Microsoft is proud to be a continuing sponsor of the Black Hat Security conference. We appreciate Black Hat providing a unique forum in which security researchers from all over the world, IT Pros and industry luminaries can gather to share insights, knowledge and information to advance security research.
Microsoft remains dedicated to software security and privacy and continues to collaborate with the community of people and technology organizations helping to protect customers and the broader ecosystem, Microsoft is also dedicated to software security and privacy.
Since the onset of Trustworthy Computing we have fostered a culture of security within Microsoft that includes developing secure code, building strong relationships with industry researchers and partners, and providing guidance to help protect customers. We would like to thank all of the customers, partners and security researchers who have worked with us to advance the state of the art in security science. Only by working together with partners, researchers and the community can we all ensure the advancement and success of the technology industry.
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud security and compliance solutions with over 6,700 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The QualysGuard Cloud Platform and integrated suite of solutions help organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and Web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations, including Accuvant, BT, Dell SecureWorks, Fujitsu, NTT, Symantec, Verizon, and Wipro. The company is also a founding member of the CloudSecurityAlliance (CSA).
For more information, please visit www.qualys.com.
RSA, The Security Division of EMC, is the premier provider of intelligence-driven security solutions. RSA helps the world’s leading organizations solve their most complex and sensitive security challenges: managing organizational risk, safeguarding mobile access and collaboration, preventing online fraud, and defending against advanced threats.
Combining agile controls for identity assurance, fraud detection, and data protection, robust Security Analytics and industry-leading GRC capabilities, and expert consulting and advisory services, RSA brings visibility and trust to millions of user identities, the data they create, the transactions they perform, and the IT infrastructure they rely on. For more information, please visit www.EMC.com/RSA.
Blue Coat empowers enterprises to safely and securely choose the best applications, services, devices, data sources, and content the world has to offer, so they can create, communicate, collaborate, innovate, execute, compete and win in their markets. Blue Coat has a long history of protecting organizations, their data and their employees and is the trusted brand to 15,000 customers worldwide, including 86 percent of the FORTUNE Global 500. With a robust portfolio of intellectual property anchored by more than 200 patents and patents pending, the company continues to drive innovations that assure business continuity, agility and governance. For more information, visit us at www.bluecoat.com.
Security breaches mean lost IP, compromised customer information and confidence, and valuation impact. The increased scrutiny on security is being driven by evolving trends of mobility, cloud computing, and advanced targeted attacks. A major consideration is also the change in what defines a network, which includes data centers, endpoints, virtual and mobile.
Cisco (NASDAQ: CSCO) is the worldwide leader in IT that helps companies seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected. Cisco provides one of the industry’s most comprehensive advanced threat protection portfolios, as well as a broad set of enforcement and remediation options that are integrated, pervasive, continuous, and open. This threat-centric security model lets defenders address the full attack continuum — before, during, and after an attack.
As a proud sponsor of Black Hat, Cisco is committed to providing its customers with the research and the solutions that help them achieve unmatched visibility, consistent control, and a reduction in complexity. Our threat and security experts will be in booth 611 showcasing its advanced threat protection portfolio of solutions and services that is integrated, pervasive, continuous, and open.
For more information, visit www.cisco.com/go/security.
FireEye protects the most valuable assets in the world from those who have them in their sights. Our combination of technology, intelligence, and expertise combined with the most aggressive “boots on the ground” helps eliminate the impact of security breaches. We find and stop attackers at every stage of an incursion. With FireEye, you’ll detect attacks as they happen. You’ll understand the risk these attacks pose to your most valued assets. And you’ll have the resources to quickly respond and resolve security incidents. The FireEye Global Defense Community includes more than 2,200 customers across more than 60 countries, including more than 130 companies in the Fortune 500.
Today’s organizations are facing the most aggressive threat environment in the history of information technology. Emerging computing trends have greatly increased productivity and business agility but at the same time, have introduced a host of new risks. HP’s approach to security disrupts the life cycle of an attack with prevention and real-time threat detection, from the application layer to the hardware and software interface. HP’s Enterprise Security offerings enable organizations to take a comprehensive approach to security, delivering actionable security intelligence and expertise while providing insight into the future of security and the most critical threats facing organizations.
More information www.hpenterprisesecurity.com
Juniper Networks, Junos WebApp Secure is a Web Intrusion Deception system that does not generate false positives because it uses deceptive tar traps to detect attackers with absolute certainty. Junos WebApp Secure inserts detection points into the code and creates a random and variable minefield all over the Web application. These detection points allow you to detect attackers during the reconnaissance phase of the attack, before they have successfully established an attack vector. Attackers are detected when they manipulate the tar traps inserted into the code. And because attackers are manipulating code that has nothing to do with your website or Web application, you can be absolutely certain that it is a malicious action—with no chance of a false positive.
IT security professionals know that false positives diminish the effectiveness of any security program. By using this certainty-based approach, Junos WebApp Secure solves this problem for Web attacks. Furthermore, this product works out-of-the-box and improves your Web application security. There are no rules to write, no signatures to update, no learning modes to monitor, and no log files to review—just attackers to prevent.
For More information, please visit www.juniper.net
Lieberman Software Corporation provides privileged identity management and security management solutions to more than 1,200 customers worldwide, including half of the US Fortune 50. By automatically discovering and managing privileged accounts that appear whenever enterprises deploy and change IT resources, the company's products help secure access to sensitive systems and data. The company's multi-faceted, agentless software can reliably track privileged accounts on dynamic networks and change service and process account credentials by auto-discovering complex account interdependencies. With this technology, Lieberman Software enables organizations to fully automate labor-intensive, error-prone IT administrative tasks without the need for ongoing customization and professional services.
To learn more about our tools and solutions stop by our booth for a hands-on demo or visit our website at www.liebsoft.com.
Palo Alto Networks is leading a new era in security by protecting thousands of enterprise, government, and service provider networks from cyber threats. Because of our deep expertise, steadfast commitment to innovation and game-changing security platform, more than 16,000 customers have chosen Palo Alto Networks and this number grows every day. Our platform natively brings together all key network security functions, including firewall, URL filtering, IDS/IPS, and advanced threat protection. Because these functions are purposely built into the platform from the ground up and they natively share important information across the respective disciplines, we ensure better security than legacy products. As a result, organizations can safely enable the use of all applications critical to running their business, maintain complete visibility and control, confidently pursue new technology initiatives like cloud, SDN and mobility, and protect the organization from the most basic to sophisticated cyber attacks – known and unknown.
Verizon Enterprise Solutions creates global connections that generate growth, drive business innovation and move society forward. With industry-specific solutions and a full range of global wholesale offerings provided over the company's secure mobility, cloud, strategic networking and advanced communications platforms, Verizon Enterprise Solutions helps open new opportunities around the world for innovation, investment and business transformation. Visit verizonenterprise.com to learn more.
Company URL: www.verizonenterprise.com
Accuvant is a leading provider of information security services and solutions serving enterprise-class organizations across North America. The company offers a full suite of service capabilities to help businesses, governments and educational institutions define their security strategies, identify and remediate threats and risks, select and deploy the right technology and achieve operational readiness to protect their organizations from malicious attack. Headquartered in Denver, Colorado, Accuvant has offices across the United States and Canada. Founded in 2002, Accuvant has been named to the Inc. 500|5000 list of fastest growing companies for the last seven consecutive years. For more information about Accuvant, visit Accuvant’s website at www.accuvant.com.
AlienVault™ is the champion of mid-size organizations that lack sufficient staff, security expertise, technology or budget to defend against modern threats. Our Unified Security Management™ (USM) platform provides all of the essential security controls required for complete security visibility, and is designed to enable any IT or security practitioner to benefit from results on day one. Powered by the latest AlienVault Labs Threat Intelligence and the Open Threat Exchange™—the world’s largest crowd-sourced threat intelligence exchange—AlienVault USM delivers a unified, simple and affordable solution for threat detection and compliance management. For more information visit www.AlienVault.com or follow us on Twitter @alienvault.
Core Security provides the industry’s first comprehensive attack intelligence platform. With Core Security, enterprises and security professionals can focus on the most likely threats to their critical business assets by modeling, simulating and testing what an actual attacker would do. Core Security helps more than 1,400 customers worldwide identify the most vulnerable areas of their IT environments to improve the effectiveness of remediation efforts and ultimately secure the business. Our patented, proven, award-winning enterprise products and solutions are backed by more than 15 years of applied expertise from Core Labs research and Core Security Consulting Services.
IBM’s security portfolio provides the security intelligence to help organizations holistically protect their people, data, applications and infrastructure. IBM offers solutions for identity and access management, security information and event management, database security, application development, risk management, endpoint management, next-generation intrusion protection and more. IBM operates one of the world’s broadest security research and development, and delivery organizations. IBM monitors 15 billion security events per day in more than 130 countries and holds more than 3,000 security patents. For more information, please visit www.ibm.com/security, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence at www.securityintelligence.com.
LogRhythm is the largest and fastest growing independent security intelligence company in the world. The company’s patented and award-winning Security Intelligence Platform, unifying SIEM, log management, file integrity monitoring, network forensics and host forensics, empowers organizations around the globe to detect and respond to breaches and the most sophisticated cyber threats of today, faster and with greater accuracy than ever before. LogRhythm also provides unparalleled compliance automation and assurance as well as IT predictive intelligence to Global 2000 organizations, government agencies and mid-sized businesses worldwide.
LogRhythm is positioned as a Leader in the 2013 SIEM Magic Quadrant, as a Global Market Penetration leader in Frost & Sullivan’s SIEM/log management report, and listed as a “Champion” in Info-Tech Research’s 2012 SIEM Landscape Report. LogRhythm also earned a perfect, 5-star rating in the 2014 SC Magazine SIEM group test for the sixth consecutive year. Additional awards have included Computing Security’s Bench Tested Solution of the Year, SC Labs’ “Recommended” 5-star designation twice, SC Magazine’s Innovator of the Year Award, Readers Trust Award for “Best SIEM” solution and “BEST BUY” designation for Digital Forensics. LogRhythm is headquartered in Boulder, Colorado with operations in North and South America, Europe and the Asia Pacific region. For more information, visit www.logrhythm.com.
Tenable Network Security protects companies from disruption and theft from cyber attacks, malicious insiders and misconfigured systems. We do this by providing security teams with a commanding view of enterprise IT security risk so they can instantly identify assets at risk, under attack or already compromised. Our solutions protect your current and next-generation network assets, including mobile, cloud and software defined infrastructure. Our unique underlying technology integrates vulnerability, compliance and threat intelligence across 100% of IT infrastructure, 100% of the time.
Tenable has been revolutionizing how organizations protect networks since 2002 when two founders combined break-through thinking: Ron Gula who invented Dragon, the first commercial Intrusion Detection System, and Renaud Deraison, who invented the most widely used vulnerability scanner: Nessus. Marcus Ranum brought his expertise as a world-renowned expert on security system design and implementation to the company when he joined as Chief Security Officer in 2004.
Imperva, pioneering the third pillar of enterprise security, fills the gaps in endpoint and network security by directly protecting high-value applications and data assets in physical and virtual data centers. With an integrated security platform built specifically for modern threats, Imperva data center security provides the visibility and control needed to neutralize attack, theft, and fraud from inside and outside to mitigate risk; and to streamline compliance. Over 2,700 customers in more than 75 countries rely on our SecureSphere® platform to safeguard their business. Imperva is headquartered in Redwood Shores, California. Learn more: www.imperva.com
Lookingglass Cyber Solutions is the world leader in threat intelligence management combining global network situational awareness with automated Internet intelligence to support threat, security and risk operations. Lookingglass enables security professionals to navigate, investigate, analyze and research relevant, context-enriched threat information through a single platform. The Lookingglass Scout platform provides aggregated access to Lookingglass’ industry-leading, extensive and diverse threat sources alerting organizations to impending risk. The Scout platform drives effectiveness and efficiency by replacing the manual process of management threat intelligence for enterprise and mid-sized organizations. For more information, visit www.LGScout.com
Whether the threat lurks within the organization or penetrates the organization from some unknown realm of cyberspace, Raytheon’s portfolio of commercial-off-the-shelf cyber security solutions ensure the security of your most critical cyber assets. Founded on deep knowledge of cyber security stemming from the U.S. Department of Defense and the Intelligence Community, Raytheon’s cyber products address a variety of cyber challenges including insider threat, secure information sharing, data loss prevention, and data analysis. With over 20 years of collective experience in delivering the highest caliber security solutions, customers trust Raytheon to deliver solutions that are innovative, flexible, and scalable, meeting their security needs today and in the future. The company has over 300 employees with headquarters in Herndon, Virginia. For more information, visit http://www.raytheon.com/cyberproducts.
Tripwire is a leading global provider of risk-based security and compliance management solutions, enabling enterprises, government agencies and service providers to effectively connect security to their business. Tripwire provides the broadest set of foundational security controls including security configuration management, vulnerability management, file integrity monitoring, log and event management. Tripwire solutions deliver unprecedented visibility, business context and security business intelligence allowing extended enterprises to protect sensitive data from breaches, vulnerabilities, and threats. Learn more at www.tripwire.com, get security news, trends and insights at http://www.tripwire.com/state-of-security/ or follow us on Twitter @TripwireInc.
Trustwave is a leading provider of compliance, Web, application, network and data security solutions delivered through the cloud, managed security services, software and appliances. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its TrustKeeper® portal and other proprietary security solutions. Trustwave has helped hundreds of thousands of organizations--ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers--manage compliance and secure their network infrastructures, data communications and critical information assets.
SpiderLabs is the elite security team at Trustwave, offering clients the most advanced information security expertise available today. The SpiderLabs team has performed more than 1,500 computer incident response and forensic investigations globally and has run over 12,000 penetration and application security tests for clients. Companies and organizations in more than 50 countries rely on the SpiderLabs team's technical expertise to identify and anticipate cyber security attacks before they happen. In a rapidly evolving threat environment, SpiderLabs has the extensive field experience to asses threat levels, anticipate weaknesses, investigate breaches, and fortify environments against attacks.
Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia.
For more information, visit www.trustwave.com
Websense, Inc. (NASDAQ: WBSN) is a global leader in protecting organizations from the latest cyber attacks and data theft. Websense TRITON comprehensive security solutions unify web security, email security, mobile security and data loss prevention (DLP) at the lowest total cost of ownership. Tens of thousands of enterprises rely on Websense TRITON security intelligence to stop advanced persistent threats, targeted attacks and evolving malware. Websense prevents data breaches, intellectual property theft and enforces security compliance and best practices. A global network of channel partners distributes scalable, unified appliance- and cloud-based Websense TRITON solutions.
Websense TRITON stops more threats, visit www.websense.com/proveit to see proof. To access the latest Websense security insights and connect through social media, please visit www.social.websense.com. For more information, visit www.websense.com and www.websense.com/triton.
CrowdStrike is a global provider of security technology and services focused on identifying advanced threats and targeted attacks. Using big-data technologies, CrowdStrike’s next-generation threat protection platform leverages real-time Stateful Execution Inspection (SEI) at the endpoint and Machine Learning in the cloud instead of solely focusing on malware signatures, indicators of compromise, exploits, and vulnerabilities. The CrowdStrike Falcon Platform is a combination of big data technologies and endpoint security driven by advanced threat intelligence. CrowdStrike Falcon enables enterprises to identify unknown malware, detect zero-day threats, pinpoint advanced adversaries and attribution, and prevent damage from targeted attacks in real time.
Digital Guardian by Verdasys
At Verdasys, we believe in data. We know your data represents your company’s most valuable assets. The sum total of customer knowledge, business innovation, future plans and growth potential. We also know that in today’s threat environment, your data must be secured. And we believe Digital Guardian is the catalyst to secure it.
The Digital Guardian platform was built from the ground up to live at the kernel level of device operating systems. It has evolved into the most technologically advanced and widely applied endpoint agent for data and IP protection. Only Digital Guardian stops data theft by protecting you from skilled insiders and persistent and advanced outsider threats. Real-time prompts, guidance and policy-driven controls make your once-vulnerable data secure at the endpoint. Tight integration with your network-based appliances also enables instant threat response and remediation to radically improve your security posture. Where next-gen network and antivirus technologies falter, Digital Guardian succeeds.
The Digital Guardian platform from Verdasys can radically improve your organization’s data security posture. No matter how the threat landscape evolves, your data, your people and your enterprise will be more secure with Digital Guardian.
Druva provides integrated data protection and governance solutions for enterprise laptops, PCs, smartphones and tablets. Its flagship product, inSync, empowers an enterprise's mobile workforce and IT teams with backup, IT-managed file sharing, data loss prevention, and analytics. InSync is the only solution that integrates endpoint backup, file sync across all user endpoints, remote file access, data loss prevention, IT-managed file sharing, and analytics for data governance. This strategy – spanning any mix of BYOD or corporate-owned desktops, laptops, tablets and smartphones – reduces IT overhead as well as bandwidth and storage requirements through global data deduplication. Druva has over 3,000 customers and protects 2 million endpoints across 76 countries. With offices in the U.S., India, United Kingdom, and Singapore. Druva is privately held and is backed by Nexus Venture Partners, Sequoia Capital and Tenaya Capital. Visit us at Booth #1135 to learn more about protecting your data in the wild. For more information, visit www.druva.com, follow @druvainc and #datainthewild on Twitter and visit our blog at http://druva.com/blog.
Dell SecureWorks uses cyber threat intelligence to provide predictive, continuous and responsive protection for thousands of organizations worldwide. Enriched by intelligence from our Counter Threat Unit research team, Dell SecureWorks’ Information Security Services help organizations predict threats, proactively fortify defenses, continuously detect and stop cyber-attacks, and recover faster from security breaches. We help organizations do this through "Over-the-horizon” intelligence on cyber threats and their tradecraft, insightful assessment and guidance based on real-world threat activity, intelligent protection and monitoring across IT environments 24x7x365, surgical response to attacks, armed with threat context and intelligence.
Dell SecureWorks understands the totality of the global cyber threat landscape, which is virtually impossible for any organization to achieve on its own. Our Counter Threat Unit collects, correlates and analyzes billions of data points sourced from customers worldwide, “in-the-wild” investigations and strategic relationships within the security community, Our world-renown researchers use the data to relentlessly hunt for and track down threat actors and their tradecraft. They use their findings to develop distinct countermeasures and provide deep context for mission-critical security decisions. This intelligence informs our Managed Security, Consulting and Incident Response services to help customers close the gap between their defenses and the latest cyber threats.
Dell® SonicWALL® provides intelligent network security and data protection solutions that enable customers and partners to dynamically secure, control, and scale their global networks. Securing any organization with multi-threat scanning based on global input at wire speed, Dell SonicWALL is recognized as an industry leader by Gartner and NSS Labs. Dell SonicWALL solutions are dynamically updated with current threat protection. Reassembly-Free Deep Packet Inspection® and multi-core parallel architecture assure optimal performance. Dell SonicWALL delivers firewall, secure remote access/SSL VPN, anti-spam/email security, and continuous backup and recovery, plus centralized management and reporting, and 24x7 technical support for SMB through Enterprise environments.
FireMon is the industry leader in proactive security intelligence solutions for large organizations that deliver continuous control of infrastructure, policy and IT risk. The FireMon Security Intelligence Platform is a massively scalable, high-performance foundation for network risk detection, change workflow automation, firewall rule base clean-up, compliance audit assessment and security operations cost reduction. For more information, visit http://www.firemon.com
General Dynamics Fidelis Cybersecurity Solutions provides organizations with a robust, comprehensive portfolio of products, services, and expertise to combat today's sophisticated advanced threats and prevent data breaches. Our commercial enterprise and government customers around the globe can face advanced threats with confidence through use of our Network Defense and Forensics Services, delivered by an elite team of security professionals with decades of hands-on experience, and our award-winning Fidelis XPS™ Advanced Threat Defense Products , which provide visibility and control over the entire threat life cycle.
Guidance Software is transforming enterprise security to proactively address the evolving threat landscape through endpoint intelligence products that leverage our market-leading digital investigations platform. We help customers find and eradicate threats that evade signature-based systems, dramatically reduce security costs and time-to-remediation, and help mitigate today’s information-security and legal risks.
EnCase® products are used by numerous government agencies worldwide, more than 65 of the Fortune 100, and more than 40 percent of the Fortune 500. Built on the EnCase® Enterprise platform are market-leading security and e-discovery solutions, EnCase® Analytics, EnCase® Cybersecurity, and EnCase® eDiscovery. For more information, visit www.encase.com.
iboss Network Security is a leading provider of innovative Web Security, Mobile Security and Advanced Threat & Data Protection Solutions. Backed by cutting edge technology built for Web 2.0 and beyond, iboss’ stream-based approach delivers unparalleled visibility across all inbound/outbound data channels and port evasive applications. With best in class SSL decryption, integrated BYOD controls, proprietary MDM and built in bandwidth management, iboss delivers the most scalable solution for today’s complex borderless networks. Leveraging leading threat protection and unsurpassed usability, iboss is trusted by millions of users worldwide. Visit www.iboss.com
Mandiant is the information security industry's leading provider of advanced threat detection and incident response solutions and services. Mandiant provides products, professional services and education to Fortune 500 companies, financial institutions, government agencies, domestic and foreign police departments and leading U.S. law firms. www.mandiant.com/
ManTech Cyber Solutions International (MCSI) provides Enterprise Incident Response and Threat Intelligence products and services to enable organizations to automate their security processes for consistent, repeatable and auditable results. With automated workflows, seamless data integration, on-demand collaboration and behavioral analysis to detect zero-days and other unknown malware, MCSI solutions span the full lifecycle of incident response and cyber threat intelligence. Our customers include large and small commercial enterprises and government agencies globally across all market segments. MCSI is a subsidiary of ManTech International Corporation. Contact us at mcsi.mantech.com.
For more than 30 years, Parsons has quietly worked behind the scenes delivering cyber security services that protect our nation’s most sensitive information and critical infrastructure. Our commercial and federal cyber security services span specialty research and product development, consultation, cyber risk and vulnerability assessments, cyber architecture roadmaps, and technology program management. Parsons’ defensive security measures constantly monitor and protect against breach, fraud, theft, and sabotage. Our proactive countermeasures identify threats and methods used by our nation’s most sophisticated cyber enemies. Parsons is a private company with its world headquarters in Pasadena, CA. For more information, please visit www.parsons.com.
Rapid7's IT security solutions deliver visibility and insight that help you make informed decisions, create credible action plans, and monitor progress. They simplify risk management by uniquely combining contextual threat analysis with fast, comprehensive data collection across your users, assets, services and networks, whether on premise, mobile or cloud-based. Rapid7's simple and innovative solutions are used by more than 2,500 enterprises and government agencies in more than 65 countries, while the Company's free products are downloaded more than one million times per year and enhanced by more than 200,000 members of its open source security community. Rapid7 has been recognized as one of the fastest growing security companies by Inc. Magazine and as a "Top Place to Work" by the Boston Globe. Its products are top rated by Gartner and SC Magazine.
For more information, please visit www.rapid7.com
Symantec Corporation (NASDAQ: SYMC) is an information protection expert that helps people, businesses and governments seeking the freedom to unlock the opportunities technology brings – anytime, anywhere. Founded in April 1982, Symantec, a Fortune 500 company, operating one of the largest global data-intelligence networks, has provided leading security, backup and availability solutions for where vital information is stored, accessed and shared. The company’s more than 21,500 employees reside in more than 50 countries. Ninety-nine percent of Fortune 500 companies are Symantec customers. In fiscal 2013, it recorded revenues of $6.9 billion. To learn more go to www.symantec.com or connect with Symantec at: go.symantec.com/socialmedia.
ThreatTrack Security specializes in helping organizations identify and stop Advanced Persistent Threats (APTs), targeted attacks and other sophisticated malware designed to evade the traditional cyber-defenses deployed by enterprises and government agencies around the world. The company develops advanced cybersecurity solutions that Expose, Analyze and Eliminate the latest malicious threats, including its ThreatSecure advanced threat detection and remediation platform, ThreatAnalyzer malware behavioral analysis sandbox, ThreatIQ real-time threat intelligence service, and VIPRE business antivirus endpoint protection. Learn more at www.ThreatTrackSecurity.com
Headquartered in Santa Clara, California, WhiteHat Security is the leading provider of website risk management solutions that protect critical data, ensure compliance and narrow the window of risk. WhiteHat Sentinel, the company's flagship product family, is the most accurate, complete and cost-effective website vulnerability management solution available. It delivers the flexibility, simplicity and manageability that organizations need to take control of website security and prevent Web attacks. Furthermore, WhiteHat Sentinel enables automated mitigation of website vulnerabilities via integration with Web application firewalls and Snort-based intrusion prevention systems.
About A10 Networks Inc.
A10 Networks is a leader in application networking, providing a range of high-performance application networking solutions that help organizations ensure that their data center applications and networks remain highly available, accelerated and secure. Founded in 2004, A10 Networks is based in San Jose, California, and serves customers globally with offices worldwide. For more information, visit: www.a10networks.com.
AccessData Group makes the world’s most advanced and intuitive incident resolution solutions. AccessData technology delivers real-time insight, analysis, response and resolution of data incidents, including cyber threats, insider threats, mobile and BYOD risk, GRC (Governance Risk & Compliance) and eDiscovery events. Over 130,000 users in corporations, law enforcement, government agencies, and law firms around the world rely on AccessData software to protect them against the risks present in today’s environment of continuous compromise. http://www.accessdata.com.
Adallom is a SaaS security company (Gartner calls us a Cloud Access Security Broker). Founded in 2012 by Israeli Intelligence alumni, we’re focused on evolving the way companies secure information in the cloud by monitoring all activity, detecting unauthorized access, and protecting data in real time. We started our company based on a simple problem statement: SaaS is safe, but its usage isn’t. Our solution extends the boundaries of enterprise security into the cloud. We moved control, visibility, and protection directly into SaaS, away from devices and perimeters, with nothing to install in the datacenter or on the endpoint. In Hebrew, "Adallom" means "the last line of defense." In the world of SaaS - we believe that pre-existing defense mechanisms are utterly ineffective at protecting information in SaaS, and SaaS providers don’t provide sufficient visibility, control, and protection – Adallom is your company’s last line of defense.
Akamai® is the leading provider of cloud services for delivering, optimizing and securing online content and business applications. At the core of the Company’s solutions is the Akamai Intelligent Platform™ providing extensive reach, coupled with unmatched reliability, security, visibility and expertise. Akamai removes the complexities of connecting the increasingly mobile world, supporting 24/7 consumer demand, and enabling enterprises to securely leverage the cloud. To learn more about how Akamai is accelerating the pace of innovation in a hyperconnected world, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.
From the enterprise perimeter to the service provider core, the world’s leading network operators rely on Arbor Networks to proactively fend off malicious threats such as botnets, malware and distributed denial of service (DDoS) attacks, while strengthening the availability and quality of their services. Through its unparalleled, privileged relationships with worldwide service providers and global network operators, Arbor provides unequalled insight into and perspective on Internet security and traffic trends via ATLAS ®, a unique partnership with 270+ network operators across the globe who share an amazing 42Tbps of network traffic. This unique view gives Arbor customers a considerable competitive advantage because of the powerful combination of the micro view of their own network together with the macro view of global Internet traffic. With this unique vantage point, Arbor is ideally positioned to deliver intelligence about malware, exploits, phishing and botnets that threaten Internet infrastructure and services.
Authentify delivers user-centric multi-factor authentication services, SaaS, employing smart phones, tablets, laptops or "just" plain old telephones for out-of-band authentication. An Enterprise may choose multiple authentication factors including soft-token, digital certificates, voice biometrics, shared secrets and others minus the overhead associated with MFA. Broad support for all types of telephone technology ensures authentication workflows in which no end user is left behind.
To learn more about how Authentify is defending against cybercrime, please visit www.authentify.com, and follow @Authentify on Twitter.
BeyondTrust provides context-aware Privileged Account Management and Vulnerability Management software solutions that deliver the visibility necessary to reduce IT security risks and simplify compliance reporting. We empower organizations to not only mitigate user-based risks arising from misuse of system or device privileges, but also identify and remediate asset vulnerabilities targeted by cyber attacks. As a result, our customers are able to address both internal and external threats, while making every device - physical, virtual, mobile and cloud - as secure as possible. BeyondTrust solutions are unified under the BeyondInsight IT Risk Management Platform, which provides IT and security teams a single, contextual lens through which to view user and asset risk. This clear, consolidated risk profile enables proactive, joint decision-making while ensuring that daily operations are guided by common goals for risk reduction. To learn more, visit www.beyondtrust.com
Bit9 + Carbon Black offers the most complete solution against the advanced threats that target your endpoints and servers, making it easier for you to see—and immediately stop—those threats.
Carbon Black’s lightweight endpoint sensor, which enables detection and response in seconds, combined with Bit9’s industry-leading prevention technology, delivers:
Thousands of organizations use Bit9 + Carbon Black to increase security, reduce operational costs and improve compliance. Leading MSSPs and IR companies have made Bit9 + Carbon Black a core component of their detection and response services. With Bit9 + Carbon Black, you can arm your endpoints against advanced threats.
Bromium has pioneered new endpoint security technologies that protect enterprises from advanced threats. Rather than relying on detection to prevent attacks, Bromium leverages hardware-enforced isolation to protect endpoints from even “undetectable” threats, while providing actionable intelligence on malware behavior - enabling IT to understand attack intents and bolster existing defenses.
Checkmarx is the developer of next generation Static Code Analysis (SCA) solutions.
The company pioneered the concept of a query language-based solution for identifying technical and logical code vulnerabilities.
Checkmarx provides the best way for organizations to introduce security into their Software Development Lifecycle (SDLC) which systematically eliminates software risk.
The product enables developers and auditors to easily scan un-compiled / un-built code in all major coding languages and identify its security vulnerabilities. With Checkmarx's CxSuite, auditors and developers have immediate access to the code analysis results and remediation advice. We provide user friendly, high productivity, flexible and accurate risk intelligence platform that ensures your application remains hacker-proof.
Checkmarx's customers include hundreds of Fortune 500, government and SMB organizations in over 30 countries. Checkmarx has been Ranked 69th Fastest Growing Tech Company in EMEA and announced “Best Product in Application Security 2014” by Cyber Defense Magazine.
Check Point Software Technologies Ltd. (www.checkpoint.com), the worldwide leader in securing the Internet, provides customers with uncompromised protection against all types of threats, reduces security complexity and lowers total cost of ownership. Today, Check Point continues to develop new innovations based on the Software Blade Architecture, providing customers with flexible and simple solutions that can be fully customized to meet the exact security needs of any organization. Check Point is the only vendor to go beyond technology and define security as a business process. Check Point 3D Security uniquely combines policy, people and enforcement for greater protection of information assets and helps organizations implement a blueprint for security that aligns with business needs. Customers include tens of thousands of organizations of all sizes, including all Fortune and Global 100 companies. Check Point's award-winning ZoneAlarm solutions protect millions of consumers from hackers, spyware and identity theft.
Code 42 Software is the creator of CrashPlan, CrashPlan PRO and CrashPlan PROe, award-winning onsite, offsite and cloud backup solutions for consumers and businesses. Established in 2001 as a software development company specializing in enterprise solutions, Code 42 continues to deliver high-performance, easy-to-use hardware and software that protect the world’s data. CrashPlan PROe provides people-friendly, enterprise-tough and secure backup. Engineered with laptops in mind, PROe is continuous backup that won't slow you down and its self-service restores free up IT. PROe is an end-to-end data security solution that automatically encrypts on the source device and remains encrypted during transit and storage. Additionally, PROs's cross-platform backup lets you back up everyone, everywhere. For more information, visit www.crashplanproe.com.
CyberArk is the only security company focused on eliminating the most advanced cyber threats; those that use insider privileges to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. The company is trusted by the world’s leading companies – including 40 of the Fortune 100 – to protect their highest value information assets, infrastructure and applications. CyberArk is a vital security partner to more than 1,400 global businesses, including 17 of the world’s top 20 banks. Headquartered in Newton, MA, CyberArk also has offices throughout EMEA and Asia-Pacific. To learn more about CyberArk, visit www.cyberark.com, read the company blog, http://www.cyberark.com/blog/, follow on Twitter @CyberArk or Facebook at https://www.facebook.com/CyberArk.
Emulex, a leader in network connectivity, monitoring and management, provides hardware and software solutions enabling unrivaled end-to-end application visibility, optimization and acceleration for global networks that support enterprise, cloud, government and telecommunications. The Endace division of Emulex provides network visibility products that deliver complete network performance management at speeds up to 100Gb Ethernet. Visit www.Emulex.com.
ESET® is on the forefront of proactive endpoint protection, delivering trusted security solutions to make the Internet safer for businesses and consumers. For over 25 years, ESET has led the industry in proactive threat detection and its award-winning NOD32® Antivirus technology has detected 100% of the WildList Organization “In-the-Wild” malware samples since testing began in 1998. ESET recently received its 78th VB100 award and consistently earns high ratings from AV-Comparatives, Virus Bulletin, AV-TEST and other independent testing organizations. ESET NOD32 Antivirus, ESET Smart Security®, ESET Endpoint Solutions, ESET Mobile Security and ESET Cyber Security (solution for Mac®) are trusted by millions of users and are among the most recommended security solutions in the world. IDC has recognized ESET as a top five corporate anti-malware provider.
F5 provides solutions for an application world. F5 helps organizations seamlessly scale cloud, data center, and software defined networking (SDN) deployments to successfully deliver applications to anyone, anywhere, at any time. F5 solutions broaden the reach of IT through an open, extensible framework and a rich partner ecosystem of leading technology and data center orchestration vendors. This approach lets customers pursue the infrastructure model that best fits their needs over time. The world’s largest businesses, service providers, government entities, and consumer brands rely on F5 to stay ahead of cloud, security, and mobility trends. For more information, go to www.f5.com
Foreground Security is a dedicated cyber security company providing security engineering, assessment, customized security training, and advanced incident response and forensics services. Our Virtual SOC (V-SOC) service allows clients to outsource the monitoring and management of their current security products while keeping all data inside their boundaries. Our patent-pending Automated Threat Intelligence Platform (ATIP) automates threat identification in real time so we can focus our efforts on diagnosis and remediation. At one client, our innovations resulted in a 300% increase in incident detection rates.
Foreground helps organizations align information security with key business objectives. Our experienced professionals hold CISSP, CCSP, CISM, CEH, CHFI, and many other certifications and our penetration testers have identified over 100 zero day vulnerabilities within the last 12 months. We provide our more than 100 government and commercial clients with the proven expertise and real-world implementation experience required to protect against today’s leading threats.
ForeScout delivers pervasive network security by allowing organizations to continuously monitor and mitigate security exposures and cyberattacks. The company's CounterACT platform dynamically identifies and assesses all network users, endpoints and applications to provide complete visibility, intelligence and policy-based mitigation of security issues. ForeScout’s open ControlFabric technology allows a broad range of IT security products and management systems to share information and automate remediation actions. Because ForeScout’s solutions are easy to deploy, unobtrusive, flexible and scalable, they’ve been chosen by over 1,500 enterprises and government agencies. Headquartered in Campbell, California, ForeScout offers its solutions through its network of authorized partners worldwide.
Fortinet, a global provider of IT security, delivers customer-proven solutions providing organizations with the power to protect and control their IT infrastructure. Our customers rely on our purpose-built technologies, integrated solution architecture, and global security intelligence to block external threats and gain precise control of their network, data, and users. With 190,000+ customers in every industry around the world, Fortinet has the broad base of experience necessary to help secure diverse networks, and improve network and business performance.
Fortinet is a 100% security focused company, and was created with an integrated security vision to increase protection and control, while optimizing performance, simplifying management and reducing costs. The company pioneered an innovative, high performance multithread network security platform to address the fundamental problems of ever-evolving, sophisticated multi-vector IT threat landscape. Fortinet has pursued that vision for the last 14 years by continuing to innovate and enrich its solution portfolio.
Gigamon® provides an intelligent Visibility Fabric™ architecture to enable the management of increasingly complex networks. Gigamon technology empowers infrastructure architects, managers and operators with pervasive visibility and control of traffic across both physical and virtual environments without affecting the performance or stability of the production network. Through patented technologies, centralized management and a portfolio of high availability and high-density fabric nodes, network traffic is intelligently delivered to management, monitoring and security systems. Gigamon solutions have been deployed globally across enterprise, data centers and service providers, including over half of the Fortune 100 and many government and federal agencies.
Hexis Cyber Solutions, Inc., a wholly-owned subsidiary of The KEYW Holding Corporation (NASDAQ: KEYW) based in Hanover, Maryland, provides complete cybersecurity solutions for commercial companies, and government agencies. Our mission is to ensure that business IT infrastructure is equipped with tools and capabilities to detect, engage, and remove both external and internal cyber threats at machine-speed. Cyber terrorists, organized crime, and foreign governments focus tremendous effort on commercial, government, and military interests as their prime targets. Hexis’ HawkEye family of products offer active, multi-disciplined approaches to achieve a higher standard of cybersecurity that is based on our expertise supporting advanced cybersecurity missions. Hexis is the first to offer full spectrum remediation bringing automated malware removal to the commercial marketplace, ensuring you operate at your maximum potential. For more information contact Hexis Cyber Solutions, 7740 Milestone Parkway, Suite 400, Hanover, Maryland 21076; Phone 443-733-1900; Fax 443-733-1901; E-mail info@hexiscyber.com; Web at www.hexiscyber.com.
Cybersecurity Nexus (CSX)TM is a new security knowledge platform from ISACA® that is shaping the cybersecurity profession through cutting-edge thought leadership, training, certification and career development programs that will guide and resource current and future cybersecurity professionals at every level.
The comprehensive set of resources that CSX offers affirms ISACA’s solid commitment to do for cybersecurity professionals what it has done—and will continue to do—for audit, control and governance professionals over the past 45 years.
ISACA helps business and IT leaders build trust in, and value from, information and information systems. The global association is the trusted source of knowledge, standards, networking, and career development for 115,000 constituents in 180 countries. ISACA offers extraordinary resources across the information systems and information technology disciplines it serves, and cybersecurity will be no exception to this.
For more information, please visit www.isaca.org and www.isaca.org/cyber
Ixia develops amazing products so its customers can connect the world. Ixia helps its customers provide an always-on user experience through fast, secure delivery of dynamic, connected technologies and services. Through actionable insights that accelerate and secure application and service delivery, Ixia's customers benefit from faster time to market, optimized application performance and higher-quality deployments. Learn more at http://www.ixiacom.com.
McAfee is now a part of Intel Security, combining the experience and expertise of McAfee with the innovation, trust, and performance of Intel to deliver secure computing so consumers and businesses around the globe will have the confidence to use technology to its – and their – fullest potential. http://www.intelsecuritygroup.com/
RedSeal Networks is the leading provider of risk based security management solutions for cyber attack prevention. The RedSeal Platform delivers the industry’s most powerful network security insights, enabling enterprises to continuously audit and monitor IT compliance. Using patented network visualization and predictive threat modeling, RedSeal eliminates network security dark space by providing the most complete picture of access risk. Backed by Venrock, OVP, Sutter Hill, JAFCO, Leapfrog and IN-Q-Tel, RedSeal is used by the world’s largest government and commercial organizations to dramatically cut compliance costs, prioritize vulnerability remediation efforts and reduce IT security risk profiles. For more information, visit www.redsealnetworks.com
Securonix is working to radically transform all areas of data security with actionable security intelligence. Our purpose-built advanced security analytics technology mines, enriches, analyzes, scores and visualizes customer data into actionable intelligence on the highest risk threats from within and outside their environment. Using signature-less anomaly detection techniques that track users, account, and system behavior Securonix is able to automatically and accurately detect the most advanced data security, insider threats and fraud attacks. Globally customers are using Securonix to address the most basic and complex needs around threat detection and monitoring, high privileged activity monitoring, enterprise and web fraud detection, application risk monitoring, and access risk management. For more information visit www.securonix.com.
Shape Security is a startup in Mountain View, California that has created a completely new approach to website defense. Its flagship product, the ShapeShifter, is the world’s first botwall: an advanced technology that disables the attack capability of malware, botnets, and scripts. The technology behind the botwall is “real-time polymorphism”, a technology that protects the HTML, CSS, and JavaScript by constantly refactoring it while preserving its functionality. Account takeovers, application DDoS, database scraping, fake account creation, and malware distribution all use automated means to evade even state-of-the-art security defenses today. Shape is the first technology to deflect all of those and many other currently indefensible attacks.
Shape is backed by top investors including Kleiner Perkins, Venrock, Norwest, Google Ventures, and Eric Schmidt. It is led by cybersecurity leaders from the Pentagon, Cisco, Mozilla, Oakley Networks, Palo Alto Networks, VMware, and Google.
Sophos helps organizations keep data safe and block the growing number of complex threats. We protect everywhere and offer complete security with our full range of endpoint, encryption, email, web, network security and UTM products.
We help customers protect their businesses and meet compliance needs. And all our customers benefit from the expertise of our threat analysts located around the world. Their research is at the heart of everything we do. They quickly find the latest threats and update protection for our customers automatically. Plus, our support engineers are experts on all our products, and they're available whenever you need them.
We make our products easy to install and use so you spend less time managing security. With Sophos you can focus on the needs of your business because we're securing your entire organization.
www.sophos.com
Splunk Inc. (NASDAQ: SPLK) provides the leading software platform for real-time Operational Intelligence. Splunk® software and cloud services enable organizations to search, monitor, analyze and visualize machine-generated big data coming from websites, applications, servers, networks, sensors and mobile devices. More than 7,400 enterprises, government agencies, universities and service providers in over 90 countries use Splunk software to deepen business and customer understanding, mitigate cybersecurity risk, prevent fraud, improve service performance and reduce costs. Splunk products include Splunk® Enterprise, Splunk Cloud™, Splunk Storm®, Hunk™: Splunk Analytics for Hadoop and premium Splunk Apps. To learn more, please visit http://www.splunk.com/company.
Founded in 1995, SSH Communications Security is the company that invented the SSH protocol - the gold standard protocol for data-in-transit security solutions. Today, over 3,000 customers across the globe, including 7 of the Fortune 10, trust our Information Assurance Platform to secure the path to their information assets. Our platform enables businesses of all types and sizes to protect their information assets by:
Veracode’s cloud-based service is a simpler and more scalable approach to reduce application-layer risk across your entire global software infrastructure -- including web, mobile and third-party applications -- without hiring more consultants or installing more servers and tools. With Veracode's smart approach to application security, you can drive your innovations to market faster -- without sacrificing security in the process.
Appthority provides the industry’s first fully automated App Risk Management service that employs static and dynamic analysis to discover the true behavior of apps and measure the total risk within minutes. Bringing trust to the app ecosystem, the company has built the largest database of analyzed public and private apps from a global network of sources. Appthority has analyzed over a million apps for its customers, allowing organizations to protect corporate privacy and mitigate risks associated with unwanted app behaviors. Appthority is the only service that assesses multiple mobile operating systems, is cloud-based and platform-agnostic. Via a standalone web portal or as an extensive network of integration partners, Appthority brings security and app risk management to existing enterprise mobility solutions like MAM and MDM.
Arxan protects the App Economy from attacks in distributed or untrusted environments with the world's strongest and most deployed application integrity protection products. Among today’s diverse computing platforms, mobile and tablet apps and packaged or embedded software are all exposed to hacking attacks such as reverse-engineering, tampering, insertion of malware/exploits, repackaging, fraud, intellectual property theft, and piracy. Arxan's unique patented Guarding technology enables sensitive or high-value applications to proactively guard their own integrity by defending, detecting, alerting, and reacting to hacking attacks through a risk-based, customized protection. Arxan’s self-defending and tamper-proof applications are deployed on more than 200 million devices by leading Fortune 500 organizations in high-tech, ISV, financial services, digital media, gaming, healthcare, and other industries. Arxan Technologies is headquartered in Bethesda, Maryland with global offices in EMEA and APAC. | www.arxan.com. Follow Arxan: @Arxan | LinkedIn |#protectyourapps
BlackBerry Security works to make BlackBerry® one of the most secure mobile platforms available. BlackBerry Security builds collaborative relationships across the industry, monitors the security threat landscape and responds rapidly to emerging incidents to provide customers with the guidance and tools they need to protect their systems and devices. For more information visit: www.blackberry.com/bbsirt or www.blackberry.com/security
Booz Allen Hamilton is a leading provider of management consulting, technology, and engineering services to the US government in defense, intelligence, and civil markets, and to major corporations, institutions, and not-for-profit organizations. Booz Allen is headquartered in McLean, Virginia, employs more than 24,000 people, and had revenue of $5.76 billion for the 12 months ended March 31, 2013. To learn more, visit www.boozallen.com. (NYSE: BAH)
Cigital is one of the world’s leading software security services and products companies. We help clients launch and mature software security initiatives, as well as design, build, and test secure software through a combination of expert consultants, security testing as-a-service offerings, and effective training built on over twenty years of cutting-edge research and successful client engagements. From Architecture Risk Analysis and Mobile App Security Assessments to Source Code Review and Penetration Testing, Cigital is uniquely qualified to help clients find and fix the security flaws and defects that make software vulnerable to being attacked and exploited.
Click Security automates the analysis of unknown threats and attacks.
Today, organizations are highly exposed to commodity, advanced, and targeted attacks due to three important trends:
Our solution runs real-time stream processing analytics against pre-computed log, network, and file/artifact data sources; automatically produces analyst start points with automated actor/event / relationship views; and provides a full attack activity framework – where analysts can interactively visualize, prune, and augment big security data. Now, security teams can rapidly identify early stage attack patterns.
With Click Security, analysts can gain true security visibility, automatically build rich context around otherwise independent and inconclusive product alerts, detect attack activity missed by traditional security products, and automate the hunt for the unknown.
Codenomicon develops security and quality testing software, which allows users to quickly find and identify both known and previously unknown flaws before business-critical products or services are deployed. Codenomicon’s unique, targeted approach of fuzz testing networked and mobile applications exposes more flaws and weaknesses than any other testing platform or methodology. Companies rely on Codenomicon's solutions to mitigate threats, like Denial of Service (DoS) situations and Zero Day Attacks, which could increase liability, damage business reputation and cripple sales. Headquartered in Finland with offices in Asia Pacific, Silicon Valley and Europe, Codenomicon is trusted worldwide for vulnerability testing and network abuse handling. For more information, visit www.codenomicon.com.
CounterTack’s real-time endpoint threat detection and response platform, Sentinel, delivers unprecedented visibility and context to enterprise security teams around targeted, persistent threats. CounterTack dramatically reduces the impact of advanced attacks, providing real-time, behavioral-based intelligence on attacker activity upon infiltration, so organizations can defend their business leveraging Sentinel’s contextual evidence for a rapid, prioritized response.
By combining ‘stealthware’ technology and Big Data analytics, CounterTack turns the tables on attackers, giving security teams and incident responders an advantage over their adversaries to make better security decisions with real-time, automated, forensic-level analysis. CounterTack is revolutionizing how companies defend their endpoints – across the enterprise.
Coverity, Inc., a Synopsys company (Nasdaq:SNPS), is a leading provider of software quality and security testing solutions. Coverity’s award-winning development testing platform helps developers create and deliver better software, faster, by automatically testing source code for software defects that could lead to product crashes, unexpected behavior, security breaches or catastrophic system failure. The world’s largest brands rely on Coverity to help ensure the quality, safety and security of their products and services. For more information, visit www.coverity.com, follow us on Twitter or check out our blog.
CSC provides global enterprise-class cybersecurity services that have evolved from over 35 years experience in some of the world's most sophisticated, disparate and challenging environments. CSC offers innovative information security programs for Managed Security Services, Compliance management, Incident Response, Identity and Access Management, Security Consulting, Application Protection, Business Continuity and Disaster Recovery. visit: http://www.csc.com/cybersecurity
CSG Invotas, an enterprise security business unit of CSG International Inc. (NASDAQ: CSGS), is focused on automated threat response capabilities built on proven carrier-grade activation technology. For more than 30 years, CSG has amassed a track record in building automated systems that solve business challenges, improve operations, preserve continuity and enhance profitability.
CSG Invotas builds on this heritage with innovative security strategies that inspire CIOs and CISOs to
think differently about secure enterprise management.
Visit us at csginvotas.com to learn more.
Cylance, Inc. is a global provider of cybersecurity products and services that is changing the way companies, governments, and end-users proactively solve the world's most difficult security problems. Cylance couples the understanding of a hacker's mentality with algorithmic intelligence and best practices to be truly predictive and preventive against advanced threats. Cylance's flagship endpoint product, CylancePROTECT™, leverages Cylance Infinity™, a non-signature, non-heuristic, and non-behavioral platform which identifies 'good' from 'bad' and blocks previously undetectable attacks by applying advanced mathematical analysis and machine learning on massive amounts of data. Powered by a global user community and an elite team of security experts, Cylance is solving very large and complex problems simply and elegantly. For more information, visit www.cylance.com.
Cyphort is innovative provider of Advanced Threat Protection solutions that deliver a complete defense against current and emerging Advanced Persistent Threats, targeted attacks and zero day vulnerabilities. The Cyphort Platform accurately detects and analyzes next generation malware, providing actionable, contextual intelligence that enables security teams to respond to attacks faster, more effectively, and in as surgical a manner as their attackers. Cyphort's software-based, distributed architecture offers a cost effective, high performance approach to detecting and protecting an organization’s virtual, physical and cloud infrastructure against sophisticated attacks. Malware detection for Windows, OSX and Linux allows businesses to extract maximum value from IT assets without compromising the security of an organization. Founded by experts in advanced threats from government intelligence agencies and premier network security companies, Cyphort is a privately held company headquartered in San Jose, California. For more information, please visit: www.cyphort.com.
Cyber Technology Services (CyTech) is a Service Disabled Veteran Owned Small Business (SDVOSB) headquartered in Manassas, Virginia. Founded on the principles of providing innovation and support to the U.S. Government, Commercial and International clients.
We leverage technology to provide maximum value of automated processing while understanding the irreplaceable human element from both a training and insight perspective. By pioneering the operational implementation of advanced technical capabilities. CyTech distinguishes itself with a corporate culture that is customer and operationally focused, built on direct experience of the highest level, from our corporate management to our most recent hires.
CyFIR Enterprise is a comprehensive network forensic investigation tool that provides cutting edge, deployable forensic solutions. CyFIR Enterprise is the ideal network investigation and Incident Response tool for performing live computer investigations across any size enterprise. CyFIR Enterprise has immense capabilities including the ability to view, acquire, search, and analyze client data within a network without detection or disruption to services using forensically sound methods that preserve evidence.
Duo Security provides cloud-based two-factor authentication to more than 4,000 organizations worldwide. In as little as fifteen minutes, Duo’s innovative and easy-to-use technology can be deployed to protect users, data, and applications from credential theft and account takeover. Try it for free at www.duosecurity.com
ERPScan is an award-winning innovative company founded in 2010, the leading SAP AG partner in discovering and solving security vulnerabilities. ERPScan is engaged in the research of ERP and business application security, particularly SAP, and the development of SAP system security monitoring, compliance, and cybercrime prevention software. Besides, the company renders consulting services for secure configuration, development, and implementation of SAP systems which are used by SAP AG and Fortune 500 companies, and conducts comprehensive assessments and penetration testing of custom solutions.
The company’s expertise is based on research conducted by the ERPScan research subdivision which is engaged in vulnerability research and analysis of critical enterprise applications and gain multiple acknowledgments from biggest software vendors like SAP, Oracle, IBM, VMware, Adobe, HP, Kaspersky, Apache, and Alcatel for finding vulnerabilities in their solutions. ERPScan experts are frequent speakers in prime international conferences held in USA, Europe, CEMEA, and Asia, such as BlackHat, RSA, HITB, and Defcon. ERPScan researchers lead project OWASP-EAS, which is focused on enterprise application security. Our flagship product is ERPScan Security Monitoring Suite for SAP: award-winning innovative software and the only solution in the market which can analyze all tiers of ERP security (continuous monitoring, standard compliance, vulnerability assessment, SoD, and source code review).
For more details, please visit erpscan.com
Esri, the leader in geospatial technology, offers innovative solutions for government and commercial organizations. Esri technology can be used to extend current physical security concepts for a better shared situational awareness of cyberspace and associated activity to better anticipate, detect, respond, and recover from cyber disruptions. Esri technology includes tools, workflows, and applications that can be implemented within an organization’s existing cybersecurity data and technology infrastructure to improve:
Esri enables organizations, using desktop, server, web, and mobile technologies to share data and services to make faster and better decisions.
Learn more about Esri at www.esri.com
FireHost offers the most secure, managed cloud IaaS available, protecting sensitive data and brand reputations of some of the largest companies in the world. With private cloud infrastructure built for security, compliance, performance and managed service, responsible businesses choose FireHost to reduce risk and improve the collection, storage and transmission of their most confidential data. FireHost’s secure, managed cloud IaaS is available in Dallas, Phoenix, London, Amsterdam and Singapore, and offers robust, geographically redundant business continuity options across all sites. Based in Dallas, FireHost is the chosen secure private cloud service provider for brands that won't compromise on the security of their payment card, healthcare, and other regulated data. www.firehost.com
Fluke Networks is the world-leading provider of network test and monitoring solutions to speed the deployment and improve the performance of networks and applications. Leading enterprises and service providers trust Fluke Networks’ products and expertise to help solve today’s toughest issues and emerging challenges in WLAN security, mobility, unified communications and datacenters.
Fluke Networks’ portfolio includes the AirMagnet Enterprise, a highly scalable, 24x7 Wi-Fi security and performance monitoring solution, that protects against every wireless threat by combining the industry’s most thorough wireless monitoring with leading research, analysis and threat remediation.
GuruCul is the leading provider of security and business intelligence solutions. GuruCul products will improve risk, threat, and compliance postures by applying a unique identity centric approach of correlating identity, activity, and access information to provide actionable data and prioritized alerts. GuruCul has developed industry's most advanced patent pending algorithms for risk profiling and analyzing trends, to detect threats and anomalous behavior. GuruCul's intelligent risk platform will help your organization efficiently protect intellectual property and effectively manage risk.
GuruCul Risk Analytics Capabilities:
Invincea is the market leader in user protection solutions, delivering advanced malware threat detection, breach prevention and forensic threat intelligence. Invincea provides enterprise and small business networks with coverage against the largest attack surface for cyber-breach— attacks aimed at end users in the form of spear phishing, drive-by download exploits, poisoned search results and user-initiated infections.
The company’s solutions include a desktop security software suite and cloud hosted management and threat intelligence service. The solutions offer a unique ability to protect networks against all types of threats directed at end users, including zero-days, by seamlessly moving applications that render untrusted content into controlled, secure virtual containers that automatically detect and terminate threats in real time. Invincea’s platform seamlessly moves the browser, PDF reader and Microsoft Office suite from the native operating system into secure virtualized environments without altering the user experience
Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today’s top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope’s StealthWatch® System helps organizations quickly detect a wide range of insidious attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and dramatically reduces enterprise risk. Lancope’s anomaly detection capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs security research team. For more information, visit www.lancope.com.
Lastline, Inc. provides the best-in-class malware protection platform to detect and stop advanced persistent threats, zero-day exploits and evasive malware for complete network coverage. The highly-scalable and interoperable system analyzes both the objects that enter a network and the traffic generated by internal hosts to provide network security administrators with the most up-to-date view of internal malware infections and attempted targeted attacks. Threats requiring immediate attention are easily distinguished through correlated, incident-centric infection views. Solutions are designed to be flexible to fit an organization’s needs and are available both on-premise and hosted by Lastline.
Lastline was founded in 2011 by world-renowned security researchers and creators of Anubis and Wepawet – malware analysis tools used by more than 80,000 users at businesses, NGOs and government agencies worldwide. The company is headquartered in Redwood City, California, with offices in North America, Europe and Asia Pacific. To learn more, visit www.lastline.com.
Mocana securely mobilizes enterprise data and protects millions of the smart connected devices that comprise the Internet of Things. The company’s award-winning enterprise mobile app security platform provides organizations with an easy way to deliver business-critical mobile apps, with a high-quality end user experience, tap-and-go simplicity and strong security, for internal and external users. Mocana's customers include Fortune 50 enterprises, government agencies and the world’s leading smart device manufacturers. More information is available at www.mocana.com and on Linkedin, Twitter, Facebook, Google+ or YouTube.
Norse is the leading innovator of live dark intelligence and adaptive security solutions that enable the proactive defense, rapid detection, risk-based response, and faster resolution of advanced cyberattacks. Norse's live dark intelligence platform continuously analyzes high-risk network traffic from the global Internet's darknets and the deep web, to proactively identify the sources, characteristics, and risk-levels of cyberattacks. Leveraging organizations' existing security infrastructure, Norse integrates with SIEM, big data security, and traditional security controls to provide an early detection system against advanced and emerging attacks enabling a more risk-aware and proactive security posture.
Novetta’s cutting-edge big data analytics solutions are used at the heart of our nation’s cyber defense, one of the largest, most sensitive, and attacked networks on the planet. Novetta Cyber Analytics, a network security situational awareness solution that dramatically increases the effectiveness of analysts and security infrastructure, is now available for commercial enterprises. By collecting and analyzing incorruptible network traffic, and utilizing clues forced by current infrastructure such as SIEMs and firewalls, Novetta Cyber Analytics serves as a linchpin enterprise security solution to enable security analysts, for the first time, to ‘see’ a complete, near real-time, picture of their entire network, then ask and receive answers to subtle questions – at the speed of thought – to detect, triage and respond to breaches. This proven solution has enabled analysts of a federal customer, previously unsuccessful in fully securing their network, to respond to an estimated 30 times the number of incidents. www.novetta.com/cyber-analytics
Onapsis is the leading provider of cybersecurity, compliance and continuous monitoring solutions for ERP systems and business-critical infrastructure. Through its innovative solutions, Onapsis helps its customers to protect their core business platforms from espionage, sabotage and fraud attacks.
Large organizations rely on SAP, Oracle E-Business Suite, PeopleSoft and Siebel platforms to store and process their most sensitive business information. Onapsis enables them to increase the security level of these systems while enforcing compliance requirements, decreasing financial fraud risks and reducing audit costs drastically. Onapsis solutions are trusted by several Fortune Global 100 companies, large governmental entities and military agencies.
Onapsis X1, the company's flagship product, is the industry's first comprehensive solution for the Automated Security Assessment of SAP platforms. Being the first and only SAP-certified solution of its kind, Onapsis X1 Enterprise allows customers to perform Automated Vulnerability Assessments and Security & Compliance Audits over their entire SAP platform. For organizations that need to go deeper, Onapsis X1 Consulting Pro also safely exploits existing weaknesses to illustrate the associated business impacts.
Onapsis is built upon a world-renowned team of experienced security researchers leading the SAP & ERP security fields. These experts were also the first to perform specialized SAP Penetration Tests, Vulnerability Assessments and Security Audits. Because of its cutting-edge research, Onapsis is continuously invited to lecture at the most important security conferences in the world, private companies and defense agencies.
If you are wondering whether your ERP systems and business-critical infrastructure are exposed, find more information at www.onapsis.com.
OpenDNS provides a cloud-delivered network security service that blocks advanced attacks, as well as malware, botnets and phishing threats regardless of port, protocol or application. Our predictive intelligence uses machine learning to automate protection against emergent threats before your organization is attacked. OpenDNS covers devices worldwide on or off the network in minutes with no hardware to install, software to maintain, and no admin intervention required.
OPSWAT provides solutions to secure and manage IT infrastructure.
Metascan and Metadefender help organizations detect and prevent advanced threats by using multiple anti-malware engine scanning, data sanitization and file filtering to control data workflow. Organizations can set security policies for data entering through USB drives, mail servers, upload servers and more. By using up to 30 anti-malware engines to scan files (using signatures and heuristics), Metascan can detect threats that are missed by single scan engines. To prevent threats that anti-malware engines do not detect, files can be converted to safer file types to remove potential embedded objects and macros.
OPSWAT also offers GEARS, a network security management platform that provides advanced threat detection and compliance enforcement for devices in the network and for remote users. GEARS allows administrators to easily monitor the status of devices in their network, with easy integration to secure access solutions and other technology platforms.
COMPANY WEBSITE: www.opswat.com
PhishMe® is the leading provider of phishing mitigation and detection for organizations concerned about human susceptibility to sophisticated cyber attacks. PhishMe's immersive training platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. A data-driven approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization's security decision making process. PhishMe's customers include the defense industrial base, critical infrastructure, and Global 1,000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.
Proofpoint, Inc. (NASDAQ:PFPT) is a leading security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance and secure communications. Organizations around the world depend on Proofpoint's expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information.
Protiviti provides expert-level security and privacy portfolio of solutions to FORTUNE 1000® and FORTUNE Global 500® companies in more than 20 countries as well as government agencies. For us, security is a focus – not an afterthought. We help companies enhance and protect their business using technology and view security through a wide lens.
Our comprehensive and holistic service offerings include the development of strategy and policy, addressing privacy and data security concerns (PCI/HIPAA/PII), incident response, security operations center management, penetration testing, identity and access management, and enhancing vendor management programs.
See what our clients say about us at www.protiviti.com/security.
Radware (NASDAQ: RDWR), is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware's solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down. For more information, please visit www.radware.com.
RedVector delivers unprecedented visibility to internal enterprise networks. Our solution captures network data from Layers 2-7 to discover behavioral anomalies hidden within large volumes of internal traffic. Our analytics software presents real-time, network-aware insights with priority and severity learned from the user. RedVector listens to everything that traverses your network and discovers advanced threats targeting the complex, critical networks of Financial Institutions, Service Providers, and Governments.
ReversingLabs delivers industry leading file analysis tools that drastically accelerate and broaden security analysts' ability to detect new threats, respond to incidents, find hidden information and verify software integrity.
TitaniumCore™ is the world's fastest and most comprehensive tool for automated static decomposition of files. The engine automatically extracts all contained objects and their internal information from a sample and stores them in a database for further analysis. A single server can process 100,000 samples daily.
TitaniumCloud™ service provides internal information and virus scanning results for over 1Billion goodware and malware files. Samples are scanned twice daily with 27 anti-virus products and the history is stored in the TiCloud database.
ReversingLabs products reduce analysis tasks from days to seconds, enabling analysts to respond quicker and cover more potential threats. Our customers include antivirus vendors, security vendors, government agencies, and commercial enterprises across the globe. Visit us at: www.reversinglabs.com
RiskIQ is a leading provider of enterprise security solutions beyond the firewall. The company’s proprietary technology intelligently interacts with websites and mobile applications, modeling user behavior to detect anomalies, policy violations and previously undetected threats. Armed with a purpose-built, worldwide proxy network that spans the globe, the company scans millions of web pages and mobile applications to provide enterprises with visibility and control beyond their corporate borders. As active participants of the Online Trust Alliance (OTA) and the Cloud Security Alliance (CSA), RiskIQ is at the forefront of defining security for emerging digital ecosystems. RiskIQ is headquartered in San Francisco and is backed by private-equity firm Summit Partners. To learn more about RiskIQ, visit www.riskiq.com.
Software Diversified Services secures data at rest and in transit--cross-platform and enterprise-wide.
SDS E-Business Server(TM) provides PGP(TM) data encryption, compression, authentication, and key management for z/OS, Unix, Linux, and Windows. APIs and scripts provide easy integration with C and Java applications, and with z/OS batch jobs. The SDS commitment to E-Business Server means this time-tested, enterprise-scale encryption tool will be relied on for years to come.
To secure data in transit from z/OS mainframes, SDS provides VitalSigns for FTP (VFTP). VFTP automates, manages, and monitors secure file transfer from z/OS. Collaborating with software from SSH(TM) Corporation, and with no change to existing batch jobs, VFTP automatically routes clear-text FTP to SSH proxies for encrypted SFTP transfer.
SDS has been providing performance, network, and security tools to governments and Fortune 500 enterprises worldwide since 1982. Technical support from our Minneapolis, MN, headquarters has been rated number 1 by the IBEX Bulletin.
Seculert protects your distributed enterprise from advanced threats with an integrated SaaS platform that analyzes malware communications, traffic logs, and suspicious files to identify known and unknown threats. Seculert requires no software or hardware and protects all of your sites and all your users, all of the time, with one convenient, cost-effective, cloud-based solution.
Founded in 2010 by security industry veterans, Seculert has offices in the US, the UK, and Israel. Customers include leading worldwide organizations from the financial, energy, and aerospace industries. For more information, visit www.seculert.com.
Securonix is working to radically transform all areas of data security with actionable security intelligence. Our purpose-built advanced security analytics technology mines, enriches, analyzes, scores and visualizes customer data into actionable intelligence on the highest risk threats from within and outside their environment. Using signature-less anomaly detection techniques that track users, account, and system behavior Securonix is able to automatically and accurately detect the most advanced data security, insider threats and fraud attacks. Globally customers are using Securonix to address the most basic and complex needs around threat detection and monitoring, high privileged activity monitoring, enterprise and web fraud detection, application risk monitoring, and access risk management. For more information visit www.securonix.com.
Sumo Logic is the next-generation machine data analytics company that leverages Big Data for real-time IT insights. The company's cloud-based service provides customers with real-time interactive analytics at unprecedented petabyte scale. The Sumo Logic service is powered by patent-pending Elastic Log Processing™ and LogReduce™ technologies, and transforms log data into actionable insights for IT operations, application management, and security and compliance teams. Unlike expensive and complex premise-based solutions, the Sumo Logic service has a low TCO, can be deployed instantly, scales elastically and requires zero maintenance. For more information, visit www.sumologic.com.
ThreatSim enables organizations to assess and reduce risk associated with end user behavior. ThreatSim is a security awareness platform that educates employees on how to identify potential threats, and how to make security-minded decisions. ThreatSim’s initial product enables organizations to send simulated phishing attacks against end-users and provides immediate training to those that fall prey to the phish. New products this year include additional scenario-based training focused on common situations in which employees are faced with a decision that impacts security. Our ThreatScore user risk management product rates employees based on their historical behavior, security knowledge, technical profile, and job characteristics providing actionable data that security managers will use to reduce risk posed by their end users. ThreatSim is offered in a SaaS model and sold as an annual subscription based on the number of end-users.
Thycotic Software deploys intuitive, reliable, IT security solutions that empower companies to control and monitor privileged account credentials and identity access for administrators and end-users. A member of the Inc. 5000, Thycotic is recognized as the fastest growing, privately held PAM provider in the USA. Secret Server manages passwords and identity access across a company’s entire IT infrastructure. Thycotic also provides end-user password reset and self-service AD group management tools. Trusted by over 2,500 organizations worldwide – including members of the Fortune 500, enterprises, government agencies, technology firms, universities, non-profits, and managed service providers. To learn more, please visit www.thycotic.com.
TIBCO Software Inc. (NASDAQ: TIBX) offers TIBCO LogLogic which provides organizations with security, compliance and IT optimization through enterprise-class log management and predictive intelligence for big data, enabling the two-second advantage® –the right information at the right time and act on it preemptively for a competitive advantage. Learn more at www.tibco.com/loglogic.
University of Maryland University College (UMUC) offers undergraduate and graduate degrees and certificates in cybersecurity, cybersecurity policy information assurance, computer networks and security, and digital forensics and cyber investigation. Located near the nation's capital, UMUC is one of the largest public universities in the United States. UMUC has been designated as a National Center of Academic Excellence for Information Assurance Education by NSA/DHS. To learn more, visit www.umuc.edu/spotlight/cybersecurity.cfm
Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions. Venafi delivered the first enterprise class solution to automate the provisioning, discovery, monitoring and management of digital certificates and encryption keys from the desktop to the datacenter built specifically for encryption management interoperability across heterogeneous environments. Venafi products reduce the unquantified and unmanaged risks associated with encryption deployments that result in data breaches, security audit failures and unplanned system outages. Venafi also publishes best practices for effective key and certificate management at www.venafi.com/best-practices. Venafi customers include the world's most prestigious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail. Venafi is backed by top tier venture capital funds, including Foundation Capital, Pelion Venture Partners and Origin Partners. For more information, visit www.venafi.com
As the global leader in domain names, Verisign powers the invisible navigation that takes people to where they want to go on the Internet. For more than 15 years, Verisign has operated the infrastructure for a portfolio of top-level domains that today includes .com, .net, .tv, .cc, .name, .jobs, .edu and .gov, as well as two of the world’s 13 Internet root servers (A & J). Verisign’s product suite includes Managed DNS, DDoS Protection and iDefense Security Intelligence Services. To learn more about what it means to be powered by Verisign, please visit VerisignInc.com.
Viewfinity’s advanced endpoint protection solution focuses on lessening the impact of IT security breaches before, during and after an attack. Our core capabilities reduce the attack surface and proactively prevent threats by removing administrative rights and classifying applications. Patterns and behavior indicators of malicious intent are cross-referenced with network security sandboxing to accelerate detection, response and remediation efforts. Our real-time monitoring ensures companies can isolate, block and reduce the impact if a breach occurs. Follow-up threat investigations are pinpoint accurate due to our ancestry tracking forensics that trace back to the true point of origin of an attack.
Vormetric (@Vormetric) is the industry leader in data security solutions that span physical, virtual and cloud environments. Vormetric helps over 1300 customers, including 17 of the Fortune 25 and many of the world’s most security conscious government organizations, to meet compliance requirements and protect what matters —their sensitive data —from both internal and external threats. The company’s scalable solution protects any file, any database and any application — within enterprise data center, cloud, big data environments — with a high performance, market-leading Vormetric Data Security Platform that incorporates application transparent encryption, access controls and security intelligence. Vormetric – because data can’t defend itself.
Wallarm is next generation web security solution designed to protect online businesses from application-level attacks. It organically combines vulnerability detection with web application firewall (WAF).
Wallarm is developed on top of NGINX, an increasingly popular high performance web server and load balancer used by 35% of the busiest 1000 websites. It targets clients with high loaded web projects in e-commerce, SaaS/PaaS, big data, news media, communication and online payments markets.
Wallarm is a unique everyday tool built by security professionals for security professionals. Its key features include:
For more information, please visit www.wallarm.com.
WatchGuard Technologies Since 1996, WatchGuard Technologies has provided reliable, easy-to-manage security appliances to hundreds of thousands of businesses worldwide. WatchGuard's award-winning extensible threat management (XTM) network security solutions combine firewall, VPN, and a suite of security services to boost protection in critical attack areas. The extensible content security (XCS) line of products offers content security across email and web, as well as data loss prevention. Both product lines help you meet regulatory compliance requirements including PCI DSS, HIPAA, SOX and GLBA. Represented by more than 15,000 partners in 120 countries, WatchGuard is headquartered in Seattle, Washington, with offices in North America, Latin America, Europe, and Asia Pacific. For more information, visit http://www.watchguard.com.
wolfSSL is an open source internet security company whose primary products include the wolfSSL embedded SSL library, wolfCrypt embedded crypto engine, SSL Inspection, and the wolfSSL Embedded Web Server. Primary users are programmers building security functionality into applications, devices, and cloud services. wolfSSL employs the dual licensing model offering products under both the GPLv2 as well as a standard commercial license.
wolfSSL's products are designed to offer optimal embedded performance, rapid integration into existing applications and platforms, the ability to leverage hardware crypto solutions, and support for the most current standards. All products are designed for ease-of-use with clean APIs, and are backed by a dedicated and responsive support and development team.
Bluebox Security offers the first mobile data security solution to safeguard corporate data across the device, application, and network. The cloud-based solution provides complete visibility and security of corporate data, while providing employees the freedom, ease of use, and privacy that ensures widespread adoption. Bluebox is headquartered in San Francisco.
Co3 Systems is making the market for Incident Response Management Systems - collaboration software that brings people, process, and technology together to prepare, assess, manage, and mitigate security incidents.
Our company URL is: www.co3sys.com
Cobalt Strike is threat emulation software. Execute targeted attacks and evade defenses in a way that replicates a well-funded actor with custom tools. Key features include robust communication over DNS and SMB pipes, man-in-the-browser session hijacking, and flexible beaconing to multiple hosts. This is NOT compliance testing.
Company URL: http://www.advancedpentest.com
Cybereason delivers a proprietary technology platform that automatically uncovers malicious operations (Malops™) and reconstructs them as a clear image of a cyberattack in context. This enables enterprises to discover sophisticated targeted threats at a very early stage, disrupt them at the stem and significantly reduce the costs and damages caused by such attacks. Cybereason is headquartered in Cambridge, MA with offices in Tel Aviv, Israel. For more information, please visit www.cybereason.com, www.twitter.com/Cybereason, www.facebook.com/Cybereason, and www.linkedin.com/company/Cybereason.
CyberToolbelt.com (CTB) is a comprehensive set of tools designed to make the investigation of domains, IP addresses and other related information as efficient, cost effective and easy to use as possible. The application has many features that are not available anywhere else at any price.
CyberToolbelt.com is very cost effective to use and will save you hours of searching the web using stand-alone tools. You get more comprehensive results, quicker.
Deja vu Security, a Seattle-based security firm, focuses on helping its clients build secure solutions. It is an industry leader in secure development, security fuzz testing, embedded device security, and penetration testing. Deja vu Security’s widely adopted security fuzzing platform, Peach Enterprise Fuzzer, can help you find unknown vulnerabilities.
Founded in 2013 by Internet pioneer Dr. Paul Vixie, Farsight Security,Inc.
offers situational awareness and threat intelligence services, including its Security Information Exchange (SIE) real-time telemetry broadcast platform, Passive DNS database (DNSDB), and Newly Observed Domains (NOD) early warning system. For more information, visit http://www.farsightsecurity.com.
Emerging Threats is a world-leading provider of commercial and open source threat intelligence. Founded in 2003 as a cyber-security research community, Emerging Threats has become the de facto standard in network-based malware threat detection. The company’s products are platform agnostic for easy integration with IDS’s, SIEM’s, and other security platforms.
Firebind is reinventing the way that network security policies (firewall rules, ACLs) are validated, exposing hidden vulnerabilities that aren’t visible with configuration reviews or manual pentesting. Our flagship solution, Firebind Recon, is the world’s first distributed network path penetration testing solution built for continuous assessments.
Hillstone Networks' elastic data center firewall offers unprecedented scalability and flexibility to match security on-demand in virtualized data centers. The Hillstone Networks solution protects enterprises against advanced malware based on behavioral anomaly detection and advanced data analytics. With over 5,000 customers worldwide, Hillstone Networks recently was positioned in the Gartner 2014 Enterprise Firewall Magic Quadrant.
Peerlyst is the first community dedicated to information security professionals. It's where security leaders collaborate, exchange product reviews, discuss issues, and support each other in their day-to-day challenges. Peerlyst is not only where your job gets easier, but where you can stand out from the crowd.
PFP Cybersecurity provides cyber intrusion detection for SCADA, semiconductor, mobile, and network devices. Using out-of-band, physical-layer approaches, PFP detects tiny anomalies in power patterns to catch zero-day attacks on day zero providing an early warning system. PFP enables continuous, real-time monitoring, requires no electrical contact/software install, and complements existing solutions.
Pwnie Express is the leading provider of network security assessment solutions for remote locations and wireless. Thousands of enterprises and government organizations worldwide rely on Pwnie Express’s products for asset discovery, vulnerability assessment, and drop-box penetration testing and obtain unprecedented insight into their distributed network infrastructure. Pwnie Express smart devices leverage open source tools.
Risk I/O is a vulnerability threat management platform that processes external Internet breach and exploit data with vulnerability scan data to monitor, measure and prioritize remediation across an IT environment. As a result, organizations know their likelihood of experiencing a breach and what vulnerabilities pose the greatest risk.
Synack provides a subscription security-as-a-service solution that redefines the static, signature-centric model of security testing and vulnerability discovery. Through a rapidly deployable Crowd Security IntelligenceTM platform, customers safely engage a global community of highly skilled and trusted security researchers, enabling continuous testing of web applications, mobile applications, and host infrastructure. Welcome to human-powered cyber security.
ThreatStream is a next generation cyber intelligence platform that enables the disruption of cyber adversaries in real-time by focusing on operationalizing the largest and most diverse crowd sourced threat intelligence platform in the world.
x.o.ware provides inexpensive hardware encryption solutions that can be used by anyone, and eliminate the need for rent-seeking third parties who only add vulnerabilities.
whiteCryption is a leading provider of software code protection and white-box cryptography products. whiteCryption, an Intertrust company, supplies its patented technologies to the world's leading software, hardware, and content companies in the Entertainment, Automotive and Finance Industry.
ZeroFOX, The Social Risk Management Company, enables organizations to identify, manage, and mitigate the business and security risks associated with social media and socially-connected applications. Our patented technology identifies malicious actors, threats and attacks targeting any organization and its employees. Before ZeroFOX, organizations had zero visibility into social media risk.
AccessData Group makes the world’s most advanced and intuitive incident resolution solutions. AccessData technology delivers real-time insight, analysis, response and resolution of data incidents, including cyber threats, insider threats, mobile and BYOD risk, GRC (Governance Risk & Compliance) and eDiscovery events. Over 130,000 users in corporations, law enforcement, government agencies, and law firms around the world rely on AccessData software to protect them against the risks present in today’s environment of continuous compromise. http://www.accessdata.com.
CSC provides global enterprise-class cybersecurity services that have evolved from over 35 years experience in some of the world's most sophisticated, disparate and challenging environments. CSC offers innovative information security programs for Managed Security Services, Compliance management, Incident Response, Identity and Access Management, Security Consulting, Application Protection, Business Continuity and Disaster Recovery. visit: http://www.csc.com/cybersecurity
FireEye protects the most valuable assets in the world from those who have them in their sights. Our combination of technology, intelligence, and expertise combined with the most aggressive “boots on the ground” helps eliminate the impact of security breaches. We find and stop attackers at every stage of an incursion. With FireEye, you’ll detect attacks as they happen. You’ll understand the risk these attacks pose to your most valued assets. And you’ll have the resources to quickly respond and resolve security incidents. The FireEye Global Defense Community includes more than 2,200 customers across more than 60 countries, including more than 130 companies in the Fortune 500.
Managing risk, fraud and misconduct has never been more challenging. Along with today’s greater flow of information comes a heightened risk of unauthorized access, disclosure or misuse of sensitive data. KPMG LLP can help organizations effectively manage and control corporate information assets against an evolving spectrum of threats and scenarios.
Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today’s top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope’s StealthWatch® System helps organizations quickly detect a wide range of insidious attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and dramatically reduces enterprise risk. Lancope’s anomaly detection capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs security research team. For more information, visit www.lancope.com.
Twitter is a communication platform that instantly connects people everywhere to what's most meaningful to them. At the heart of Twitter are small bursts of information called Tweets, which are 140 characters or less in length. However, you don't have to tweet to use Twitter. Lots of people just use Twitter to get the latest information about the things that mean most to them. With 500 million Tweets per day and more than 255 million active users, there is something for everyone on Twitter, no matter what you're interested in or where you are in the world. Twitter can be accessed on the web, on smartphones and on the simplest of feature phones.
Stroz Friedberg’s Incident Response, Digital Forensics, and Security Science experts help organizations defend, respond and advance with certainty. Whether assessing and securing networks, conducting forensic investigations, or countering a data breach— part of our risk management approach is to seek truth so clients can gain assurance while propelling forward. www.strozfriedberg.com
Juniper Networks, Junos WebApp Secure is a Web Intrusion Deception system that does not generate false positives because it uses deceptive tar traps to detect attackers with absolute certainty. Junos WebApp Secure inserts detection points into the code and creates a random and variable minefield all over the Web application. These detection points allow you to detect attackers during the reconnaissance phase of the attack, before they have successfully established an attack vector. Attackers are detected when they manipulate the tar traps inserted into the code. And because attackers are manipulating code that has nothing to do with your website or Web application, you can be absolutely certain that it is a malicious action—with no chance of a false positive.
IT security professionals know that false positives diminish the effectiveness of any security program. By using this certainty-based approach, Junos WebApp Secure solves this problem for Web attacks. Furthermore, this product works out-of-the-box and improves your Web application security. There are no rules to write, no signatures to update, no learning modes to monitor, and no log files to review—just attackers to prevent.
For More information, please visit www.juniper.net
Adallom is a SaaS security company founded by Israeli Intelligence alumni. We started our company based on a simple problem statement: SaaS is safe, its usage isn’t. Adallom evolves the way enterprises secure information in SaaS by monitoring usage, detecting unauthorized access, and protecting enterprise data in the cloud.
Booz Allen Hamilton is a leading provider of management consulting, technology, and engineering services to the US government in defense, intelligence, and civil markets, and to major corporations, institutions, and not-for-profit organizations. Booz Allen is headquartered in McLean, Virginia, employs more than 24,000 people, and had revenue of $5.76 billion for the 12 months ended March 31, 2013. To learn more, visit www.boozallen.com. (NYSE: BAH)
CrowdStrike is a global provider of security technology and services focused on identifying advanced threats and targeted attacks. Using big-data technologies, CrowdStrike’s next-generation threat protection platform leverages real-time Stateful Execution Inspection (SEI) at the endpoint and Machine Learning in the cloud instead of solely focusing on malware signatures, indicators of compromise, exploits, and vulnerabilities. The CrowdStrike Falcon Platform is a combination of big data technologies and endpoint security driven by advanced threat intelligence. CrowdStrike Falcon enables enterprises to identify unknown malware, detect zero-day threats, pinpoint advanced adversaries and attribution, and prevent damage from targeted attacks in real time.
Fluke Networks is the world-leading provider of network test and monitoring solutions to speed the deployment and improve the performance of networks and applications. Leading enterprises and service providers trust Fluke Networks' products and expertise to help solve today's toughest issues and emerging challenges in WLAN security, mobility, unified communications and datacenters. Based in Everett, Washington, the company distributes products in more than 50 countries. For more information on our wireless solutions, visit www.FlukeNetworks.com
Today’s organizations are facing the most aggressive threat environment in the history of information technology. Emerging computing trends have greatly increased productivity and business agility but at the same time, have introduced a host of new risks. HP’s approach to security disrupts the life cycle of an attack with prevention and real-time threat detection, from the application layer to the hardware and software interface. HP’s Enterprise Security offerings enable organizations to take a comprehensive approach to security, delivering actionable security intelligence and expertise while providing insight into the future of security and the most critical threats facing organizations.
More information www.hpenterprisesecurity.com
IBM’s security portfolio provides the security intelligence to help organizations holistically protect their people, data, applications and infrastructure. IBM offers solutions for identity and access management, security information and event management, database security, application development, risk management, endpoint management, next-generation intrusion protection and more. IBM operates one of the world’s broadest security research and development, and delivery organizations. IBM monitors 15 billion security events per day in more than 130 countries and holds more than 3,000 security patents. For more information, please visit www.ibm.com/security, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence at www.securityintelligence.com.
Skybox Security provides powerful risk analytics that give security teams the intelligence needed to eliminate attack vectors, respond to threats and improve security processes. Our solutions are used for enterprise-scale vulnerability and threat management, firewall management and compliance monitoring.
One of the industry’s best kept secrets, operating in a relative state of stealth for last seven years, Tanium represents a fundamental paradigm shift in the approach to enterprise security and already serves as the “central nervous system” for half of the Fortune 100, five of the top 10 largest global banks and four of the top 10 global retailers. It’s a complete rethink of systems and security management that replaces the outmoded hub and spoke model with a new peer to peer communications architecture that gives IT professionals real-time visibility and access to endpoints and data in seconds instead of the hours, days or weeks they’re used to. This gives IT the ability to detect and mitigate damages from outages and cyber-attacks within seconds, as well as distribute and install updates and shut down processes or executables instantaneously.
TIBCO Software Inc. (NASDAQ: TIBX) offers TIBCO LogLogic which provides organizations with security, compliance and IT optimization through enterprise-class log management and predictive intelligence for big data, enabling the two-second advantage® –the right information at the right time and act on it preemptively for a competitive advantage. Learn more at www.tibco.com/loglogic.
Panoply is a hack and defend competition combined into a single event. Returning for the third year, Panoply is the official competition presented by Black Hat USA and the National Collegiate Cyber Defense Competition. For more information visit: http://nccdc.org and http://cyberpanoply.com
The Cloud Security Alliance is a not-for-profit organization with a mission to promote best practices and industry-wide education on security assurance within Cloud Computing. Led by industry practitioners, corporations and consumers, CSA serves as an incubator for international cloud standards and is the go-to source for cloud security research and tools.
The Electronic Frontier Foundation (EFF) is the leading nonprofit organization defending civil liberties in the digital world. Founded in 1990, EFF champions user privacy and free expression online through a strategic combination of impact litigation, policy analysis, education, and grassroots activism. We empower tinkerers, creators, coders, and consumers to reclaim freedom as our use of technology grows.
The Executive Women's Forum (EWF) is a prominent community of over 1000 of the nation's most influential female executives within the Information Security, Privacy, and Risk Management industries. The EWF community is a home base for women to grow their professional skills, build important networks and gather industry business intelligence.
IEEE Computer Society, the global community for technology leaders, is the unmatched and trusted source for technology information, inspiration, and collaboration for computing professionals. The Computer Society provides a wide range of forums, including technical conferences, publications, training webinars, and professional training. To find out more, visit www.computer.org.
Celebrating its 25th anniversary, (ISC)² is the largest not-for-profit membership body of certified information and software security professionals worldwide, with nearly 100,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), the Certified Cyber Forensics Professional (CCFPSM), Certified Authorization Professional (CAP®), HealthCare Information Security and Privacy Practitioner (HCISPPSM), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates. (ISC)² offers education programs and services based on its CBK®. Visit www.isc2.org.
The Information Systems Security Association (ISSA) is dedicated to developing and connecting cybersecurity leaders globally. ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk, and protecting critical information and infrastructure.
ISSA facilitates interaction and education to create a successful environment for global information systems security and for the professionals involved. Members include practitioners at all levels of the security field in a broad range of industries such as communications, education, healthcare, manufacturing, financial, and government. Join us today at www.issa.org.
The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. For more information, please visit www.owasp.org.
Cyber Defense Magazine is by ethical, honest, passionate information security professionals for IT Security professionals. Our mission is to share cutting edge knowledge, real world stories and awards on the best ideas, products and services in the information technology industry.
Dark Reading is the most comprehensive online community for the exchange of information about cyber security issues. Driven by leading thinkers in information security research, technology development, and professional IT security practice, Dark Reading provides the latest news, commentary, and discussion on cyber security exploits and threats, as well as the tools and practices for preventing them.
The Ethical Hacker Network Online Magazine provides the best source for advancing careers in ethical hacking. Great columns, tutorials, book reviews, course reviews, certification info, interviews, Free Monthly Giveaways worth $1000s, a Global Calendar of Events and Community Forums. Want to hack for a living? Join EH-Net and get involved!
Infosecurity Magazine has almost ten years of experience providing knowledge and insight into the information security industry. Its multiple award winning editorial content provides compelling features both online and in print that focus on hot topics and trends, in-depth news analysis and opinion columns from industry experts.
Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Visit InfosecEvents.net for an always up-to-date events calendar, curated news, local community spotlights, reviews from training courses and more.
InfoSec News is one of the longest running and most respected security news sites. The site's focus is the distribution of information security news articles from a variety of sources including newspapers, magazines, and various online resources. http://www.infosecnews.org/
SC Magazine arms information security professionals with in-depth, unbiased business and technical information they require to tackle the countless security challenges their organizations face and establish risk management and compliance postures that underpin overall business strategies.
An IT security news and information company by IT professionals for IT professionals, securitycurrent is the premier international security news and information site. It delivers thought provoking articles, critical business and technical information, as well as tactical and practical advice. Our CISOs and third party industry experts and analysts provide insight into today's complicated security landscape. securitycurrent stays on top of what's actually happening in the real world of IT security.