Certes Networks, a leading innovator in software-defined security solutions to protect enterprise applications, today announced the company’s award-winning CryptoFlowÒ product suite supports Crypto-Segmentation, enabling end-to-end protection of sensitive enterprise applications both inside and outside the traditional enterprise perimeter.
Certes CryptoFlows are the industry’s first software-defined security solution for safeguarding enterprise applications over any network for any user on any device. They enable “frictionless enterprise” deployments of networked applications to be rolled out without increasing risk while blocking the top attack vector used in hacking attacks worldwide, the compromise of low-privilege users and unfettered access to sensitive applications.
With recent extensions to support new devices and use cases, the CryptoFlow product family now supports Crypto-Segmentation of enterprise applications to provide:
- The ability to create a virtualized, encryption-protected flow for each enterprise application, providing real-time access control based on user roles.
- Automatic extension of protected enterprise applications from server to user in any location. Application servers can be in the data center, in the Cloud, a virtualized environment or distributed and hybrid deployment. Users access the CryptoFlows on laptops, tablets, smartphones or any other supporting devices.
- Business-centric centralized key and policy management, providing unified and consistent control over user access across all enterprise applications on any network end-to-end.
- Strong encryption and integrity protection of internal application traffic, to cryptographically isolate applications and contain breaches when user credentials are compromised, hackers penetrate firewalls, or insider threats arise.
With Crypto-Segmentation, CryptoFlows automatically contain and constrain hackers exploiting compromised user credentials by blocking lateral movement from application to application. CryptoFlow solutions stop the top attack vector used in breach after breach in the recent high-profile hacking attacks around the globe. In these cases, hackers compromised the credentials of a single low privilege user or even an external contractor, then utilized these credentials to bypass firewalls, access enterprise applications and exploit vulnerabilities to jump to the sensitive applications containing the most valuable data or accessing most critical assets.
By enforcing role-based access control over all users for all applications, CryptoFlows ensure that users can access only the applications that they need to do their jobs. If a user is compromised, a hacker can gain access to only the narrow set of applications available to that user and the hacker is blocked from lateral movement to the more sensitive applications.
“Perimeter-based security is woefully inadequate for protecting today’s enterprise applications,” said industry analyst Jason Bloomberg, President of Intellyx & Contributor to Forbes. “The flexibility and fluidity of today’s borderless enterprise applications require an end-to-end rethink of security. Certes Networks’ approach for segmenting applications and networks closely aligns to how users and applications operate in the modern, digital IT environment.”
Certes CryptoFlows are infrastructure agnostic, enforcing security with standalone policy enforcers or as virtualized enforcement points in the Cloud or on third-party devices. Certes’ award-winning CryptoFlow security products are the centerpiece of Certes’ perfect 15-year track record of 7,300 product deployments in 84 countries without a single successful hack of any protected application.
“The reality is that today’s enterprise is only as safe as its least secure user, contractor or supply chain member,” said Satyam Tyagi, Certes Networks’ CTO. “In every major data breach of the past two years, hackers made it past the firewalls by using simple attacks to steal low-privilege credentials. They then were able to jump into more sensitive applications and do the most damage. We are directly addressing this major vulnerability and dramatically reducing breach damage and risk with our Crypto-Segmentation solutions.”
About Certes Networks
Certes Networks protects data in motion with market-leading software-defined security solutions. The company’s award-winning CryptoFlow® Solutions safeguard application traffic in physical, virtual and Cloud environments, enabling secure connectivity over any infrastructure without compromising network device or application performance. Companies around the world rely on security solutions from Certes Networks to protect access, accelerate application deployment, simplify network projects, reduce compliance costs, and improve the return on investment in IT infrastructure.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.