The RSA Conference held each year in San Francisco is the biggest security event in the world, attracting tens of thousands visitors and (this year) over 350 exhibitors.
Not all of the companies showcasing their offerings on the expo floor have come prepared to release new solutions, but among those who have, here are the ones whose announcements and presentations garnered the most attention:
Crypton is an application framework for building cryptographically secure cloud applications, which offer meaningful privacy assurance to end users because the servers running the application cannot read the data created and stored by the application.
In the past, using cloud technologies meant definitively sacrificing privacy (having plaintext information viewable by 3rd party servers). Crypton allows companies and developers to realize “zero-knowledge” privacy cloud environments out-of-the-box. This is accomplished by transparently handling the complicated cryptography layers through Crypton and allowing companies to focus on domain specific challenges instead of figuring out how to push privacy and security after-the-fact.
“To our knowledge there is no existing framework that handles all the encryption, database storage, and private user to user communication needed to build a zero knowledge cloud application. Other cloud applications have been created that involve cryptography, but not in a generalized, reusable form that everyday developers could easily use to build a wide range of new apps,” says SpiderOak.
Qualys: FreeScan service
Qualys has expanded its popular FreeScan service, which is used by organizations all over the world to quickly test online whether their computers, networks, web sites, and web applications are at risk from the latest threats.
Qualys FreeScan now integrates a variety of security and compliance scans into a single, uniform console:
- Patch Tuesday PC Audit. This scans PCs to find missing updates and patches from business software, such as Microsoft Windows, Oracle Java and Adobe Flash and Reader. It identifies which patches are required to address vulnerabilities that are found and provides links for downloading the necessary updates. After fixes have been installed, this scan can be run again to verify that computers are up-to-date.
- OWASP (Open Web Application Security Project) Web Application Audit. This tests web applications, either inside a company’s network or on the Internet, to see if they comply with the latest OWASP industry-standard guidelines for defending against online attacks such as SQL injection and cross-site scripting (XSS). It organizes any issues that are found according to the corresponding OWASP categories and helps application developers fix application weaknesses.
- SCAP (Security Content Automation Protocol) Compliance Audit. This tests computers within a company’s network to see if they comply with leading security configuration benchmarks, such as the U.S. Government Configuration Baseline (USGCB), which is required by many U.S. federal agencies and organizations that do business with the government.
- Web Site Scan for Vulnerabilities and Malware. This performs a comprehensive check of a company’s web site for server and application vulnerabilities, hidden malware and SSL security configuration errors.
Additionally, FreeScan now supports the deployment of virtual scanners for scanning internal systems and web applications.
Spyrus: Secure Pocket Drive Build Your Own Linux Program
The Secure Pocket Drive (SPD) Build Your Own Linux Program with Spyrus’ Secure Pocket Drive bootable USB product line includes a set of Linux Builder Utilities, which gives users the ability to create and manage their own personal, portable, and secure Linux operating environment.
The software includes a security initialization utility that generates new cryptographic keys in the SPD hardware, sets password and logon policies, and locks/unlocks the encrypted compartment as needed for updating the operating system or applications.
In addition, “admin utilities” are provided to reset the user password by the administrator and to change the administrator password when required. Finally, Microsoft Windows and Linux compatible utilities are provisioned directly on the boot compartment of the SPD to allow the user to manage their password.
Secure Pocket Drive with your favorite version of Red Hat, Ubuntu, SLAX, or SE Linux is bootable on almost any Wintel or Apple Macintosh desktop or laptop. This makes it ideal for individual home users and supports enterprise BYOD initiatives, such as teleworking, traveling “road warriors,” continuity of operations and disaster recovery, and temporary workers.
SPD can be set up in two different configurations: Read-Only and Read-Writable. Both configurations can be used online when connected to a network or the internet or offline with no network, and both employ the same Suite B On Board hardware security infrastructure that is built into the Spyrus Hydra Privacy Card family.
All Secure Pocket Drives use only digitally signed memories by Spyrus. Moreover, hardware-based XTS-AES 256-bit full disk encryption (NIST SP800-38E) encrypts and secures the operating system, applications, and data on the drive. SPD also has built-in security checks that make it extremely difficult, if not impossible, to break into the drive without rendering it inoperable to the hacker.
DefensePipe is an integrated solution for mitigating DDoS attacks that threaten to saturate a customer’s Internet pipe, or the “outside line” that connects enterprises to the web.
DefensePipe is a solution for end to end attack mitigation on-premise and in the cloud that automatically engages once the customer’s Attack Mitigation System detects that pipe saturation is imminent.
The organization’s suspicious Internet traffic is immediately diverted to the DefensePipe cloud based scrubbing center where it is distanced further from the protected network and its scalable resources can mitigate high volume attacks. Once the traffic is “cleaned” it is then sent to the organization and regular operations continue once the attack has ceased.
The integration of on-premise AMS and DefensePipe provides wide coverage of attacks, including SSL based attacks, application layer attacks, low and slow, network floods, known vulnerabilities and egress traffic attacks. The mitigation is automatically initiated – there is no need to wait for human intervention or to divert the traffic to a remote data center in order to start it.
Also included is access to Radware’s Emergency Response Team (ERT), a “round the clock” staff of security experts who mitigate the attack with the customer during the entire attack campaign.
Pwnie Express: Pwn Pad
Pwn Pad is a tablet loaded with wired and wireless pentesting tools.
The sleek form factor makes it an ideal product choice when on the road or conducting a company or agency walk-through.
- Android OS 4.2 and Ubuntu 12.04
- Large 7″ screen, powerful battery
- OSS-Based Pentester Toolkit
- Long Range Wireless Packet Injection.
- TP-Link TL-WN722N (atheros usb wifi)
- Sena UD100 (Bluetooth USB)
- USB Ethernet
- OTG cable (USB host mode).
The toolkit includes:
- Wireless tools (Aircrack-ng, Kismet, Wifite-2, Reaver, MDK3, EAPeak, Asleap-2.2, FreeRADIUS-WPE, Hostapd)
- Bluetooth tools (bluez-utils, btscanner, bluelog, Ubertooth tools, Web Tools, Nikto, Wa3f)
- Network tools (NET-SNMP, Nmap, Netcat, Cryptcat, Hping3, Macchanger, Tcpdump, Tshark, Ngrep, Dsniff, Ettercap-ng 7.5.3 , SSLstrip v9, Hamster and Ferret, Metasploit 4, SET, Easy-Creds v3.7.3, John (JTR), Hydra, Medusa 2.1.1, Pyrit, Scapy)
Centrify: Centrify for Mobile 2013 and Centrify for SaaS 2013
Centrify for Mobile 2013 and Centrify for SaaS 2013 is a set of integrated capabilities enabled by the Centrify Cloud Services platform that delivers secure, enterprise-class mobility with integrated application Single Sign-on (SSO).
A unified approach to managing an employee’s digital identity that spans on-premise, cloud and mobile resources provides the visibility and control required for IT organizations to achieve compliance, reduce costs and mitigate risks, while also increasing productivity and securing access for their mobile workforce.
The Centrify Cloud Services platform integrates application Single Sign-on, Mobile Device Management, Mobile Application Management, mobile authentication and Mobile Container Management services in a single solution that enables organizations to easily manage mobile and cloud initiatives via an infrastructure they already own — Active Directory.
Centrify for SaaS supports hundreds of cloud-based apps, including Salesforce.com, WebEx, Box.net, and hundreds more. In addition, the service offers the MyCentrify portal where users obtain one-click access to all their SaaS apps from their PC, and can utilize self-service features that let them locate, lock or wipe their mobile devices, and also reset their Active Directory passwords or manage their Active Directory attributes. A mobile app version is also available on the Apple App Store and Google Play.
Booz Allen Hamilton: Cyber4Sight Threat Intelligence Services
Cyber4Sight Threat Intelligence Services uses multiple data sources to identify and monitor an organization’s unique cyber security profile, determine its “attack surface,” and deploy military grade predictive intelligence to anticipate, prioritize and mitigate cyber threats.
Cyber4Sight combines the science of Big Data with the art of analysis and information gathering to give clients a holistic, forward-looking cyber security program. This service is the result of a significant multi-year investment Booz Allen has made to create an infrastructure that globally integrates data collection, aggregation and analysis and engages cyber analysts from a myriad of disciplines.
The Services center on:
- All-source data: Booz Allen’s data collection, aggregation and analysis platform filters millions of pieces of data from thousands of sources in real-time
- Intelligence analysis: Company analysts provide 24/7/365 threat monitoring to produce actionable and predictive information.
- Managed client services: The suite of Cyber4Sight products includes: trip-wire reports, situation reports (SITREPs), spot reports (SPOTREP), daily summaries and requests for analysis and response.
Allegro: Allegro Cryptography Engine (ACE) Embedded FIPS Cryptography Toolkit
Allegro added FIPS 140-2 compliant Allegro Cryptography Engine (ACE) to the RomPager suite of embedded internet toolkits.
Early networked desktop PCs and servers were unprepared to address the new security implications of network connectivity. The same is true for many of today’s embedded systems which presents a significant new security concern that must be addressed immediately and systematically.
ACE is a platform independent, high performance, resource sensitive, FIPS cryptography engine specifically engineered for the rigors of embedded computing.
The module provides embedded systems developers with a common software interface to enable bulk encryption and decryption, message digests, digital signature creation and validation, and key generation and exchange.
ACE includes a platform independent, government-certified implementation of the NSA Suite B defined suite of cryptographic algorithms, and makes embedding standards-based security protocols into resource sensitive embedded systems such as military, energy and healthcare embedded applications fast, easy and reliable.
Fortinet: FortiGuard cloud-based sandboxing and IP reputation services
The FortiGuard cloud-based sandboxing service uses behavioral attributes to detect malware by executing them within a virtual environment. This serves as an additional protection layer that complements the FortiGate’s existing antivirus engine and its inline lightweight sandbox.
Suspicious files can be submitted automatically to the new hosted service for further scanning without significantly impacting a FortiGate’s performance. In addition, FortiCloud has added a new feature that serves as the online sandboxing portal, which provides detailed status and visibility into the scanned results.
FortiGuard Labs continually investigates and monitors IP’s that are compromised or behaving abnormally. The FortiGuard IP Reputation Service uses a number of different techniques, including historical analysis, honeypots and botnet analysis to provide immediate protection against wide scale automated attacks. The service also continuously learns from a global footprint of threat sensors, tracking malicious events to IP addresses in real time.
Virtustream / Metamarkets / Skilled Analysts: Big Data solutions in the cloud
Through the combination of Virtustream’s secure enterprise class cloud, Metamarkets’ Druid real-time analytics database and Skilled Analysts’ consulting services, enterprises now have access to tailored big data solutions that can be run on demand from any cloud – private public or hybrid, with professional services as needed.
Powered by Virtustream Ã‚ÂµVMTM (micro-VM) technology, xStream Enterprise Cloud offers a pay-as-you-go cloud service that only charges customers for the resources actually used. With big data projects that require a significant amount of storage and compute, consumption-based pricing delivers significant cost savings to customers.
Metamarkets created Druid, a real-time analytics database, which is the first open source, distributed, analytical data store designed to operate in real-time and scale horizontally. Druid is perfectly suited for large-scale, real-time data analysis of massive volumes of business data, and running it in the cloud simplifies setup and expedites deployment.
To assist enterprises with the installation, configuration and use of big data tools, Skilled Analysts offers data scientists with extensive design and implementation expertise to establish and run Druid and Hadoop projects.
Honorable mention: LifeJourney online career-simulation platform
LifeJourney lets students and jobseekers test-drive careers in cyber security and gain exposure to the skills they’ll need to achieve their dreams, and enables leading cyber security companies to become role models for millions of students and others interested in understanding careers across the industry.
Using the LifeJourney platform, companies can showcase their star talent and transform their technologies into virtual experiences, “field trips,” that let someone live a day in the life of an actual cyber security professional.
There are now a total of fifty cyber security LifeJourneys available, each representing a cyber security career. A company can choose to represent an entire career, or it can use its products and specialized expertise to create field trips that bring important facets of the industry to life. There are hundreds of possible cyber field trips a company can present, showcasing fields and topics like digital forensics, advanced persistent threats, mobile application security, cloud security, reverse engineering, critical infrastructure protection, and many others.
Every LifeJourney offers a series of connected interactive learning activities designed to expose students to the real life skills and challenges for each career. Depending on the LifeJourney, field trips might be online scavenger hunts, watching video programs, participating in technology training, solving puzzles, or sometimes using real interactive simulations.
For our in-depth coverage of RSA Conference 2013 with news, articles, photos and videos, go here.