DATA SECURITY

XSOC CORP Launches Four Foundational Patent Pending Cryptographic Systems Built to Secure Critical Data

XSOC CORP | May 12, 2021

XSOC CORP has emerged from stealth mode after three years of intense research and development, and today unveiled new cybersecurity solutions aimed at offering improved cryptographic capabilities for existing systems in local industrial and wireless environments. XSOC CORP is a post-quantum data security company that protects businesses' most sensitive data and communications from well-funded hacker groups and nation-state attackers using more sophisticated attacks.

Senior software and hardware developers at XSOC CORP combine decades of algorithmic programming expertise with high-performance encryption techniques. Matching global-level cybersecurity innovations with the business and marketing acumen of a professionally experienced executive management team have boosted XSOC CORP's entry into the market.

XSOC CORP expands on the idea that good security, together with stronger tools, is the only real way to ensure data and device safety against external threats – no matter how sophisticated. The new technology from XSOC CORP fills gaps in existing cybersecurity systems by providing specialized encryption products, utilities, and pluggable modules that are specifically tailored for the expanding Internet of Things (IoT) and Industrial Internet of Things (IIoT) markets.

XSOC CORP is collaborating with the academic and professional sectors to solve some of the problems associated with outdated Public Key Infrastructure (PKI). SSL/TLS is the most commonly used mode of PKI, but it only provides a "static" certificate-based solution and, in many situations, only updates cryptographic key material certificates once per year. In the last 20 years, the certificate concept hasn't evolved or improved much; instead, it's gotten more expensive while being hard to configure and maintain. SOCKET is a breakthrough technology that allows for continuous cryptographic key rotation (updates) with or without SSL/TLS support.

SOCKET is a cryptographic key exchange protocol designed for near-field/radio frequency (RF) and wireless transmissions in closed-circuit, limited-distance, or intermittent ad-hoc network environments that support hardened encryption protection.

SOCKET also offers a relatively reliable and secure main infrastructure mechanism for more permanent network conditions. SOCKET, for example, can be used as an out-of-band (stand-alone) means of symmetric key transmission for legacy devices in an industrial (IT/OT) or commercial wireless surveillance environment, or modern streaming video cameras in a warehouse or embassy. SOCKET is an ideal companion to the XSOC Cryptosystem, and offers a safe solution for symmetric key sharing, allowing authentication in situations where TLS (SSL Certificates) are either impractical or impossible. SOCKET can be thought of as an “N-Tier” variant of Kerberos / X.509 technology, which has been around for 20 years and does not have a single point of failure.

Although XSOC CORP's SOCKET technology focuses on the idea of protected key exchanges in private network environments, the technology has also been completely opened to the internet via WAN-SOCKET. SOCKET's Wide Area Network (WAN) version employs advanced Distributed Hash Table (DHT) and Peer to Peer (P2P) technologies to provide symmetric encryption keys safely and with reduced lag or delay.

The reliability of SOCKET (and WAN-SOCKET) is due to the final pillar of XSOC CORP's main underlying technology set, Encrypted Broadcast Protocol, or "EBP." EBP is a native authentication protocol for network-efficient secure signal communications with 512bit or higher encryption strength. XSOC CORP has improved on the already effective UDP protocol, making it 100% stable and capable of providing completely encrypted data. XSOC CORP has shown that transfer of massive volumes of data over EBP can be achieved more than twice as fast as the leading FTP client/server while also being secured by 512bit encryption in a clear head-to-head challenge against the TCP/IP protocol.

About XSOC CORP

Founded in 2018, XSOC CORP is headquartered in Irvine, CA, and has a senior management and technology engineering team that has developed the XSOC Cryptosystem, which employs a supplied cryptographic cipher and a versatile SDK/API for fast integration into a wide range of software and platforms. XSOC Cryptosystem is designed to make the use of symmetric encryption easier. It eliminates the amount of time and code (or effort) taken to apply strong encryption directly to text, data, and, in particular, streaming-media services. SOCKET and WAN-SOCKET, which are powered by the modern and high-performance EBP protocol, expand the scope of symmetric cryptography globally.

Spotlight

When comparing the goals and capabilities of attackers and defenders, it is a sobering reality that defenders need to be successful 100% of the time, whereas attackers only need to be successful once. The current playing field is dramatically imbalanced in favor of attackers. With technology developments transitioning to business realities - including BYOD, virtualization, insider threats, cloud computing, IoT, and dependency on third party partners - the attack surfaces available to cyber criminals have been vastly expanded. At the same time, defenders have been challenged to try and adapt legacy security tools and approaches to protect these ever more complex and loosely defined infrastructures.

Spotlight

When comparing the goals and capabilities of attackers and defenders, it is a sobering reality that defenders need to be successful 100% of the time, whereas attackers only need to be successful once. The current playing field is dramatically imbalanced in favor of attackers. With technology developments transitioning to business realities - including BYOD, virtualization, insider threats, cloud computing, IoT, and dependency on third party partners - the attack surfaces available to cyber criminals have been vastly expanded. At the same time, defenders have been challenged to try and adapt legacy security tools and approaches to protect these ever more complex and loosely defined infrastructures.

Related News

DATA SECURITY

Cowbell Cyber Unites Cybersecurity Giants and Cyber Insurance Industry with Launch of Cowbell Rx

Cowbell Cyber | September 21, 2021

Cowbell Cyber, the industry's first AI-powered cyber insurance provider for small to medium enterprises (SMEs), today announced the launch of its cyber risk exchange marketplace, Cowbell Rx. Cowbell Rx closes insurability gaps by providing cyber insurance applicants with resources to meet eligibility requirements while also enabling active policyholders to continuously improve their organization's risk profile. This comprehensive list of partners is the first of its kind in the cyber insurance industry. Cyberattacks continue to proliferate and damage business operations, with predictions that new attacks will happen every 2 seconds by 2031. However, cybersecurity and cyber insurance have traditionally operated in silos with insufficient coordination, resulting in a misalignment between cyber threats faced by an organization and the security measures to prevent them. Because of this, cyber insurers are tightening up insurability requirements for policyholders to obtain coverage or to renew existing cyber policies. Cowbell Rx is the first marketplace provided by a cyber insurer to help businesses gain access to recommended partners that offer solutions to organizations in order to meet the minimal criteria to get cyber insurance coverage. "Cybersecurity and cyber insurance must work in harmony to build an organization's cyber resilience. We are working with more than 20 of cybersecurity's biggest leaders to make this happen," said Isabelle Dumont, vice president of market engagement at Cowbell Cyber. "Cowbell Rx is a key component of Cowbell's closed-loop risk management initiative to continuously improve an organization's risk profile. Together with our partners, we are bringing streamlined access to today's top cybersecurity services and solutions straight to current and future policyholders." "Cowbell is an innovator in the field of cyber insurance and we share their passion for data-driven risk assessment," said Eric Skinner, vice president of Market Strategy at Trend Micro. "We're pleased to be part of Cowbell's new marketplace. By bringing together Cowbell policyholders with cybersecurity experts like Trend Micro, we can all work together to ensure our mutual customers stay resilient in a world of constantly changing cyber threats." "True cyber risk management is the combination of cyber insurance and effective cybersecurity operations," said Odin Olson, vice president of Alliances at Arctic Wolf. "Cowbell Rx is an excellent way to expose Cowbell's policyholders to some of the best cybersecurity service providers in the industry." About Cowbell Cyber Cowbell Cyber is dedicated to providing standalone, admitted individualized, and easy-to-understand cyber insurance for small and mid-size enterprises. In its unique AI-based approach to risk selection and pricing, Cowbell's continuous underwriting platform, powered by Cowbell Factors, compresses the insurance process from submission to issue to less than 5 minutes. Cowbell Insurance Agency is currently licensed in 50 U.S. states and the District of Columbia.

Read More

Cowbell Cyber Partnered with Trend Micro to Provide Better Access to Cyber Insurance

Cowbell Cyber | February 25, 2022

The industry's first AI-powered cyber insurance provider for small and medium businesses (SMEs), Cowbell Cyber announced a partnership with Trend Micro to expand cyber insurance access. Trend Micro's MSP partners and clients would have exclusive access to an all-digital, expedited application procedure for Prime 100 cyber insurance plans due to the partnership. Cowbell's ability to enable closed-loop risk management for policyholders will be enhanced as a result of the partnership, as the two companies will be able to provide their mutual customers with actionable, real-time insights to reduce risk exposures, proactively address vulnerabilities, and ultimately pass on savings from their cyber insurance policy premiums. "The number of cyberattacks is at an all-time high, and companies are coming to terms with the fact that size doesn't matter to an attacker, Partnering with a cybersecurity leader like Trend Micro allows us to offer our joint customers the insights and actionable steps they need to improve their protection against cyberattacks, thus potentially improving their risk profile." Stephen Years, Director of Technology Partners and Ecosystem Cowbell will also continue to collaborate with Trend Micro to develop deeper technology connections, resulting in insurance premium credits for Trend Micro customers in the future. "Managed Service Providers (MSPs) are the gateway to many small to medium enterprises and this partnership empowers them to better serve their customers by taking the complexity often associated with cyber insurance out of the equation" said Lamon Gorman, Director of MSPs at Trend Micro. "The all-digital approach that Cowbell offers is a game-changer." Cowbell has announced a partnership with iBynd to extend cyber insurance distribution, continuing the company's ambition to deliver cyber insurance to everyone. Customers of Cowbell's linked brokers, technology partners, and Managed Security Services Providers will be able to rate, quote, and bind Cowbell's insurance solutions digitally in real-time, thanks to iBynd's embedded patented technology. Additionally, iBynd's distribution network iBynd will offer Cowbell's cyber insurance to SMEs.

Read More

ENTERPRISE SECURITY

Coalfire announces HITRUST Accelerator with AWS Security Assurances Services (AWS SAS)

Coalfire | October 19, 2021

Coalfire, a leading cybersecurity firm, announced HITRUST Accelerator, a new program that allows customers to achieve HITRUST CSF Validation up to 50% faster when compared with conventional methods. This program combines deep technical knowledge of AWS Security Assurance Services, LLC (AWS SAS) with Coalfire, a HITRUST External Assessor Organization, to streamline the entirety of the HITRUST Validation lifecycle. Organizations who attempt to prepare for HITRUST certification internally without the help of an experienced external assessor may have timelines in excess of 2 years to achieve HITRUST Certification. The HITRUST Accelerator program uses a three-step process that provides end-to-end support of an organization's preparation, remediation, and HITRUST Validation. This integrated approach enables Coalfire and AWS SAS to quickly identify compliance gaps, assist with technical remediation, simplify document creation, and expedite the Validated Assessment. By accelerating HITRUST Validation, customers will be able to offer significant assurances over their security and privacy controls, which enables them to focus on innovation and driving adoption. Coalfire and AWS SAS share an obsession in creating innovative solutions that maximize customer success," "This passion and collaboration resulted in a program that helps our mutual customers prepare, remediate, and validate against the HITRUST CSF. By taking industry leaders in cloud security and HITRUST, we aim to revolutionize the way that organizations approach and maintain compliance. This has been a long time coming and we are absolutely thrilled to be launching this program with the AWS SAS team. Jeff Rector, Global Engagement at Coalfire The customer journey is accelerated via three tailored workstreams that are designed to: Prepare the customer for HITRUST Validation by thoroughly defining the technical systems and boundary, conducting a thorough gap assessment, and developing fully customized policies and procedures designed to be HITRUST compliant. Reduce remediation efforts and time to 12 WEEKS in most instances, using automated compliance-as-code packages, 30 days of expert AWS technical guidance and security engineering services, and hands-on AWS support configuring AWS services., and to fast-track the collection of evidence ahead of the Validated Assessment to minimize burden and audit fatigue on compliance teams. Validate the environment with confidence, including end-to-end support during HITRUST QA, Corrective Action Plan creation, and report finalization. About Coalfire Leading technology infrastructure providers, SaaS companies, and enterprises – including the top-five cloud service providers and eight of the top-10 SaaS organizations – rely on Coalfire to strengthen their security posture and secure their digital transformations. As one of the largest firms dedicated to cybersecurity, Coalfire delivers a comprehensive suite of advisory and managed services, spanning cyber strategy and risk, cloud security, threat and vulnerability management, application security, privacy, and compliance management. A proven leader in cybersecurity for the past 20 years, Coalfire combines extensive cloud expertise, advanced technology, and innovative approaches that fuel success.

Read More