HyTrust Secures $33 Million to Expand Cloud Security Business
Posted on April 1, 2015 by Kara Dunlap in Security
HyTrust, a provider of policy management and access control solutions for virtual and cloud environments, today announced that it has secured $ 33 million in new funding, including $ 8 million in venture debt and credit facilities.
According to the company, the new cash will be used to boost marketing, sales and product development initiatives, as well as expansion into international markets.
HyTrust’s solutions enable the adoption of next-generation architectures through policy-based controls, visibility and data security, which helps enterprises more easily meet compliance mandates, improve application uptime, and securely take advantage of cloud-based capabilities.
The new investment is being led by AITV (Accelerate-IT Ventures). New investor Vanedge Capital also participated in the funding, while existing venture investors—Epic Ventures, Granite Ventures and Trident Capital—and strategic investors Cisco, Fortinet, Intel Corp. and VMware, also participated.
In addition to being backed by several venture firms and enterprise technology companies, HyTrust entered into a strategic investment and technology development agreement with In-Q-Tel (IQT), the not-for-profit venture capital arm of the CIA, back in July 2013.
Along with the $ 25 million equity investment from the syndicate, HyTrust expanded its relationship with banking partner City National Bank to fund up to $ 8 million in venture debt and credit facilities.
“HyTrust is perfectly positioned to meet the needs of a market in which so many organizations are building on cloud-based technologies to increase agility for their business,” said Brian Nugent, founding principal and general partner at AITV.
Brian Nugent will join HyTrust’s board of directors, while AITV co-founder and general partner, Bill Malloy III, and Moe Kermani, a partner with Vanedge Capital, will join as board observers, the company said.
“Our goal at HyTrust is to make security automated and policy-based to address the needs of private and hybrid cloud data centers, as well as provide complete visibility into what is happening in cloud environments,” said John De Santis, Chairman and CEO of HyTrust.
Cloud Security Alliance Releases Update to Software Defined Perimeter (SDP)
Posted on May 2, 2014 by Kara Dunlap in Security
LONDON – Infosecurity Europe – The Cloud Security Alliance (CSA), a not-for-profit organization which promotes the use of best practices for providing security assurance within cloud computing, announced the release of two key documents related to the CSA’s Software Defined Perimeter (SDP), an initiative to create the next generation network security architecture. The SDP Version 1.0 Implementation Specification and SDP Hackathon Results Report provide important updates on the SDP security framework and deployment in protecting application infrastructures from network-based attacks. CSA will be providing press briefings about SDP developments at Infosecurity Europe.
The SDP, a collaboration between some of the world’s largest users of cloud computing within CSA’s Enterprise User Council, is a new approach to security that mitigates network-based attacks by creating dynamically provisioned perimeters for clouds, demilitarized zones, and data center infrastructures.
The SDP Version 1.0 Implementation Specification being released today provides a detailed description of the base architecture. Version 1.0 provides the necessary information to design and implement a highly secure network system for a wide variety of use cases. As part of the updated framework, key concepts comprising the SDP, such as Single Packet Authorization (SPA) and Mutual Transport Layer Security (TLS) have undergone extensive review. Additionally, a number of CSA members, including some of the largest global companies, have SDP pilots in place.
Also being released today, the SPD Hackathon Results Report Whitepaper provides a detailed explanation of the SDP concept, its multiple layers of security controls, and the results of the hacking contest. The Hackathon, announced by Alan Boehme of Coca Cola at the CSA Summit at RSA 2014, invited hackers worldwide to attack a server defended by the SDP. While more than 10 billion packets were fired at the SDP from around the world, no attacker broke through even the first of five layers of security controls specified by the SDP architecture.
“The Hackathon provides critical validation for the multi-layer SDP security model. Even after 10 billion attack packets, no one was able to crack even the first layer of SDP security controls during the event,” said Junaid Islam, co-chair of the SDP Working Group and CTO of new CSA corporate member Vidder, Inc. “Its the goal of this research initiative to keep testing SDP against real life attack scenarios to provide the highest level of security for cloud, mobile computing and the Internet of Things applications.”
In releasing the SDP Version 1.0 Implementation Specification, the SDP working group is providing the industry with a validated and proven concept for cloud-based security models and has also announced an open call for participation for the development of version 2.0. According to Bob Flores, former CTO of the CIA and Chief Executive Officer of Applicology Incorporated and SDP Working Group Co-Chair, now is the time for interested experts to get involved. “Today’s release of SPD 1.0 will enable sufficient industry participation and feedback to allow CSA to release version 2.0 at the CSA Congress US taking place Sept 17-19 in San Jose, CA.“
“The new SDP specification, together with the results of the Hackathon, represent the tremendous progress and confidence we have in making this framework part of every organization’s security posture in the future,” said Jim Reavis, CEO of the CSA. “Now it is time for the industry to join us in the next phase of the SDP, version 2.0, to make the framework stronger and even more secure against outside attacks.”
SOURCE Cloud Security Alliance
Providers at 2013 CSA Congress tout cloud protection over conventional IT
Posted on December 7, 2013 by Kara Dunlap in Security
At the 2013 CSA Congress, professionals from Microsoft plus AWS produced the case for why cloud provider safety is superior to conventional IT protection.
SearchSecurity: Security Wire Daily News
Cloud incident reaction planning: Understand cloud provider tasks
Posted on November 1, 2013 by Kara Dunlap in Security
A specialist at the 2013 CSA Congress claims companies should program for a cloud incident considering services usually are not able to detail their tasks.
SearchSecurity: Security Wire Daily News
Despite cloud processing safety dangers, infosec pros learn their character
Posted on October 8, 2013 by Kara Dunlap in Security
As company demands plus rogue consumers introduce cloud processing protection dangers into numerous companies, infosec pros know they need to be enablers.
SearchSecurity: Security Wire Daily News