Black Hat USA
August 4-9, 2018
Las Vegas, NV, USA
Black Hat Trainings
October 22-23, 2018
Chicago, IL USA
Black Hat Europe
December 3-6, 2018
London UK
02:00 PM
Black Hat Staff
Black Hat Staff
Event Updates

Black Hat Europe 2016:
BooleBox: A New Perspective On Enterprise Data Protection

The thought of sensitive data ending up in the wrong hands can keep both IT administrators and top-managers awake at night. As the latest trends show, many organizations are gaining more and more awareness about the various existing threats to their intellectual property and confidential information.


Many companies, from small and medium businesses to structured multinationals, have already witnessed cybersecurity incidents of unprecedented audacity, such as the Vatileaks scandal dated 2012 or the JP Morgan Bank data breach of 2014, to the most recent attacks against leading global brands such as Yahoo! and Dropbox. Unfortunately, these aren’t scenarios from the latest cyber movie or video game, but the current state of cybersecurity.

These latest attacks exhibit a level of malice that demand a new approach to cybersecurity. For example, the primary sources of attack on data security should no longer be searched only outside the firm. Inside threats, via poor awareness of company policies, lack of attention and use of mobile personal devices represent the wide array of potential existing threats that may compromise company data security from within. And when we talk about data leaks, we’re also referring to many different types of documents that are part of every company’s daily routine: price-sensitive information, intellectual property, patents, confidential information on employees, and much more.

For all these reasons, many companies are now looking for collaboration solutions characterized by embedded strong encryption and deciding to opt for secure collaboration platforms which are able to ensure both flexibility of work and top-level security on data.

In the world of enterprise file sync-and-share options, IT can take many different approaches to secure access on all devices. Vendors small and large offer products for data collaboration, sharing and storage both through cloud and on-premises installations. However, when it comes to enterprise file sync-and-share and security, BooleBox is king.

BooleBox Cloud is actually a military certified file sync and share solution purposely designed for all those individuals and businesses that have sensitive data to protect. Complexity and tediosity have always been the biggest reasons enterprise IT tends to avoid encryption in file-level security systems. BooleBox uses a different approach, which is based on the ability to set and use personal keys to encrypt and unlock files. Unlike other typical public cloud services, the solution offers complete privacy and control over data, including data controls while sharing and securing documents and e-mails. BooleBox basically relies on security standards and devices that have always been adopted within the military frame, making it now possible also for the enterprise world to take advantage and protect itself through its ultimate encryption logics.

For all those companies that need or prefer to store their data “in house,” BooleBox On-Premises is the right solution to be integrated in their IT infrastructure. The solution allows users to safely collaborate on confidential documents and maintain full control on access rights and real time revocability. BooleBox On-Premises also provides advanced security features for organizations needed an added level of protection and security for classified sensitive data.

BooleBox extends enterprise security beyond the perimeter with flexible access controls, granular rights and powerful encryption to wherever and whenever data is being shared. This is why its enterprise products have already gained success all over the world.



Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Government Shutdown Brings Certificate Lapse Woes
Curtis Franklin Jr., Senior Editor at Dark Reading,  1/11/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-01-16
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
PUBLISHED: 2019-01-16
An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.
PUBLISHED: 2019-01-16
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem.
PUBLISHED: 2019-01-16
An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call.
PUBLISHED: 2019-01-16
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse in, and yyerror in ntp_parser.y.