STE WILLIAMS

5 ways to prepare your advertising infrastructure for disaster

Apple has joined Facebook, Google, Microsoft, Twitter, and Yahoo!’s transparency club, releasing a detailed report on the numbers and types of requests for personal records it has received from law enforcement and government agencies around the world.

“We have reported all the information we are legally allowed to share,” the report, issued Tuesday, states, “and Apple will continue to advocate for greater transparency about the requests we receive.”

The report’s Account Information Requests table, below (click to make readable), lists the exact number of requests received, acted upon, and other details from the 31 countries from which Apple received such requests. “Some countries are not listed in this report,” a note reads, “because Apple has not received any information requests from the government there.”

Among the 31, only one country disallows companies from revealing the exact number of requests. Yes, you guessed right: the good ol’ U.S. of A.

“At the time of this report,” Apple notes, “the U.S. government does not allow Apple to disclose, except in broad ranges, the number of national security orders, the number of accounts affected by the orders, or whether content, such as emails, was disclosed. We strongly oppose this gag order, and Apple has made the case for relief from these restrictions in meetings and discussions with the White House, the U.S. Attorney General, congressional leaders, and the courts.”

Account requests, Apple says, commonly involve law enforcement asking for information regarding robberies or other crimes, as well as searches for missing persons or kidnapping victims.

“In very rare cases,” the report says about account requests, “we are asked to provide stored photos or email. We consider these requests very carefully and only provide account content in extremely limited circumstances.”

In the report, Apple manages the somewhat contortionistic feat of simultaneously patting itself on the back while sticking its thumbs in the eyes of such companies as Google, Facebook, Twitter, and the like. After saying that the privacy of their customers is “a consideration from the earliest stages of design for all our products and services” and that they “work hard to deliver the most secure hardware and software in the world,” the thumbs comes out:

Perhaps most important, our business does not depend on collecting personal data. We have no interest in amassing personal information about our customers. We protect personal conversations by providing end-to-end encryption over iMessage and FaceTime. We do not store location data, Maps searches, or Siri requests in any identifiable form. … Unlike many other companies dealing with requests for customer data from government agencies, Apple’s main business is not about collecting information.

In addition to the information on requests for account information, Apple also provides details on device requests, of which they say “the vast majority” relate to lost or stolen devices. “These types of requests frequently arise when our customers ask the police to assist them with a lost or stolen iPhone, or when law enforcement has recovered a shipment of stolen devices.”

Apple also notes that it has never received an order to release information under Section 215 of the USA PATRIOT* Act.

That section, under challenge by such civil liberties organizations as the EFF and the ACLU, allows the FBI – and who knows what other federal authorities – to obtain secret clearance from the FISA court to obtain information from a company about you and your activities, ostensibly to “to protect against international terrorism or clandestine intelligence activities.” The company must hand over that info to the investigators under a gag order that prevents them from ever informing you+world+dog that they even received the order.

“We would expect to challenge such an order if served on us,” Apple says. However, we may never know whether or not they were so served, or if they challenged such an order. Section 215 remains the law of the the land here in the good ol’ U.S. of A. ®

Bootnote

* Do know that the USA PATRIOT Act is so capitalized because its common name is an acronym for its full name: the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001.

Free Regcast : Managing Multi-Vendor Devices with System Centre 2012

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/11/05/apple_transparency_report_sticks_thumb_in_eyes_of_google_facebook/

The FBI announced today the addition of five individuals to its Cyber’s Most Wanted and is seeking information from the public regarding their whereabouts. They are Farhan Arshad and Noor Aziz Uddin; Carlos Perez-Melara; Andrey Nabilevich Taame; and Alexsey Belan. Rewards ranging from up to $50,000 to $100,000 are being offered for information that leads to their arrest.

“The FBI will not stand by and watch our cyber adversaries attack our networks; we will track down and arrest individuals who have made it their mission to spy on and steal from our nation and citizens,” said Richard McFeely, executive assistant director of the Criminal, Cyber, Response, and Services Branch. “Because cyber crime knows no boundaries, cyber criminals think they can hide overseas. But we are using our international partnerships and the publicity generated by our Cyber’s Most Wanted to ferret them out.”

Fugitives Farhan Arshad and Noor Aziz Uddin are wanted for their alleged involvement in an international telecommunications scheme and hacking venture to defraud individuals, telecom companies, and government entities in the United States and abroad, resulting in losses exceeding $50 million. It is alleged that between 2008 and 2012, Arshad and Uddin gained unauthorized access to business telephone systems and used those systems to initiate long-distance telephone calls to premium rate numbers through a scheme known as international revenue share fraud. The conspiracy caused the owners of the compromised telephone systems to be billed for services they neither ordered nor desired. Arshad and Uddin are part of an international criminal ring that the FBI believes extends into Pakistan, the Philippines, Saudi Arabia, Switzerland, Spain, Singapore, Italy, Malaysia, and other locations.

Arshad and Uddin were indicted for unauthorized access to a protected computer; conspiracy to gain unauthorized access to a protected computer; wire fraud; conspiracy to commit wire fraud; and identity theft.

Carlos Perez-Melara is wanted for his alleged involvement in manufacturing software that was used to intercept the private communications of hundreds, if not thousands, of victims around September 2003. As part of the scheme, Perez-Melara ran a website offering customers a way to “catch a cheating lover” by sending “spyware” disguised as an electronic greeting card. Victims who opened the card unwittingly installed a program that collected keystrokes and other incoming and outgoing electronic communications. The programs, created by Perez-Melara and known as “Lover Spy” and “e-mail PI,” would periodically send e-mail messages to his customers, allowing them to obtain passwords, lists of visited websites, and intercepted e-mail messages of the intended victims.

Perez-Melara was indicted for manufacturing a surreptitious interception device; sending a surreptitious interception device; advertising a surreptitious interception device; advertising and promoting the surreptitious use of an interception device; intercepting electronic communications; disclosing electronic communications; and unauthorized access to a protected computer for financial gain.

The FBI is seeking Andrey Nabilevich Taame for his alleged involvement in Operation Ghost Click, a scheme that infected more than four million computers located in more than 100 countries from approximately 2007 to October 2011. At least 500,000 victims were in the United States. The scheme involved changing a computer’s Domain Name System (DNS) settings. The DNS serves as a phone book for the Internet by translating domain names, such as www.fbi.gov, into Internet protocol (IP) addresses, thus allowing Internet traffic to be routed to the correct destination. As part of the scheme, Taame and six other individuals–who have since been arrested–used software that changed the victims’ computers’ DNS settings, therefore redirecting users’ legitimate Internet traffic to websites users did not intend to visit. This allowed Taame and his co-conspirators to hijack Internet traffic to commit online advertising fraud by diverting traffic from websites with no commercial relationship to websites that pay for online hits.

Taame was indicted for wire fraud; unauthorized access to a protected computer; and conspiracy to commit both offenses.

Alexsey Alekseyevich Belan is wanted for his alleged involvement in the unauthorized taking of data from three U.S.-based companies in 2012 and 2013. It is believed Belan remotely accessed the victim companies’ computer networks without authorization and thereby obtained information for the purposes of commercial advantage and private financial gain. Belan is also alleged to have knowingly possessed and used, without lawful authority, means of identification belonging to employees of the companies during and in relation to his unauthorized taking of the company data.

Belan was indicted for obtaining information from a protected computer; possession of 15 or more unauthorized access devices; and aggravated identity theft.

Article source: http://www.darkreading.com/fbi-seeks-information-regarding-several/240163566

Targeted attacks exploiting a zero-day flaw in the Microsoft Graphics component have been spotted in the wild hitting victims in the Middle East and South Asia.

Microsoft says the newly discovered remote code execution vulnerability, CVE-2013-3096, can be exploited via a malformed TIFF image. “Microsoft is investigating private reports of a vulnerability in the Microsoft Graphics component that affects Microsoft Windows, Microsoft Office, and Microsoft Lync. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability in Microsoft Office products,” the software company said in a security advisory issued today.

Bad guys can exploit the flaw that affects Windows, Office, and Lync by luring a victim into previewing or opening an email with a malicious file attachment or to visit a malicious URL. The end game is that the attacker can take over the machine. Microsoft has released a temporary Fix it patch for protection against attacks until it either issues a patch via its Patch Tuesday schedule or an out-of-band update.

“An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights,” Microsoft says.

Microsoft says in the current attacks, the exploit requires a user to open the malicious Word attachment, which exploits the bug using a malicious TIFF image embedded in the document. The attack appears sophisticated in that it bypasses Microsoft’s Data Execution Prevention and Address Space Layout Randomization mitigation defenses.

The flaw is in how Windows, Office, and Lync improperly handle “specially crafted” TIFF files, Microsoft says.

Users can install the temporary Fix it tool that blocks the attack, or employ Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), which can stop the attack, Elia Florio with Microsoft’s Security Response Center engineering group said in a blog post today.

“The attacks observed are very limited and carefully carried out against selected computers, largely in the Middle East and South Asia,” Florio wrote.

Wolfgang Kandek, CTO of Qualys, says the Fix it turns off TIFF rendering in the graphics library. “The listed software packages are not vulnerable under all conditions, so it is important that you take a look at your installed base and your possible exposure for the next couple of weeks into December,” he advised in a blog post today. “Given the close date of the next Patch Tuesday for November, we don’t believe that we can count on a patch arriving in time; we will probably have to wait until December, which makes your planning for a work-around even more important.”

Microsoft’s full security advisory on the new zero-day is here.

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/attacks-breaches/microsoft-warns-of-zero-day-attacks-expl/240163570

Lee, MA–November 5, 2013 –Wave Systems Corp. (NASDAQ: WAVX) announced today it is offering complete management of self-encrypting solid-state drives (SSDs) to deliver stronger security and data protection to the enterprise. The drives, which are part of the Intel Solid-State Drive Professional Family, support the Trusted Computing Group (TCG)’s industry-standard Opal specification.

The Intel SSD Professional Family helps increase employee productivity with power-efficient performance, reduced wait times and faster data delivery. New small form factors help ensure enterprise-grade storage capabilities designed for use in the latest Ultrabooktrade and 2 in 1 designs.

To meet the needs of enterprise IT departments required to protect sensitive data from unauthorized access, the Intel SSD Pro 1500 Series offers improved security and manageability when paired with Intel vProtrade technology using Wave’s management suite which includes the EMBASSY Remote Administration Server and Wave Cloud 2014. Wave Cloud 2014 is the only cloud-managed solution for SEDs on the market today.

Wave enables pre-boot authentication to the drive, automated user enrollment, drive locking, emergency access, crypto-erase, policy enforcement and remote management. Detailed event logs offer independent verification that information on a drive is protected should a device become lost or stolen–essential for compliance.

“Intel has made guarding sensitive data a top priority with the release of its new Pro 1500 Series, which combines the usability benefits of solid-state technology with the unmatched security and performance benefits of an Opal drive,” said Wave CEO Bill Solms. “We’re honored to have worked with Intel early on to validate that our software can provide scalable, world-class management of these devices from the cloud to the enterprise. The result is an offering that brings customers no-compromise security, no-compromise performance, and no-compromise management.”

Intel’s release marks an important step forward in the adoption of the Opal TCG standard, which serves as a blueprint for embedding encryption into the device while ensuring interoperability.

“Data security is top-of-mind for IT departments and the Intel SSD Pro 1500 Series provides organizations with the added assurance their most sensitive data is protected,” said Rob Crooke, Intel Corporate vice president and general manager for the Intel Non-Volatile Memory Solutions Group. “In addition to delivering security through self-encryption, the Pro 1500 Series enables flexibility through power-efficient performance. When combined with Wave’s expertise in trusted computing, we deliver a secure and reliable solution for today’s enterprise.”

Lenovo intends to make the SSD Pro 1500 Series available on selected models of T, W and X Series ThinkPads.

“Lenovo is committed to offering our ThinkPad and Ultrabook customers best-in-class security and performance,” said Jerry Fralick, chief security officer, Lenovo. “Intel has raised the bar with its Intel SSD Pro 1500 series, setting a new standard for performance, battery life, ease of use and security with Opal encryption. Wave’s software gives IT all it needs for a quick and painless deployment, minimizing the time to compliance.”

About Wave Systems

Wave Systems Corp. (NASDAQ: WAVX) reduces the complexity, cost and uncertainty of data protection by starting inside the device. Unlike other vendors who try to secure information by adding layers of software for security, Wave leverages the security capabilities built directly into endpoint computing platforms themselves. Wave has been a foremost expert on this growing trend, leading the way with first-to-market solutions and helping shape standards through its work as a board member for the Trusted Computing Group.

Article source: http://www.darkreading.com/management/intel-selects-wave-to-manage-new-solid-s/240163585

PORTLAND, OREGON –November 5, 2013 — Tripwire, Inc., a leading global provider of risk-based security and compliance management solutions, and RedSeal Networks, the leader in network infrastructure security management, today announced a technology partnership and integration. The partnership provides mutual customers with comprehensive threat and vulnerability risk management by unifying vulnerability information with the topological context of assets in the network and is part of Tripwire’s Technology Alliance Partner program (TAP). TAP allows a wide variety of vendors to collaborate with Tripwire on the delivery of innovative security solutions.

“We are proud to partner with RedSeal,” said Rod Murchison, vice president of product management and technology alliances for Tripwire. “We believe this integration is a perfect fit for customers that need to marry network topology and vulnerabiliy management in order to have a more comprehensive understanding of enterprise risk.”

Large complex networks require the implementation and management of thousands of access rules in routers, firewalls and other network infrastructure distributed across thousands of endpoints. This combination of rules, endpoints and vulnerabilities that the endpoints may possess, make enterprise risk management a complex practice. Manually determining which devices and rules are responsible for unwanted access can be both difficult and time consuming and may not always be possible. Unwanted open access paths can leave organizations open to cyberattack and allow intruders to gain access to critical data and systems.

“The integration of Tripwire IP360trade and RedSeal is extremely valuable as it maximizes support efficiency,” said James W. Sample, senior director and chief information security officer for Pacific Gas and Electric. “Using the combined information from these two solutions enables organizations to focus on the most immediate security risks and as a result improve overall security posture.”

The integration of Tripwire IP360 and the RedSeal platform provides comprehensive management of threat and vulnerability risks by unifying vulnerability information with the topological context of network assets. Tripwire IP360’s vulnerability management solution ensures uniform visibility, defense and ongoing management of an organization’s entire threat and vulnerability exposure. The combination of Tripwire IP360’s vulnerability and risk management solution with the RedSeal platform allows end users to visualize their network topology, validate end-to-end access routes, import vulnerability scan data to prioritize remediation efforts and continuously monitor and track changes to ensure ongoing compliance.

“Today’s enterprise networks are complex and ever-changing, making it extremely challenging to identify key points of attack risk on an on-going basis,” said Brandon Hoffman, senior director of business development, RedSeal Networks. “The partnership and integration between RedSeal and Tripwire combines two powerful technologies that provide customers with a new approach to understanding their risk and prioritizing remediation efforts in a meaningful and effective way.”

For more information about Tripwire’s technology alliance partner program please visit http://www.tripwire.com/company/partners/.

About RedSeal Networks

RedSeal Networks, is the leading provider of network infrastructure security management solutions that continuously provide network visualization and identify critical attack risk and non-compliance in complex security infrastructure. It provides network, security, and risk management teams with a firm understanding of where security is working, where investment is needed, and where greatest cyber-attack risks lie. This understanding, or “security intelligence,” enables organizations to allocate resources where needed most, embed best practice into daily operations, and take prioritized action where needed. The world’s largest government and commercial organizations use RedSeal security intelligence to build world-class operations that systematically reduce attack risk over time.

About Tripwire

Tripwire is a leading global provider of risk-based security and compliance management solutions, enabling enterprises, government agencies and service providers to effectively connect security to their business. Tripwire provides the broadest set of foundational security controls including security configuration management, vulnerability management, file integrity monitoring, log and event management. Tripwire solutions deliver unprecedented visibility, business context and security business intelligence allowing extended enterprises to protect sensitive data from breaches, vulnerabilities, and threats. Learn more at www.tripwire.com, get security news, trends and insights at http://www.tripwire.com/state-of-security/ or follow us on Twitter @TripwireInc.

Article source: http://www.darkreading.com/management/tripwire-announces-technology-partnershi/240163571

New York, NY — November 5, 2013 – In response to customer demand for additional cloud enablement and risk mitigation capabilities, Vaultive today announced support for persistent encryption of data stored and processed by major enterprise cloud applications, including Box Enterprise, Yammer, SharePoint Online, SkyDrive Pro, SAP SuccessFactors and Microsoft Dynamics CRM Online. The company also unveiled more extensive support for the Microsoft Office 365 Data Loss Prevention (DLP) and eDiscovery features released as part of the Wave 15 update, as well as administrative automation capabilities designed to streamline management.

“Revelations on surveillance and data mining programs like the NSA’s PRISM and MUSCULAR have highlighted the risks that companies must come to terms with when their data is stored and processed in the cloud. Whether it’s access to corporate data by the NSA or equivalent national security agencies outside of the US and other US federal agencies, or compliance with regulations that mandate data protection such as HIPAA, GLBA, PCI-DSS and others, businesses remain responsible for maintaining the privacy and confidentiality of their data. The shifting data residency landscape also poses a challenge for global businesses looking to leverage the benefits of cloud-based services,” said Elad Yoran, chairman and CEO, Vaultive. “By extending encryption-in-use capabilities to major cloud applications like Box and Yammer and ensuring the data owner retains the encryption keys, we’re empowering customers to maintain complete ownership and control of their data and comply with applicable laws.”

Maintaining Control of Data by Owning Encryption Keys

The Vaultive platform enables customers to take advantage of the flexibility and productivity benefits of cloud-based services, while ensuring that only authorized users can gain access to cloud data. Vaultive accomplishes this through persistent encryption of data-in-use, and by ensuring direct control of the encryption keys to its customers. As a result, any breach or disclosure at the cloud service provider will yield only encrypted, unintelligible gibberish. Any requests for data will then have to be redirected to the data owner who holds the encryption keys.

With this release, Vaultive is extending the reach of its groundbreaking encryption-in-use technology, empowering businesses to persistently encrypt data across the enterprise and in the cloud. New features of the Vaultive platform include:

Support for Major Cloud Applications: Vaultive now enables risk-conscious organizations to embrace collaboration platforms such as Box Enterprise, Yammer and SkyDrive Pro, as well as deploy Microsoft Dynamics CRM Online on a global basis by empowering customers to maintain ownership and control of their data no matter where it resides or is processed.

Vaultive Platform for SaaS: Vaultive’s gateway integrates a set of extensible configuration options to deliver support for additional SaaS applications such as SAP SuccessFactors, as well as cloud-based platforms such as SharePoint Online. The ability to further configure the Vaultive encryption engine for almost any cloud-based service allows organizations to implement encryption-in-use to protect data stored and processed in custom cloud applications.

Full Support for Data Loss Prevention and eDiscovery in Office 365: Vaultive now provides the ability to implement DLP and eDiscovery functionality on data while persistently encrypted in the Office 365 cloud. The Vaultive management console now also enables administrators to define their own classification rules based on keywords or regular expressions – extending the existing set of compliance templates provided by Microsoft.

Automated Provisioning and Encrypted Synchronization: Vaultive automates the provisioning and de-provisioning of changes to encrypted user groups, reducing the administrative overhead and ensuring consistent security and IT management operations. Administrative change processes are easily synchronized to the Vaultive gateway.

Comprehensive In-Box Rules: Businesses can now apply content-based rules for all clients including OWA and Outlook sessions, in addition to rules based on the sender and recipient, while all data remains encrypted at Office 365.

“Given the IT organization’s responsibility to protect the enterprise’s information assets, file sharing and transfers to uncontrolled locations represent a great and growing threat,” noted Gartner analysts Monica Basso and Jeffrey Mann in their February 2013 report, “MarketScope for Enterprise File Synchronization and Sharing.” “Many of today’s offerings do not fully meet enterprise control needs for security, compliance and management,” the analysts continued.

About Vaultive

For businesses moving to the cloud, Vaultive’s encryption-in-use technology mitigates risk by empowering companies with control and ownership of their data wherever it resides. Vaultive’s customers hold the encryption keys, letting them retain the freedom to use the cloud applications professionals rely on, while ensuring the governance and security that the business demands. Optimized for Microsoft Office 365 and integrated with major cloud applications, the Vaultive platform supports best practices for the control and ownership of corporate data in the cloud as outlined by the Cloud Security Alliance. Vaultive addresses the requirements of global enterprises in financial services, life sciences and pharma, legal and professional services, manufacturing, retail and media, while also offering a cost-effective solution for mid-size and smaller companies. For more information, visit www.vaultive.com or follow us on Twitter.

Article source: http://www.darkreading.com/authentication/vaultive-announces-extension-of-cloud-en/240163587

DALLAS, Nov. 5, 2013 /PRNewswire/ — Trend Micro Inc. (TYO: 4704; TSE: 4704) today announced a partnership with CSC (NYSE: CSC) to provide global threat intelligence through the Trend Micro(TM) Smart Protection Network(TM) infrastructure to keep corporate networks and data safe. In addition, CSC has been confirmed as a member of the Trend Ready for Cloud Service Providers Program to verify compatibility with Trend Micro solutions for its customers.

CSC will leverage these capabilities for cloud data, and threat detection and protection both internally and for its customer base in order to identify and mitigate cyber attacks.

“Working with an industry leader such as CSC reinforces the strength of our enterprise security offerings against the fast-evolving threat landscape,” said Partha Panda, vice president US channel sales, Trend Micro. “We understand that networks are under constant siege from advanced attacks and, through partnerships like this, we are prepared to combat current challenges as well as future vulnerabilities. CSC’s customers will benefit from this partnership so they can focus on running a successful business while keeping their data safe.”

The Trend Micro Smart Protection Network empowers enterprises with advanced intelligence about global threats to respond and react in real time with Deep Security and Deep Discovery for addressing sophisticated threats.

As a member of the Trend Ready for Cloud Service Providers Program, CSC has validated that its cloud infrastructure offerings can support and integrate with Trend Micro products to streamline deployment, integration and management for customers. With over 1,900 cybersecurity professionals and a global cybersecurity delivery network, CSC cybersecurity provides worldwide cybersecurity to commercial and public sector enterprises.

“As an independent cybersecurity provider, we offer our clients the best mix of technologies, delivered as a service,” said Samuel Visner, CSC vice president and general manager for cybersecurity. “Trend Micro products are part of our offerings portfolio, using the best cyber technologies on the market to help businesses and governments operate confidently in an uncertain cyber environment.”

About Trend Micro

Trend Micro Incorporated, a global leader in security software, rated number one in server security (IDC, 2013), strives to make the world safe for exchanging digital information. Built on 25 years of experience, our solutions for consumers, businesses and governments provide layered data security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem.

All of our solutions are powered by cloud-based global threat intelligence, the Trend Micro(TM) Smart Protection Network(TM) infrastructure, and are supported by over 1,200 threat experts around the globe. For more information, visit TrendMicro.com.

Article source: http://www.darkreading.com/vulnerability/trend-micro-and-csc-partner-to-protect-g/240163589

TACOMA, Wash. – November 5, 2013 – IID, securing the Internet with shared cyberintelligence, today announced it has raised $8 million in Series A funding from Bessemer Venture Partners (BVP). IID will use the investment to accommodate growing demand for its cyberintelligence collaboration platform, ActiveTrust, which is selectively available today. ActiveTrust enables enterprises and government agencies to combat the rising frequency and sophistication of cyberattacks by sharing cyber incident data in real time. The funding is the first ever institutional investment for IID, which is headquartered in Tacoma, Wash., and has 65 employees.

“This financing is important in helping IID scale and we’re enthusiastic about partnering with the BVP team, which brings unrivaled expertise founding and funding dozens of cloud-based security pioneers, such as VeriSign, Postini and LifeLock,” said IID Co-founder and CEO Lars Harvey. “I’m extremely proud of the steady growth that has spanned nearly two decades at IID, and it’s exciting to impact how Fortune 1000 companies and large government agencies share threat intelligence moving forward.”

Despite the growing danger posed by cybercrime, information vital to stemming the tide is highly fragmented across the Internet today. Pockets of data about threat activity are siloed within the repositories of individual enterprises, government organizations, vendor networks and research institutions. IID’s ActiveTrust platform solves the problem by offering a threat intelligence solution that automatically aggregates, validates and exchanges actionable threat data across thousands of contributing sources, enabling organizations to power their existing security infrastructure with more robust intelligence feeds. This collaborative approach means enterprises and government agencies can increase the scope, quality and timeliness of their cybersecurity efforts, while freeing up valuable human resources.

IID itself is not new to the realm of cybersecurity. The company has detected and mitigated cyberthreats for the Fortune 500 and leading government agencies since 1996, when the company was founded. Leveraging its wide-ranging and deep ties within the cybersecurity community, IID began rolling out its ActiveTrust platform in early 2013.

“Heeding the President’s call on the private and public sectors to share cyber threat intelligence, BVP set out to find and fund the best team and technology to enable safe, real-time collaboration,” explained VeriSign founder and partner at Bessemer Venture Partners David Cowan. “With so many mega-enterprises and federal agencies joining ActiveTrust, it was clear to us that IID has already developed the most important security intelligence exchange on the planet.”

“Despite all of the recent advancements in online security, it is mind-boggling that threat intelligence sharing is stuck in the ’90s–conducted primarily by email, and limited to peer and industry groups,” said IID Co-founder, President and CTO Rod Rasmussen. “With our threat sharing platform, we are automating at scale what IID has been doing for years–collecting, analyzing and feeding data into enterprises’ wide array of security tools–and providing a social network for enterprises to collaborate against the latest threats.”

A sneak peek at ActiveTrust can be found at www.internetidentity.com/activetrust-network.

IID was advised throughout the transaction by Seattle-based investment bank Evolution Capital Advisors.

About IID

IID empowers threat intelligence sharing for enterprises and governments in a trusted environment that reaches beyond limited trust groups. The company aggregates and analyzes widely sourced threat data, and delivers actionable intelligence to facilitate the protection of assets, brands and users. Top financial firms, the largest government agencies, and leading e-commerce companies, social networks and ISPs leverage IID to detect and mitigate threats. For more information about IID, go to www.internetidentity.com.

About Bessemer Venture Partners

Bessemer Venture Partners (BVP) invests in early-stage, hyper-growth startups, partnering closely with entrepreneurs to build durable businesses. BVP is a global firm with offices in Menlo Park, Cambridge, New York, Mumbai, Bangalore, Herzliya and Sao Paolo. With $4 billion under management, BVP invests anywhere from $100,000 to $75 million in innovative companies like LinkedIn, Yelp, Skype, CornerstoneOnDemand, Pinterest, Box and Twilio. Over 100 BVP companies have gone public — last year alone BVP had 5 IPOs, 7 MA exits, and 20 new investments. Learn more at bvp.com and twitter.com/BessemerVP.

About Evolution Capital Advisors, LLC

Evolution Capital Advisors is a Seattle-based boutique Investment Bank specializing in entrepreneurial stage companies within information, mobile/digital media, and energy technology. For more information, visit: www.evolutioncapadv.com.

Article source: http://www.darkreading.com/management/iid-secures-8m-from-bessemer-ventures/240163595

MOUNTAIN VIEW, Calif. — Nov. 5, 2013 — NetCitadel, Inc., the pioneer in innovative threat management solutions, today announced that its Threat Management Platform has integrated with the leading threat protection platform from FireEye, Inc. FireEye is the leader in stopping today’s new breed of cyber-attacks, enabling immediate response and comprehensive protection against today’s advanced persistent threats (APTs) and zero-day attacks. NetCitadel also announced that it has joined the FireEye Fuel Partner Program.

FireEye’s platform features the patented Multi-Vector Virtual Execution (MVX) engine that conducts signature-less analysis atop a patented, virtualization technology purpose-built for security. The NetCitadel solution uniquely adds rich context data to events from threat detection devices such as FireEye to facilitate rapid and intelligent decisions and real-time responses to security events as they happen. Together, this integration equips today’s incident response teams with the security analysis, intelligence and means of protection to best keep their networks safe.

“As the leader in Advanced Malware Detection, FireEye recognizes the need for innovative solutions like the NetCitadel Threat Management Platform,” said Didi Dayton, VP of WW Strategic Alliances at FireEye. “By helping incident response teams add deeper context and flexible response options to detected threats, our integrated solutions enable our mutual customers to effectively respond to threats.”

With this integration, security analysts and incident response teams can now verify, prioritize, and contain threats detected by FireEye faster and more efficiently than ever before. The NetCitadel integration with FireEye is designed to enable security teams to:

Surround FireEye events with rich context including Indicators of Compromise (IOC) data, IP reputation, and user identity

Build and maintain centralized enforcement lists and objects that can be applied to large, multi-vendor security device environments

Enable fully or partially automatic enforcement across thousands of security devices from multiple industry standard vendors

The evolution of APTs and advanced malware has reduced the effectiveness of traditional security enforcement point solutions. By actively linking multi-vendor security enforcement points with solutions such as FireEye’s threat detection offering, NetCitadel’s Threat Management Platform transforms traditionally rigid, static security devices into dynamic defenses capable of automatically responding to malicious attacks in real-time.

“FireEye is the leader in enabling companies to protect themselves from modern malware and attack methods, such as zero-day attacks and APTs,” said Neil Stratz, NetCitadel VP of Sales and Marketing. “With NetCitadel providing actionable intelligence and context around detected security events, the combined solution gives security analysts the tools they need to focus on addressing the highest priority threats and adapting policies for comprehensive protection of their environments.”

About NetCitadel

NetCitadel is the pioneer in innovative security incident response. Recognizing the dramatic growth in cyber-attacks and the increase in targeted attacks using Advanced Persistent Threats (APTs), the company identified the need to operationalize the overwhelming volume of security data. Its Threat Management Platform leverages patent-pending technology to link existing network security devices with real-time security event information, resulting in an infrastructure capable of adapting to new threats instantly. Headquartered in Mountain View, Calif., the company is venture backed by NEA and other investors. For more information about NetCitadel and its solutions, call (650) 564-4285 or visit http://www.netcitadel.com.

About FireEye

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber-attacks. These highly sophisticated cyber-attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors, including Web, email, and files and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber-attacks in real time. FireEye has over 1,000 customers across more than 40 countries, including over one-third of the Fortune 100.

Article source: http://www.darkreading.com/management/netcitadel-and-fireeye-partner-to-delive/240163596

Ottawa, Ontario, CANADA – November 5, 2013 – AFORE Solutions, Inc., a market leader in cloud security and data encryption, today announced a portfolio of Amazon Web Services (AWS) security solutions enabling customers to take control of securing sensitive data within AWS. The suite, targeted at enterprise customers and service providers planning to offer Encryption as a Service (EaaS), helps accelerate customer adoption of the AWS cloud platform by protecting sensitive data. Information once thought to be too critical to process in the cloud can now be encrypted in real time protecting such data against many advanced threats and unauthorized access.

Designed to help protect virtual desktops (VDI), application servers, Microsoft SharePoint and SQL server, as well as Amazon Elastic Block Store (EBS) deployments, the AFORE suite includes customer-controlled encryption key management for greater data protection. These measures give AWS cloud customers a peace of mind in terms of keeping data from being breached or leaked. As a result of the deployment, customers are able to meet regulatory compliance and data remanence needs and guard against a broad range of threats, including advanced persistent threats (APTs), cyber surveillance programs and insider leaks. AFORE’s data encryption solutions are easy to deploy in both Amazon Machine Image (AMI) virtual machines and Bring-Your-Own-License (BYOL) deployment models.

“With regulatory compliance requirements and cyber surveillance having such a significant impact on data stored in the cloud, key management becomes the critical lynch-pin related to the effectiveness of cloud encryption,” says Peter ffoulkes, Research Director at 451 Research – “Customers must carefully evaluate who is managing the encryption keys as well as the associated business risk and cost of not having complete control over who can access their data.”

AFORE’s data security suite has been built from the ground up for cloud and virtualized environments to deliver powerful data protection that eliminates traditional cost and deployment complexity barriers. AFORE’s unique capabilities include:

 Security for all layers of the computing stack from storage to servers to desktops

 Single security management plane for private, hybrid and multiple public clouds

 Agentless deployment forgoing the need to modify applications or workloads

 Comprehensive system management and data access forensics

 Enterprise controlled encryption key management

“While the cloud offers tremendous value in terms of the ease of provisioning, system scale-out and IT management, data security within the cloud continues to rank as a top concern among IT departments,” said Jonathan Reeves, AFORE’s Chairman and Chief Strategy Officer. “AFORE’s encryption solutions for AWS provide the data protection that customers require to host enterprise workloads in the cloud. Data once thought to be too confidential or critical for the public cloud can now be stored without worry, leading to a new class of applications making this transition.”

AFORE will introduce a suite of CloudLink AMI’s at the AWS re:Invent 2013 conference in booth 209, November 12-15, at the Venetian hotel in Las Vegas.

About AFORE:

AFORE Solutions is a leader in security and encryption management solutions for the Cloud. AFORE’s CloudLink Secure VSA protects mission critical data in motion and at rest while CypherX provides application lockdown and protection against advanced threats (APT). CloudLink Secure VSA has been certified Vblock Ready trade by VCE to run on Vblocktrade Infrastructure Platforms. AFORE Solutions is a member of the EMC Select partner program. For more information visit: www.aforesolutions.com and follow us on Twitter @aforesolutions.

Article source: http://www.darkreading.com/authentication/afore-launches-data-encryption-solutions/240163597