TLS 1.3

Progress Enables Developers to Accelerate Application Modernization with Latest Release of OpenEdge

Retrieved on: 
Tuesday, February 6, 2024

BURLINGTON, Mass., Feb. 06, 2024 (GLOBE NEWSWIRE) -- Progress (Nasdaq: PRGS), the trusted provider of infrastructure software, today announced the latest release of Progress® OpenEdge®, the flagship application development platform used by over 100,000 customers across the globe to simplify the delivery of mission-critical business applications. By leveraging the new features and enhancements of OpenEdge 12.8, organizations can optimize their development processes, improve database performance, enhance application security and stay current with the evolving technology landscape.

Key Points: 
  • Metrics assist in managing your OpenEdge applications, while traces provide developers with deep insights into application performance to identify code bottlenecks and optimize application performance.
  • Faster turn-around on builds: With incremental build support, developers can change their codebase and quickly rebuild only the affected parts.
  • OpenEdge 12.8 delivers advancements in application integration and environment management through improved monitoring and administration capabilities.
  • For more information, visit https://www.progress.com/openedge/whats-new or register for the What’s New In OpenEdge 12.8 webinar occurring February 22.

NIST Validates Nubeva’s Breakthrough in TLS 1.3 Decryption Technology

Retrieved on: 
Thursday, February 1, 2024

SAN JOSE, Calif., Jan. 30, 2024 (GLOBE NEWSWIRE) -- Nubeva Technologies (TSX-V: NBVA), a leader in next-generation decryption solutions, is proud to announce that the National Institute of Standards and Technology (NIST) has validated its Nubeva SKI Technology as a leading solution for the TLS visibility problem. This endorsement is detailed in NIST's Special Publication 1800-37B, which addresses the significant challenges enterprises face with TLS 1.3 visibility.

Key Points: 
  • TLS 1.3, while offering enhanced security and performance, disrupts traditional traffic inspection techniques used by enterprises for monitoring their internal TLS 1.2 traffic.
  • Nubeva's patented key extraction technology meets these needs by enabling enterprise decryption of TLS 1.3 traffic, including pinned certificate traffic, for security and visibility.
  • "As with any pioneering technology, our approach to decryption of TLS 1.3 raised industry questions.
  • Nubeva's technology aligns with the key management-based solutions outlined in NIST SP 1800-37B, ensuring a seamless transition from TLS 1.2 to TLS 1.3.

AppViewX Contributes to NIST SP 1800-37B Report on Enhancing TLS 1.3 Visibility

Retrieved on: 
Wednesday, January 31, 2024

However, the security improvements in TLS 1.3 create challenges for enterprises that rely on passive decryption techniques for visibility into their TLS traffic.

Key Points: 
  • However, the security improvements in TLS 1.3 create challenges for enterprises that rely on passive decryption techniques for visibility into their TLS traffic.
  • This visibility is essential for enterprises to meet cybersecurity, operational, and regulatory requirements.
  • This project presents options for maintaining visibility within the TLS 1.3 protocol by offering standards-compliant architectural models for real-time and post-facto systems monitoring and analytics capabilities within enterprises.
  • AppViewX contributed its technical expertise, and first hand experience working with enterprise customers migrating to TLS 1.3, to the SP 1800-37B report.

HiveMQ Announces Achievement of SOC 2 Type 1 Compliance

Retrieved on: 
Friday, January 26, 2024

BOSTON, Jan. 26, 2024 /PRNewswire-PRWeb/ -- HiveMQ, the global leader in enterprise MQTT solutions, today announced the successful completion of System and Organization Controls (SOC) 2 Type I compliance. SOC 2 is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA) to assess the design of HiveMQ's controls over information security, availability, processing integrity, confidentiality, and privacy. The audit was conducted by Insight Assurance LLC.

Key Points: 
  • BOSTON, Jan. 26, 2024 /PRNewswire-PRWeb/ -- HiveMQ , the global leader in enterprise MQTT solutions, today announced the successful completion of System and Organization Controls (SOC) 2 Type I compliance.
  • SOC 2 Type 1 compliance validates that HiveMQ focuses on the design and implementation of security controls to ensure they are suitably designed to meet the relevant trust services criteria.
  • "HiveMQ is committed to being a reliable and trusted ally for all of our customers and partners.
  • The HiveMQ Enterprise MQTT Platform is designed from the ground up to ensure safe and secure enterprise IoT deployments.

Cloudbrink claims first with firewall-as-service for the hybrid workplace

Retrieved on: 
Tuesday, December 5, 2023

The company, which delivers high-performance zero-trust application connectivity to the hybrid workforce, says traditional and next-generation firewalls fail to protect end users and their devices.

Key Points: 
  • The company, which delivers high-performance zero-trust application connectivity to the hybrid workforce, says traditional and next-generation firewalls fail to protect end users and their devices.
  • Offloading remote-user security functions improves the stability of existing firewalls and the network performance experienced by remote users, Cloudbrink claims.
  • Prakash Mana, chief executive officer of Cloudbrink, said: “Firewalls were designed to protect the data center, then the network, and now the cloud.
  • FWaaS functionality and IPsec connectivity are bundled with the Cloudbrink service starting December 2023.

Proprietary Research from Quantum Xchange Shows the Dreadful State of Enterprise Cryptography

Retrieved on: 
Monday, October 30, 2023

Quantum Xchange , the enterprise crypto-management company, has conducted research exposing the widespread use of old, outdated cryptographic protocols by enterprises in finance, healthcare, higher education, retail, and manufacturing.

Key Points: 
  • Quantum Xchange , the enterprise crypto-management company, has conducted research exposing the widespread use of old, outdated cryptographic protocols by enterprises in finance, healthcare, higher education, retail, and manufacturing.
  • More alarming still, up to 92 percent of all traffic on a hospital network uses no encryption at all.
  • “These findings serve as a snapshot of what’s taking place within enterprise systems worldwide,” said Vince Berk, Chief Strategist at Quantum Xchange.
  • Register to attend the Dec. 6 webinar and see first-hand how CipherInsights can be used to achieve full cryptographic clarity.

HiveMQ Achieves ISO/IEC Certification for Data Security

Retrieved on: 
Wednesday, September 20, 2023

BOSTON and LANDSHUT, Germany, Sept. 20, 2023 /PRNewswire-PRWeb/ -- HiveMQ, the global leader in enterprise MQTT solutions, today announced it has earned the ISO/IEC 27001:2013 certification in support of maintaining and extending data security practices that provide customers and partners with assurance of its commitment to protecting entrusted information.

Key Points: 
  • ISO/IEC 27001 is a globally-recognized certification, signifying HiveMQ meets the standard of excellence for information security management systems.
  • The certification demonstrates HiveMQ's commitment that its policies and procedures adhere to world-class security and data protection protocols.
  • In addition to the ISO/IEC 27001 certification, the HiveMQ platform moves data securely with industry standards such as TLS 1.3, secure WebSockets, and state-of-the-art cipher suites.
  • HiveMQ leverages the MQTT protocol for the instant, bi-directional push of data between connected devices and enterprise IT systems.

Gigamon Announces Precryption Technology, a Breakthrough Cybersecurity Innovation that Brings Deep Observability to Encrypted Traffic Across Any Hybrid Cloud Infrastructure

Retrieved on: 
Tuesday, September 12, 2023

Gigamon, the leading deep observability company, announced a series of breakthrough cybersecurity innovations to the Gigamon Deep Observability Pipeline in its latest GigaVUE 6.4 software release.

Key Points: 
  • Gigamon, the leading deep observability company, announced a series of breakthrough cybersecurity innovations to the Gigamon Deep Observability Pipeline in its latest GigaVUE 6.4 software release.
  • View the full release here: https://www.businesswire.com/news/home/20230912115627/en/
    According to the recent Gigamon 2023 Hybrid Cloud Security Survey , over 70 percent of the 1,000 IT and security leaders surveyed admit they currently don’t inspect the encrypted data flowing across their hybrid cloud infrastructure.
  • Its innovative approach leverages eBPF technology inside the Linux kernel to deliver plaintext visibility, capturing traffic before encryption or after decryption.
  • Efficiently offloads TLS decryption overhead from cloud, security, and observability tools, greatly boosting their capacity and performance.

AppViewX Collaborates with NIST on Addressing Visibility Challenges with TLS 1.3 Project

Retrieved on: 
Thursday, August 17, 2023

This project builds upon the NCCoE’s previous project, “ TLS Server Certificate Management ,” which showed organizations how to centrally monitor and manage their TLS certificates.

Key Points: 
  • This project builds upon the NCCoE’s previous project, “ TLS Server Certificate Management ,” which showed organizations how to centrally monitor and manage their TLS certificates.
  • “AppViewX is committed to a standards-based approach for all certificate, key and automation use cases whenever possible.
  • For example, we have partnered with Netscout to develop a prototype for the TLS 1.3 visibility challenge that we plan to formalize as an open industry standard,” said Murali Palamisamy, Chief Solutions Officer at AppViewX.
  • This collaborative effort will help to address the security implications and visibility challenges of TLS 1.3 protocol changes.

EMA Report Finds nearly 80% of SSL/TLS Certificates are Vulnerable to Man in the Middle Attacks

Retrieved on: 
Tuesday, August 1, 2023

AppViewX , a leader in automated machine identity management (MIM) and application infrastructure security, today announced the results of a research study conducted by Enterprise Management Associates (EMA) on SSL/TLS Certificate Security.

Key Points: 
  • AppViewX , a leader in automated machine identity management (MIM) and application infrastructure security, today announced the results of a research study conducted by Enterprise Management Associates (EMA) on SSL/TLS Certificate Security.
  • The survey found that nearly 80% of TLS certificates on the Internet are vulnerable to Man in the Middle (MiM) attacks, while as many as 25% of all certificates are expired at any given time.
  • “We were surprised with the sheer volume of expired and self-signed certificates in circulation, and how many organizations are still not using TLS 1.2 and 1.3,” said Ken Buckler, CASP, Director of Information Security Research for EMA.
  • “The recent certificate expiration incidents at Cisco, Microsoft and StarLink demonstrate the importance of automating the management of digital identities to eliminate critical outages and ensure strong security and risk postures.”