSO, unveils securityroadmapunderstand how Egnyteplans to meet all of theirsecurity needs now and intothe future.”Identity relationshipmanagement market toexceed 50 billion by2020Egnyte formally introducedKris Lahiri as the company’snew CSO and unveiled hisFY14 security roadmap,which details the company’splans to raise the globalstandard for secure filesharing in the enterprise.Lahiri’s plans include addingkey security enhancementsand integrations for securedeployment options, dataprivacy and industrystandards.Lahiri’s 2014 securityroadmap focuses onenhancements andintegrations to provideEgnyte customers withsecure access to 100 percentof their business files fromany device, regardless ofwhere those files physicallyreside.“Egnyte is the only filesharing solution built from theground up to meet the needsof the enterprise,” said Lahiri.“As the market evolves, sodo the needs of ourcustomers, and nothing ismore vital to a business thanthe security of its mostvaluable asset - its businessdata. Combined with thevarying industry standards inwhich businesses arerequired to comply, weunderstand how crucial it isto share our roadmap withour customers so theywww.insecuremag.comForgeRock announced thatthe identity relationshipmanagement (IRM) market,focused on managingcustomer interactions acrossany device or environment,will exceed 50 billion by2020.This high growth markettrajectory reflects the growingneed for an effective IRMsolution as CIOs shiftinvestment from internalidentity projects focused on“keeping things out” tomassive external identityprojects focused onincreasing customerengagement and monetizingthose opportunities.Identity services must be inplace regardless of sector —retail, finance, insurance,healthcare, government,cloud service, education — inorder to extend businessreach via social, mobile,cloud, and the Internet ofThings.According to Cisco, anestimated 8.7 billion thingswere connected to theInternet in 2012, expecting togrow to 50 billion Internetconnected things by 2020.ForgeRock estimates thatevery Internet-connectedthing will require identityservices in order to makereal-time user accessdecisions based on context.As the Internet of Things(IoT) grows, ForgeRockexpects an increase in thenumber of applicationsserving each device, drivingan increase in identityrevenue per device —approximately 50 billion intotal opportunity.OpenID Foundationlaunches the OpenIDConnect StandardOpenID Connect is anefficient, straightforward wayfor applications to outsourcethe business of signing usersin to specialist identityservice operators, calledIdentity Providers (IdPs).Most importantly,applications still managetheir relationships with theircustomers but outsource theexpensive, high-risk businessof identity verification tothose better equipped toprofessionally manage it.It has been implementedworldwide by Internet andmobile companies, includingGoogle, Microsoft, DeutscheTelekom, salesforce.com,Ping Identity, NomuraResearch Institute, mobilenetwork operators, and othercompanies andorganizations. It will be builtinto commercial products andimplemented in open-sourcelibraries for globaldeployment.18

Qualys introducesContinuous Monitoringcloud serviceThis new service allowscompanies to continuouslymonitor:Qualys introducedContinuous Monitoring, themost recent addition to itsQualysGuard Cloud Platform.Hosts and devices exposedto the Internet – to seewhenever systems appear,disappear, or are runningunexpected operatingsystems.This new offering givesorganizations the ability toproactively identify threatsand unexpected changes inInternet-facing devices withintheir DMZ, cloud-basedenvironments, and webapplications before they arebreached by attackers.It brings a new paradigm tovulnerability management,empowering customers tocontinuously monitormission-critical assetsthroughout their perimeterand immediately get alertedto anomalies that couldexpose them to cyberattacks.www.insecuremag.comDigital certificates – to trackSSL certificates used onsystems to know if they areweak or self-signed, andwhen they’re due to expire.Ports and services open oneach system – to keep tabson which network ports areopen, which protocols areused, and whether theychange over time.Vulnerabilities on hosts orapplications – to know whenvulnerabilities appear (orreappear), whether they canbe exploited, and if patchesare available.Applications installed onperimeter systems – to findout when applicationsoftware gets installed orremoved from thesesystems.Enterprise-level UTMfor home and smallofficesWatchGuard Technologiesannounced the WatchGuardFirebox T10 UTM solution, anetwork security appliancethat allows enterprises toextend powerful networksecurity to SOHOenvironments.It features WatchGuard'scloud-based RapidDeploycapability, which instantlyself-configures and beginsreporting back to theadministrator's centralconsole by simply plugging inthe appliance.20

www.insecuremag.com21

McAfee expandsComprehensive ThreatProtectionNew free onlinesoftware securitytraining coursesMcAfee announcedexpanded capabilities to find,freeze, and fix advancedthreats faster to win the fightagainst advanced andevasive targeted attacks.The solution tightly binds andshares threat intelligence andworkflows across endpoints,network and the cloud. Itprovides protection,performance, and operationalsavings that are not possiblefrom point products, whicharen’t designed to optimizesecurity and riskmanagement as an ITfunction and carry theoverhead of manualintegrations.Quickly identify andact on endpointsecurity issuesPromisec announced plansfor Promisec Integrity, aseries of cloud-basedofferings to help small-tomedium enterpriseorganizations with endpointsecurity and remediation.“Promisec Integrity is like a‘don’t panic’ button that canquickly provide peace ofmind—and a course of action—for small-to-mediumenterprises that must getahead of the latest threatsbefore they negatively impactcorporate IP, operationalefficiency and, ultimately,brand trust and profitability,”said Dan Ross, CEO,Promisec.www.insecuremag.comSAFECode, a non-profitorganization working toincrease trust in technologyproducts and servicesthrough the advancement ofeffective software assurancemethods, announced that ithas released new softwaresecurity training courses aspart of its online SecurityEngineering Training bySAFECode program.Security Engineering Trainingby SAFECode is an onlinecommunity resource offeringfree security training coursesdelivered via on-demandwebcasts. Covering issuesfrom preventing SQLinjection to avoiding crosssite request forgery, thecourses are designed to beused as building blocks forthose looking to create an inhouse training program fortheir product developmentteams, as well as individualsinterested in enhancing theirskills.Android, iOS solutionreveals data-leakingappsUnlike traditional mobilesecurity apps, which utilize adatabase of known maliciousapps to screen for virusesand malware, viaProtectmonitors all apps for mobilerisks. For instance,viaProtect can detect if anapp handles your personaldata insecurely bytransmitting it unencrypted orto servers located overseas.viaForensics estimates thatas many as 75 percent ofapps are “leaky”, or insecure.viaProtect gathers mobileforensic, system, network,security and sensor datafrom devices, then utilizesstatistical analysis and riskindicators to detectsuspicious events orbehavior.Nearly half ofcompanies assumethey have beencompromisedA majority of organizationsare operating under theassumption that their networkhas already beencompromised, or will be,according to a surveyconducted by the SANSInstitute on behalf ofGuidance Software.SANS surveyed 948 ITSecurity professionals in theUnited States to determinehow they monitor, assess,protect and investigate theirendpoints, including servers.The survey resultsdemonstrated that more andmore attacks are bypassingperimeter security, despitethe fact that the respondentsdo not consider the attacks tobe sophisticated. Surveyrespondents indicated thedesire for more visibility intomore types of data andprocesses acrossorganizational endpoints asintruders evade perimeterdefenses.22

Cyber crooks will goafter medical recordsnextAs security firms and lawenforcement agenciescontinue to cooperate andsuccessfully take downbotnets, cyber crooks will beforced to look for new andmore lucrative targets, andespecially ones that arepoorly secured.In a panel held at RSAConference, the Microsoft/Agari team behind theCitadel botnet takedown saidthat these new targets willlikely be in the healthcareindustry.After explaining just how theywent about effecting thetakedown, they explained thereasoning behind their beliefthat healthcare IT systemsand hospital databases arenext in line for databreaches. Agari CEO PatrickPeterson shared that theprice of medical recordsbelonging to a single personmight fetch around 60, whilea single credit card record isworth a couple of dollars inthe underground markets.He also pointed out thatamong the industriestargeted so far, financialorganizations and socialnetworks have worked hardon protecting theircustomers, and have madecybercriminals' attemptswww.insecuremag.commore difficult and, therefore,more costly. On the otherhand, the majority of thehealthcare industry has notfollowed suit.In addition to all this, medicalrecords give crooks muchvaluable information about atarget that can be misusedfor mounting effective socialengineering attacks, notedRichard Boscovich, assistantgeneral counsel with theMicrosoft Digital Crimes Unit.apps in use by employeesthan ever before, 44 percentof those surveyed said theircompany doesn’t have acloud app policy in place.Furthermore, 17 percent ofemployees are unaware iftheir company has a policy.Webroot delivers APTprotection forenterprises44% of companiesdon’t have a cloud apppolicy in placeAfter interviewing 120 RSAConference attendees,Netskope announced theresults of the survey oninformation securityprofessionals’ use of cloudapps.Despite widespread adoptionof cloud apps in theenterprise, most IT securityprofessionals are eitherunaware of their company’scloud app policy or don’thave one. In the absence ofcloud app policies, more thantwo-thirds of attendeessurveyed said they wouldconsider their company’sprivacy policy beforedownloading an app.As cloud apps proliferate inthe enterprise, the securityand privacy risks associatedwith use of these apps atwork is on the rise. Accordingto the recent Netskope CloudReport, the typical enterpriseis using 397 apps, or asmuch as 10 times thenumber that IT typically haswithin its purview. Althoughenterprises have more cloudWebroot announced therelease of BrightCloudSecurity Services andBreachLogic Endpoint Agent,two cloud-based securityofferings designed to helpenterprises address theexplosive growth andincreasing sophistication ofonline threats, particularlytargeted attacks such asspear phishing and APTs.BrightCloud SecurityServices redefine onlinethreat intelligence. The suiteof cloud-based services,powered by a self-learningthreat analysis platform thatcontinuously scans theinternet, is designed to helpenterprises and OEMtechnology partnersstrengthen their securitytechnology with accurate andactionable threat intelligence.The enhanced suite includesa new File ReputationService and an enrichedcontextual database thatcorrelates previouslydisparate security datapoints.24

www.insecuremag.com25

Free tool helps fend offmost cyber attacksQualys announced that ithas collaborated with theSANS Institute and theCouncil on CyberSecurity torelease a new free tool tohelp organizations implementthe Top 4 Critical SecurityControls to fend off attacks.The new tool helpsorganizations quicklydetermine if the PCs in theirenvironments have properlyimplemented the Top 4Critical Security Controls,which the Council onCyberSecurity estimates canhelp companies prevent 85%of cyber-attacks."The Qualys Top 4 tool is anextremely elegant andeffective solution that helpsboth small and largebusinesses determine howresilient they are to today'sadvanced threats,” saidJonathan Trull, CISO for theState of Colorado. “This isexactly the type of publicprivate partnership ourcountry needs to address thecyber attacks threatening oureconomy and criticalinfrastructure."Built on the QualysGuardCloud Platform, the new Top4 cloud service helpsbusinesses easily andquickly identify whetherWindows PCs in theirenvironments havewww.insecuremag.comimplemented the Top 4controls for:1. Application Whitelisting –only allowing appr

Brian Honan is an independent security consultant based in Dublin, Ireland, and is the founder and head of IRISSCERT, Ireland's first CERT. He is a Special Advisor to the Europol Cybercrime Centre, an adjunct lec- . Qualys releases Web Application Firewall Qualys announced the availabilit