What is CryptoAuditor?
Modern IT systems are run by third parties – contractors, SaaS and IaaS providers, external administrator companies – to enable businesses to focus on creating value and getting new business, not having to worry about their infrastructure. Today, over 60% of enterprises have third parties accessing their networks remotely. This trust is sometimes exploited, in fact 95% of data breaches involve privileged credential misuse. Most of the time, CIOs have no idea what is going on in their network since trusted accounts can operate freely, under encrypted cover, like Tommi Lampila's recent post outlined.
CryptoAuditor is a robust, proven security infrastructure product that has traditionally been implemented as a virtual appliance running on premise. In July 2015, SSH Communications Security announced that CryptoAuditor is also available through the AWS Marketplace - as the only product of its kind in the world. Now you can deploy CryptoAuditor on premise into any VMWare or Hyper-V virtualized environment from a .iso image, as well as a readymade AMI right from the AWS Marketplace!Keep Reading
Contrary to public perception, the world did not stop for the holidays. SSH Communications Security has been moving, expanding and developing with fast pace during the summer and we have facts and figures to show for it.Keep Reading
Enabling Data Loss Prevention Tools for Encrypted Channels and File Transfers
Year 2015 marks the 20th anniversary of the first release of the Secure Shell protocol. Network encryption has become ubiquitous over the last two decades, driving critical communications and transactions within and between networks. Consumers use encrypted communications on a daily basis – often unwittingly – to communicate securely with their peers and to purchase goods and services online. Enterprises encrypt critical transactions between business applications and file transfers of sensitive business data.
Encryption of privileged user access and the transfer of sensitive customer and financial data is recognized as a baseline security control mandated by compliance programs governing the payment card and banking industries. Most organizations have deployed network encryption to fulfill these security and compliance policies, and to protect the integrity of their business operations. Network encryption is a vital aspect of today’s global communications, transparently entwined in the very DNA of our digital work and life – but it does represent a double-edged sword. The other "edge" of encryption being that it does exactly what one would think – protecting session contents from examination between the communication end-points, rendering network defenses ineffective.
Together with our local partner DIT, SSH Communications Security participated in one of the biggest IT exhibitions in Japan: Interop Tokyo. With close to 140,000 visitors in 3 days, DIT and SSH’s joint booth managed to attract attention from many of these visitors, especially with the new version of our CryptoAuditor, a network-based virtual appliance that has the capability to control, monitor and audit encrypted administrator sessions, as well as file transfers.
Many local Japanese representatives of major enterprises were actually fascinated by CryptoAuditor’s ability to monitor encrypted traffic without disrupting the existing business systems.
There are also many large enterprises in Japan using various versions of Secure Shell that have started to realize the problems that arise with SSH key management.
With the increased interest in both of our major solutions for SSH key management and monitoring encrypted traffic, we have decided to open a new office in Tokyo, Japan. We recognize the strategic importance of Japan in today’s global IT security market, and the office will focus on supporting sales and service operations for current partners and distributors. Also, earlier this year, we announced a new business alliance and distributor agreement with Fujitsu SSL.
We encourage all our current Japanese customers, business partners, and anyone interested in our solution in Japan to get in direct contact with us!
SSH Communications Security, Japan office
Yamato Building 8F
5-27-3 Sendagaya Shibuya
Tel: +81 (3) 6865-6565
In early June, Microsoft announced something that surprised many; namely that they will be supporting Secure Shell (SSH) in their PowerShell tool used by many system administrators, developers and power users. The move would make not only the SSH client native on Windows, but would also make the SSH server native as well. Microsoft would also contribute code to the OpenSSH project – huge news to anyone who has followed the history of Microsoft and openKeep Reading
Breaches pertaining to SSH user keys are insidious. There are two primary reasons behind this. First, most organizations do not have comprehensive inventories of what trusts are valid for SSH user keys and do not carefully differentiate between those dedicated for interactive usage and those for service accounts. Secondly, most organizations do not engage in a continuous monitoring of key based authentication and lack a clear understanding from what source IP addresses SSH user keys may and should authenticate. Based on this alone it is difficult for organizations to ascertain whether a trust is rogue, and are usually chasing the breach rather than pre-empting it. So few security professionals are able to remediate against these type of breaches simply because the existing legacy trusts in the environment must be understood prior to being able to take any action.Keep Reading
Wow what a day it has been for our crew at Infosecurity Europe 2015! Our booth was ready to welcome visitors first thing in the morning, and throughout the day there was a steady stream of people wanting to learn more about Privileged Access Management approach from the creators of SSH protocol.
Key demos we have on tap are SSH Universal Key manager and CryptoAuditor. Here’s James demoing how CryptoAuditor can help businesses get the transparency they need for building their businesses further, without harming productivity in theKeep Reading
We’ve all been there: standing outside your home, you put your hand in your pocket, only to discover your house key is gone.
Panic sets in.
Where is it? Did I leave it at work? Did it fall out? Did someone steal it? What am I going to do?
You can turn fatalistic, cry your bad luck and wait for the problem to take care ofKeep Reading
When considering privileged access management challenges organizations face today, you can simply spin around in circles considering all the angles that need to be considered from a privileged user and M2M perspective. There is no doubt, a great infrastructural transformation is ongoing seeing more and more critical business application functions being moved to private, public and hybrid clouds. With this in mind, the consideration of how we monitor, control and audit our encrypted traffic and privileged access to and from the cloud, and between and within clouds is becoming a security necessity forcing us to rethink how we approach thisKeep Reading