DATA SECURITY

XSOC CORP Launches Four Foundational Patent Pending Cryptographic Systems Built to Secure Critical Data

XSOC CORP | May 12, 2021

XSOC CORP has emerged from stealth mode after three years of intense research and development, and today unveiled new cybersecurity solutions aimed at offering improved cryptographic capabilities for existing systems in local industrial and wireless environments. XSOC CORP is a post-quantum data security company that protects businesses' most sensitive data and communications from well-funded hacker groups and nation-state attackers using more sophisticated attacks.

Senior software and hardware developers at XSOC CORP combine decades of algorithmic programming expertise with high-performance encryption techniques. Matching global-level cybersecurity innovations with the business and marketing acumen of a professionally experienced executive management team have boosted XSOC CORP's entry into the market.

XSOC CORP expands on the idea that good security, together with stronger tools, is the only real way to ensure data and device safety against external threats – no matter how sophisticated. The new technology from XSOC CORP fills gaps in existing cybersecurity systems by providing specialized encryption products, utilities, and pluggable modules that are specifically tailored for the expanding Internet of Things (IoT) and Industrial Internet of Things (IIoT) markets.

XSOC CORP is collaborating with the academic and professional sectors to solve some of the problems associated with outdated Public Key Infrastructure (PKI). SSL/TLS is the most commonly used mode of PKI, but it only provides a "static" certificate-based solution and, in many situations, only updates cryptographic key material certificates once per year. In the last 20 years, the certificate concept hasn't evolved or improved much; instead, it's gotten more expensive while being hard to configure and maintain. SOCKET is a breakthrough technology that allows for continuous cryptographic key rotation (updates) with or without SSL/TLS support.

SOCKET is a cryptographic key exchange protocol designed for near-field/radio frequency (RF) and wireless transmissions in closed-circuit, limited-distance, or intermittent ad-hoc network environments that support hardened encryption protection.

SOCKET also offers a relatively reliable and secure main infrastructure mechanism for more permanent network conditions. SOCKET, for example, can be used as an out-of-band (stand-alone) means of symmetric key transmission for legacy devices in an industrial (IT/OT) or commercial wireless surveillance environment, or modern streaming video cameras in a warehouse or embassy. SOCKET is an ideal companion to the XSOC Cryptosystem, and offers a safe solution for symmetric key sharing, allowing authentication in situations where TLS (SSL Certificates) are either impractical or impossible. SOCKET can be thought of as an “N-Tier” variant of Kerberos / X.509 technology, which has been around for 20 years and does not have a single point of failure.

Although XSOC CORP's SOCKET technology focuses on the idea of protected key exchanges in private network environments, the technology has also been completely opened to the internet via WAN-SOCKET. SOCKET's Wide Area Network (WAN) version employs advanced Distributed Hash Table (DHT) and Peer to Peer (P2P) technologies to provide symmetric encryption keys safely and with reduced lag or delay.

The reliability of SOCKET (and WAN-SOCKET) is due to the final pillar of XSOC CORP's main underlying technology set, Encrypted Broadcast Protocol, or "EBP." EBP is a native authentication protocol for network-efficient secure signal communications with 512bit or higher encryption strength. XSOC CORP has improved on the already effective UDP protocol, making it 100% stable and capable of providing completely encrypted data. XSOC CORP has shown that transfer of massive volumes of data over EBP can be achieved more than twice as fast as the leading FTP client/server while also being secured by 512bit encryption in a clear head-to-head challenge against the TCP/IP protocol.

About XSOC CORP

Founded in 2018, XSOC CORP is headquartered in Irvine, CA, and has a senior management and technology engineering team that has developed the XSOC Cryptosystem, which employs a supplied cryptographic cipher and a versatile SDK/API for fast integration into a wide range of software and platforms. XSOC Cryptosystem is designed to make the use of symmetric encryption easier. It eliminates the amount of time and code (or effort) taken to apply strong encryption directly to text, data, and, in particular, streaming-media services. SOCKET and WAN-SOCKET, which are powered by the modern and high-performance EBP protocol, expand the scope of symmetric cryptography globally.

Spotlight

As organizations rely more and more on web applications to deliver services to their employees, partners, and customers, threats targeting websites are increasing rapidly because they are easy to exploit and have access to extremely valuable information. Despite the vast resources available to help securely code web applications so they are less vulnerable to attack, known methods like SQL injection continue to be used in 80 percent of data breaches*. Also, even organizations that do perform dynamic application testing tend to do it infrequently due to the large number of web applications they have, the false positives, and sheer number of vulnerabilities that need to be addressed.

Spotlight

As organizations rely more and more on web applications to deliver services to their employees, partners, and customers, threats targeting websites are increasing rapidly because they are easy to exploit and have access to extremely valuable information. Despite the vast resources available to help securely code web applications so they are less vulnerable to attack, known methods like SQL injection continue to be used in 80 percent of data breaches*. Also, even organizations that do perform dynamic application testing tend to do it infrequently due to the large number of web applications they have, the false positives, and sheer number of vulnerabilities that need to be addressed.

Related News

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Copado Launches New DevSecOps Training Module to Make Releases Faster and More Secure

Copado | September 01, 2022

Copado, the global leader in low-code DevOps, today announced it launched a new DevSecOps training module to help make software releases faster and more secure. The new module is available in the Copado Community, where its 55,000 members can learn, connect and grow their careers. Copado has already trained more than 35,000 DevOps specialists and certified more than 20,000 DevOps professionals with a goal to train 15,000 more by the end of 2022. Research has shown that 70% of development teams lack the knowledge and skills needed to implement DevSecOps best practices. "Without DevSecOps best practices, software releases can be plagued with quality and security issues, costing more time and money post-production to correct them. "To address this growing need for DevSecOps skill sets, Copado is offering self-paced online training to upskill DevOps professionals, administrators, developers and architects. Our community can help jumpstart a new career path or level up your current path by unlocking your full potential." Pat McQueen, Senior Vice President of Customer Success & Global Services at Copado The DevSecOps module is designed to help make release cycles shorter, more secure and resilient. It explains how to integrate compliance, security and testing in a DevOps pipeline in order to avoid cybersecurity architects manually maintaining the security consoles and additional configurations in the application. It highlights the importance of security and compliance for an organization, identifies DevSecOps best practices, and explains how to build a successful DevSecOps strategy and culture. Copado also joined industry leaders Accenture, Broadcom, IBM and others in the new OASIS Open Value Stream Management (VSM) Interoperability Technical Committee. The group will develop new interoperability standards to enable VSM data sharing across platforms. "DevOps and DevSecOps are extremely fractured markets when it comes to tools: there are literally thousands of products that are involved in building resilient pipelines," said Daniel Riedel, Senior Vice President of Strategic Services for Copado. "As the industry matures, value stream management will help bring observability to the process. Creating an interoperability standard now will ensure that organizations can rely on cohesiveness in tool integration. Interoperability will provide the transparency to ensure a stronger, more resilient infrastructure for customers and employees." About Copado Copado is the leading DevOps and testing solution for low-code SaaS platforms that run the world's largest digital transformations. Backed by Insight Partners, Salesforce Ventures and SoftBank Vision Fund, Copado accelerates multi-cloud, enterprise deployments by automating the end-to-end software delivery process to maximize customers' return on their cloud investment. More than 1,000 companies rely on Copado to drive digital transformation with speed, quality and value including Boston Scientific, Coca-Cola, Fair Trade, Linde, MassMutual, Schneider Electric and Shell. Copado processes over 50 million DevOps transactions per month and is rated with a 100% score on the Salesforce AppExchange.

Read More

DATA SECURITY,ENTERPRISE IDENTITY

Illumio Introduces New Solution to Stop Endpoint Ransomware from Spreading Across the Hybrid Attack Surface

Illumio | September 29, 2022

Illumio, Inc., the Zero Trust Segmentation company, today announced Illumio Endpoint®, a reimagined way to prevent breaches from spreading to clouds and data centers from laptops. Hybrid work has expanded the attack surface, introducing new threats and making organizations more vulnerable, so it’s become increasingly important for employees to have secure access to applications and data wherever they are located. Unlike other Zero Trust Segmentation solutions, Illumio Endpoint lets your policy follow your teams’ laptops wherever they work, whether at home, in the office, or at a coffee shop. With Illumio Endpoint, the first device that gets infected will also be the last. Organizations are more interconnected and vulnerable in hybrid workplaces, and the attack surface is growing increasingly complex. Additionally, attacks on hybrid work environments are more expensive, costing an average of about $600K more than the global average. Even with endpoint detection and response tools in place, endpoints still get breached – according to ESG, 76 percent of organizations experienced a ransomware attack in the past two years alone. Illumio Endpoint includes: Extended visibility and segmentation policy controls for macOS and Windows devices, allowing organizations to see risk and stop attacks from spreading from laptops, workstations, and VDIs. A single, unified console to see and manage visibility and segmentation policy across endpoints, clouds, and data centers, making Zero Trust Segmentation easier, faster, and more efficient for security teams. Work from anywhere support with segmentation policy that follows the device, so organizations have the confidence that their networks are secure, and their employees can remain productive while working from anywhere. The ability to control application access so users can only reach the necessary applications from their device, not the entire data center and cloud, minimizing the organization's risk from vulnerable or compromised endpoints. "Before Illumio, we had only a slim idea of what kind of communications were running across our network. But with Illumio, we clearly see exactly what's connecting to individual endpoints. David Ault, VP of Information Security at Telhio Credit Union “The hybrid workforce is here to stay, which exposes organizations to a more complex attack surface and more risk, particularly on the endpoint,” said Mario Espinoza, Chief Product Officer at Illumio. “It’s important to have tools that can detect and respond to an identified breach, but unidentified attacks can spread throughout the organization to access critical data and assets when Zero Trust Segmentation is not in place to proactively contain the breach. With Illumio Endpoint, security leaders will gain the comprehensive protection needed to build resilience to attacks throughout their hybrid IT and as employees work from anywhere.” “Ransomware and other cyberattacks often involve end user devices somewhere in the attack chain, moving laterally on to other higher-value assets,” said Dave Gruber, Principal Analyst, ESG. “Because attackers continue to find ways in and move laterally fast, prevention, detection and response mechanisms can fall short stopping these fast-moving attacks. Containment strategies such as Zero Trust Segmentation across endpoint devices can proactively stop ransomware and other fast-moving attacks from spreading to critical infrastructure and assets, reducing risk.” About Illumio Illumio, the Zero Trust Segmentation company, stops breaches and ransomware from spreading across the hybrid attack surface. The Illumio ZTS Platform visualizes all traffic flows between workloads, devices and the internet, automatically sets granular segmentation policies to control communications, and isolates high-value assets and compromised systems proactively or in response to active attacks. Illumio protects organizations of all sizes, from Fortune 100 to small business, by stopping breaches and ransomware in minutes, saving millions of dollars in application downtime, and accelerating cloud and digital transformation projects.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

SonicWall Earns Prestigious 2022 CRN Annual Report Card Award for Enterprise Network Security

SonicWall | August 22, 2022

SonicWall today announced that CRN, a brand of The Channel Company, named the cybersecurity leader as one of the winners in the Enterprise Network Security category of the 2022 CRN Annual Report Card (ARC) Awards. This award honors the industry's top technology vendors for success in providing high levels of satisfaction for channel partners through innovative products, services and partner programs. "As a 100% channel company, we remain completely committed to delivering our partners and customers with the absolute best products and support to face today's increasingly complicated security challenges," said SonicWall President and CEO Bob VanKirk. "We're excited to be recognized by CRN, especially knowing that they celebrate best-in-class vendors that are committed to driving partner growth and demonstrating outstanding channel performance. SonicWall is uniquely positioned to help partners, including MSSPs, evolve and help facilitate their growth." With 37 years of history, CRN's ARC Awards recognize best-in-class vendors devoted to boosting IT channel growth through innovation in technology and partner strategy. Through the ARC Awards — known as one of the most prestigious honors in the IT industry — solution providers offer key feedback that commends technology manufacturers for designing channel-friendly product offerings, developing strong partner programs, and building long-term successful relationships with solution providers. SonicWall's SecureFirst Partner Program and its industry-leading security products help partners and MSSPs exceed customer demands. More than 17,000 active SonicWall partners help protect our customers every day, and because of them SonicWall is one of the unquestioned leaders in the cybersecurity space. The ARC Awards are based on an invitation-only research survey conducted by The Channel Company. Responses from 3,000 solution providers across North America were evaluated in this year's survey, rating 82 vendor partners across four criteria: product innovation, support, partnership, and managed cloud services. Scores were awarded in 25 major product categories in technology areas that are critical to channel partner success. "It's our pleasure to honor vendors that consistently deliver top-performing products and services to establish and foster successful channel partner relationships. "In addition to highlighting our winners, CRN's Annual Report Card Awards provide vendors with actionable feedback and insight into their current standing with partners that can be incorporated into their channel strategies in the future." Blaine Raddon, CEO, The Channel Company Winners will be featured throughout The Channel Company's XChange 2022 conference, taking place August 21-23 in Denver, Colorado. Coverage of the CRN 2022 ARC results can be found online at www.CRN.com/ARC and will be featured in the October 2022 issue of CRN Magazine. About SonicWall SonicWall delivers Boundless Cybersecurity for the hyper-distributed era in a work reality where everyone is remote, mobile and unsecure. SonicWall safeguards organizations mobilizing for their new business normal with seamless protection that stops the most evasive cyberattacks across boundless exposure points and increasingly remote, mobile and cloud-enabled workforces. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall closes the cybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram. About The Channel Company The Channel Company enables breakthrough IT channel performance with our dominant media, engaging events, expert consulting and education, and innovative marketing services and platforms. As the channel catalyst, we connect and empower technology suppliers, solution providers and end users. Backed by more than 30 years of unequalled channel experience, we draw from our deep knowledge to envision innovative new solutions for ever-evolving challenges in the technology marketplace.

Read More