WIXLIB

RSA Conference named Waratek most innovative new company.Marking the 10-year anniversary of InnovationSandbox Contest since the event launched atRSA Conference 2005 as Innovation Station,Waratek was selected from a group of 10 finalists.In a first for the event, acknowledging thecompetitiveness of this year’s field, Ticto wasalso named as the runner up. The annual conference competition is a half-day program during which up-and-coming startups grab thespotlight and demonstrate groundbreaking security technologies to the broader RSA Conference community. Past winners includeSourcefire, Imperva, and, most recently,RedOwl Analytics.Waratek won the award based on its ability toclearly demonstrate strengths in addressingthe market’s need for better application protection against sophisticated attacks withouthaving to install network devices, make codechanges or greatly impact performance.www.insecuremag.com“This is a huge honor and award for theWaratek team,” said Anand Chavan, co-CTOof Waratek. “We were not anticipating thislevel of competition and every company thatpresented here is doing great things. It feelsgreat to have this panel of judges validate ourapproach to this challenging security issue.”“RSA Conference has always been dedicatedto encouraging the discussion of new ideasand providing support for groundbreaking information security technologies that push theindustry forward. It proved that once again, asInnovation Sandbox Contest’s 10 finalistsshowcased some of the most innovative security solutions,” said Sandra Toms, vice president and curator of RSA Conference.“Coming out on top, Waratek demonstratedthat they were the most innovative new company by highlighting the need for their uniqueapproach to application security.”16

New cloud securitycertification from(ISC)2 and CSA(ISC)2 and the CSAannounced the new CertifiedCloud Security Professional(CCSP) certification. TheCCSP represents theadvanced skills required tosecure the cloud, whileestablishing an internationalstandard for professionallevel knowledge in thedesign, implementation andmanagement of cloudenvironments.CSA’s CCSK provides anindicator of baseline cloudsecurity knowledgeappropriate for almost any ITposition. The CCSPcredential builds upon manyof the areas covered byCCSK in order to providedeeper knowledge derivedfrom hands-on informationsecurity and cloud computingexperience. It validatespractical know-how skillsapplicable to thoseprofessionals whose day-today responsibilities involvecloud security architecture,design, operations andservice orchestration.The CCSP credential isintended for professionalswho are heavily involved incloud security via roles thatare accountable forprotecting enterprisearchitectures.To attain CCSP, applicantsmust have a minimum of fiveyears of experience in IT, ofwhich three must be ininformation security and oneyear in cloud computing.www.insecuremag.comQualys takes steptowards completeautomation of web appsecurityresolution, as well ascustomization of securityrules tailored for theorganization’s environment.This helps customers tunesecurity policies, removefalse positives, and easilycustomize WAF securityrules for web applications.The portable securedesktop: tVolution MiniQualys announced QualysWeb Application Firewall(WAF) version 2.0 thatcomes fully integrated withthe Qualys Web ApplicationScanning solution (WAS).The new release includesvirtual patching capabilities toenable organizations to finetune security policies,remove false positives andcustomize rules leveragingvulnerability data from theQualys WAS.Becrypt launched tVolutionMini. The device is smallerthan a mobile phone, but hasthe power of a PC, andtransforms a monitor or TVinto a smart device forsecurely accessing corporateapplications and data.Qualys WAF also includescustomizable eventresponse, helping customersevaluate and createexceptions to web events tobetter prioritize and mitigatevulnerabilities, making it oneof the first end-to-end webapplication security servicesto combine WAF securityrules and policies with WASdata to address webapplication security threats.Although it looks like a USBstick or credit card, tVolutionMini is a PC in its own right,which means it doesn’t relyon another device’soperating making it moresecure. It enablesorganizations to provide staffor partners with a low costcomputer to access acorporate network securely,protecting the systems fromthe risk of malware inherentwith users accessingcorporate resources fromhome or unmanaged PCs.As hackers continue to findnew ways to penetrate webapplications, WAFs candetect, alert and block knownattacks. With the latestversion of Qualys WAF, userscan now create “virtualpatch” rules in directresponse to their QualysWAS findings, to enablerapid false positiveRequiring less than 5 Wattsof power, tVolution Mini is anexceptionally low powerconsuming device that canhelp your organization toreduce power usage, whilestill retaining full functionalityfor users.18

www.insecuremag.com19

Use of encryptioncontinues to riseThe use of encryptioncontinues to grow inresponse to consumerconcerns, privacycompliance regulations andon-going cyber-attacks andyet there are still majorchallenges in managing keyacross what are the mostlyfragmented and tacticaldeployments of encryptiontechnologies, say the resultof Thales' 2015 GlobalEncryption and KeyManagement Trends Study.“Encryption usage continuesto be a clear indicator of astrong security posture butthere appears to beemerging evidence thatconcerns over keymanagement are becoming abarrier to its morewidespread adoption,"commented Dr LarryPonemon, chairman of ThePonemon Institute. "In thisstudy we drilled down intothe issue of key managementand found it continues to bea huge operationalchallenge. What is clear isthat many organizations lackformal ownership andaccountability when it comesto key management which isvery concerning when youconsider the value of thedata being protected andoperational implications oflosing or mismanaging keys.”Automated protectionof enterprise email,docs and dataTITUS launched TITUSClassification Suite 4, asignificant new release of itsflagship data identificationwww.insecuremag.comand information protectionsuite. Already in use by theFrench Ministry of Defenseand others, the new solutionuses content and context toautomatically classify andprotect information as it ishandled by users, and allowsmanual and guidedclassification for flexibilityand user engagement. Finegrained policy control andcomprehensive metadatacapture also leveragesoverall security investment,improves data managementand increases regulatorycompliance.The suite offers a newflexible policy engine that canapply complex rules toprotect information withoutgetting in the way ofbusiness process or requiringusers to remember securitypolicies. Administrators canset up policies to, forexample: classify email based onrecipients protect email based on thecontent or classification ofattachments classify and protectdocuments based oncontent, filename or location prevent printing of sensitivedocuments on non-secureprinters.Customizable, easy-to-usealerts warn users of specialinformation handlingconditions or possibleimpending security violations.The suite also integrates withDLP solutions, allowingenterprises to optimizesecurity policy, focus on highrisk areas, and captureretention-related metadatafor informed archiving ordeletion. New integrationcapabilities, such as with theIntel Security Data ExchangeLayer (DXL), will alloworganizations to enhancetheir behavioral analytics andreporting capabilities, whichcan help them uncovermalicious insider threats.Gemalto's solutionschallenge today’ssecurity thinkingIncreasingly moreapplications, data andservices are being built,managed and stored bothinside and outside of theenterprise and accessed byindividuals anytime,anywhere, and from anydevice. The disappearanceof a defined perimeter hascreated complexity forsecurity professionals thathas been compounded evenfurther by threats becomingmore sophisticated.Gemalto's SafeNet Identityand Data Protection solutionshelp customers tackle theperimeterless enterprise and"Secure the Breach" with adata-centric approach to theprotection and control of theirsensitive information, fromthe core of the network to itsfurthest edge.From the physical and virtualdata center, Gemalto'sSafeNet data encryptionsolutions help organizationsremain protected, compliant,and in control with offeringsthat secure sensitiveinformation in applications(ProtectApp), cloudenvironments (ProtectV),databases (ProtectDB),network drives and fileservers (ProtectFile), storagesystems (StorageSecure),and in motion (High-SpeedNetwork Encryption).21

Apple Watch app formanaging threatintelligence on-the-goThreatStream announcedthe first iOS threatintelligence app for the AppleWatch. The app, which isalso available for the iPhoneand iPad, provides fullaccess to the ThreatStreamOptic threat intelligenceplatform dashboard anddisplays, and enables usersto take action with a simpleEarly-warning-as-aservice for extendedenterprise networksNorse introduced the NorseIntelligence Service, a fusionof automated and humanthreat monitoring andanalysis that offers “earlywarning as-a-service” for thevery large extendedenterprise networks.The Norse IntelligenceService helps Fortune 500companies and governmentorganizations address this bycombining a globallywww.insecuremag.comtap of the screen or voicecommand.The iOS app will enable SOCanalysts to receive andrespond to threat alertstriggered by the Opticplatform regardless of wherethey are. Users of the appcan receive notifications andalerts in real-time,untethering from the displaysof their security controlswithout jeopardizing theirability to see and respond tothreats immediately.distributed network of attacksensors — the NorseIntelligence Network — withautomated actuarial-basedrisk scoring and scalable, ondemand human intelligenceanalyst expertise.Cyphort combines APTdetection with lateralmovementCyphort announced theavailability of CyphortAdvanced Threat DefensePlatform 3.3, which includesmalware lateral movementdetection, the ability tocombine advanced targetedThreatStream Optic is thefirst threat intelligenceplatform that manages theentire life-cycle of threatintelligence, from multisource acquisition tooperational integrationacross the entire eco-systemof existing security devices.Optic enables enterprisesand governmentorganizations to seamlesslyaggregate and analyze threatintelligence and automaticallyintegrate the information intotheir security infrastructureand controls.attacks and APT detectionwith lateral movement.Cyphort combines theinspection of internalenterprise traffic with theinnovative behavioralanalysis array of sandboxesand machine learninganalytics currently protectingenterprises from internetbased threats. This approachresults in a clear picture ofthe impact and spread ofadvanced attacks whileminimizing the false positivesand false negatives.23

www.insecuremag.com24

Simplified VPN, webaccess for authorizedusers via pushnotificationEntrust Datacard introduceda new push authenticationcapability in its EntrustIdentityGuard Mobileplatform that allowsauthorized users to moreeasily and securely accessVPNs and websites with theirmobile phones or tablets.Instead of introducinganother easily misplaced orforgotten hardware token,introducing complexpasswords or series ofHow attackers exploitend-users' psychologyProofpoint released theresults of its annual studythat details the waysattackers exploit end-users'psychology to circumvent ITsecurity. Key findingsinclude:Every organization clicks. Onaverage, users click one ofwww.insecuremag.comsecurity questions, the newIdentityGuard Mobile pushauthentication sets up asecure session using amobile device by instantlypushing alerts to the users toverify login right as theyaccess their VPN network.With a simple “OK”acknowledgement from theuser, the VPN or websiteaccess is securelyestablished – making it muchfaster and more convenientto authenticate users andsecure the connection.“Due to the changing threatlandscape, addressingregulatory compliance andbreach threats meansevery 25 maliciousmessages delivered. Noorganization observed wasable to eliminate clicking onmalicious links.Middle management is abigger target. Representing amarked change from 2013when managers were lessfrequently targeted bymalicious emails, in 2014managers effectively doubledtheir click rates compared tothe previous year.Additionally, managers andstaff clicked on links inmalicious messages twotimes more frequently thanexecutives.Sales, Finance andProcurement are the worstoffenders. Sales, Financeand Procurement (Supplycompanies need tocontinuously secureemployee access tocompany networks andapplications – especially asthe workplace becomes moremobile and ubiquitous,” saidDavid Rockvam, vicepresident of productmanagement for EntrustDatacard. “It only makessense that authenticationsolutions align with that newreality. At Entrust Datacard,we are transforming mobiledevices into secure, simpleto use, always in handauthenticators to ensure datais protected for businessesand people.”Chain) were the worstoffenders when it came toclicking links in maliciousmessages, clicking on linksin malicious messages 50-80percent more frequently thanthe average departmentalclick rate.Clicks happen fast.Organizations no longer haveweeks or even days to findand stop malicious emailsbecause attackers are luringtwo-out-of-three end usersinto clicking on the first day,and by the end of the firstweek, 96 percent of all clickshave occurred. In 2013, only39 percent of emails wereclicked in the first 24 hours;however, in 2014 thatnumber increased to 66percent.25

Lack of skilled infosecpros creates high-riskenvironments82 percent of organizationsexpect to be attacked in2015, but they are relying ona talent pool they view aslargely unqualified andunable to handle complexthreats or understand theirbusiness. 35 percent areunable to fill open positions.Based on a global survey of649 cybersecurity and ITmanagers or practitioners,the ISACA and RSAConference study showsthat 77 percent of thosepolled experienced anincrease in attacks in 2014and 82 percent view it aslikely or very likely that theirenterprise will be attacked in2015. At the same time,these organizations arecoping with a very shallowtalent pool. Only 16 percentfeel at least half of theirapplicants are qualified, and53 percent say it can take aslong as six months to find aqualified candidate.Evasive malware goesmainstreamLastline Labs conductedanalysis of hundreds ofthousands of malwaresamples collected in 2014.Dr. Christopher Kruegel,Chief Scientist at Lastlinetold (IN)SECURE: "OurLastline Labs report showsthat evasive malware,custom-engineered to eludetraditional sandboxes, hasgone from niche tomainstream. At the sametime, signature-based AVscanners becamewww.insecuremag.comconsiderably worse atdetecting the 1% leastdetected malware over thepast year. This indicates thatboth first generation sandboxsolutions and signaturebased AV systems aren't ableto adapt to new advancedand evasive threats."Individual malware samplesare including more evasivebehaviors, often using acombination of 500 evasivebehaviors. While a year agoonly a small fraction ofmalware showed any signsof evasion, today a sizeableportion is evasive. And whileevasive malware a year agotended to leverage at mosttwo or three evasive tricks,much of today’s evasivemalware is tailored to bypassdetection using as many as10 or more differenttechniques.Protecting identitiesfrom the endpoint tothe cloudRSA launched the RSA Viafamily of Smart Identitysolutions, engineered tocombine authentication,identity and accessmanagement, and identitygovernance silos into oneunified solution that allowsdynamic, end-to-end identitymanagement across diversesystems and users. Thenewest offering under theRSA Via family is RSA ViaAccess, a SaaS-basedsolution that is designed toallow users to more easilyand securely authenticatethemselves by takingadvantage of multipleconvenient authenticationmethods resident within theirinto mobile devices.Network discovery andvisibility for massiveenterprise networksAuconet unveiled its newEnterprise SecurityFoundation (ESF) thatfortifies security for bothpartners and enterprises.ESF provides third-partyapplications with Auconet'snetwork asset discovery andvisibility engine thatunderpins security solutionswith granular, real-time dataon every device, link,endpoint, and port.The addition of this data onthe network infrastructuresubstantially enrichessecurity tools with its singlesource-of-truth about allnetwork assets, enablingdeeper and broaderenterprise security.SecureDoc Cloudremoves securityconcerns related tocloud file sharingWinMagic introducedsecurity software thatencrypts and manages howfiles are shared via cloud filesharing services such asDropbox or Box.SecureDoc Cloud leveragesWinMagic’s endpoint-focusedkey management capability;by giving full rights ofencryption keys to theenterprise, the need for filesharing passwords whencombined with pre-bootauthentication is eliminatedand a user’s encryptionexperience is completelytransparent.27

www.insecuremag.com29

Cloud agent platformfor continuous IT assetinventory, security andcomplianceover 4,000 clients around theworld. IBM Security experts,located in ten global SOCs,are available on demand24x7.Qualys announced thelaunch of Qualys CloudAgent Platform (CAP), whichextends Qualys’ CloudSecurity and CompliancePlatform with lightweightagents to continuouslyassess security andcompliance of organizations’global IT infrastructure andapplications.Barracuda makes itsNG Firewallmanageable via iOSappThe Qualys Cloud Agentcombines the power of itsCloud Platform withlightweight agents that areextensible, centrallymanaged and self-updating,and provides organizationswith a flexible solution toassess and address thesecurity and compliance oftheir IT assets in real time,whether on-premise, cloudbased o

a Layer 3 Hardware Security Module (HSM) with application specific code-signing or document-signing functionality to simplify and improve the process of generating, managing and protecting digital signatures. The appliance is configurable in one of two signing modes: software code or digital documents. As a code-signing appliance, it enables