Cloud

12/4/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ScaleFT Announces General Availability of its Zero Trust Access Fabric

ScaleFT is the first company to deliver Google's BeyondCorp as a service - helping companies achieve their own Zero Trust security architecture.

SAN FRANCISCO - ScaleFT, the Zero Trust security company, today announced general availability of its Access Fabric, the globally-distributed real-time authorization engine backing its Zero Trust Access Management platform. Inspired by Google’s BeyondCorp, which allows employees and contractors to work securely from any location across the globe without the use of a VPN, the ScaleFT Zero Trust Access Management platform protects sensitive company resources through an application layer authentication and authorization model that factors in dynamic user and device conditions. Managing access to a company’s server and web application resources through layer 7 controls, ScaleFT is the first company to make the core components of BeyondCorp consumable as a service.

“We’ve witnessed the emergence of BeyondCorp as an industry-wide movement, with more and more companies wishing to achieve the same positive security and productivity outcomes as Google,” said Jason Luce, CEO and co-Founder of ScaleFT. “Few companies have the time, resources, and expert personnel as Google to successfully implement such a complex system themselves, which is what we’ve done for our customers.  Our mission is to make BeyondCorp a reality by breaking the architecture down into more consumable pieces that can be quickly adopted by any size organization. With the GA release of the ScaleFT Access Fabric, any company can start incorporating dynamic Zero Trust workflows for their internal resources with just a few clicks.”

ScaleFT first introduced Zero Trust principles to the market with its Server Access product in 2016, which eliminates the use of static credentials entirely for Linux and Windows servers through a client certificate-backed PKI architecture. Now running in production at a number of companies including Rackspace, Coursera, Quid, Jungle Disk, Zenoss, and more, ScaleFT Server Access has fundamentally changed how companies deal with privileged access, significantly lowering the attack surface of insider threats. With the release of the Access Fabric as the backing architecture for its Web Access product, ScaleFT now extends its capabilities to protecting internal applications such as GitHub Enterprise and the Atlassian suite with a Zero Trust architecture.

The combination of Server Access and Web Access is the full realization of a BeyondCorp architecture, which can now be consumed as a service from ScaleFT. “If a company like ScaleFT can help get us there, we’re 100% on the BeyondCorp model,” said Ryan Seekely, Director of Infrastructure and Security at Quid, Inc. “We won’t be able to do it ourselves and I was very grateful to be able to see a company like ScaleFT come along and solve a lot of the hard parts.” QUOTE FROM CASE STUDY PENDING FINAL APPROVAL

"For many years security has been seen as a blocker. As something that costs money and slows business down. As a result Security is relegated to being an afterthought, or ends up being left out entirely. The result? The increasingly massive breaches we have seen recently," said ScaleFT advisor, Marc Rogers, head of security at Cloudflare and organizer of the DEFCON conference. “With the advent of future-thinking architectures like BeyondCorp, security is finally able to work in harmony with business needs. This approach enables business processes to safely go faster, rather than slowing them down. Companies like ScaleFT can help arm businesses with the tools needed to embrace these new business first security architectures.”

ScaleFT offers a 30-day free trial of its Zero Trust Access Management platform, integrating out of the box with an enterprise’s choice of identity governance solutions, including Okta, G Suite, Active Directory, and more. 

For a live demo of the ScaleFT platform, the company is hosting a webinar on Wed. Dec 13th at 9 AM PST. To reserve a seat, register here.

Also find ScaleFT at KubeCon in Austin, TX this week. The company is hosting a Meetup in conjunction with the Cloud Austin Meetup group, Thursday Dec 7th at 5 PM. Ivan Dwyer of ScaleFT will be giving a presentation about adhering to policies the way Google did with BeyondCorp, along with Bret Piatt, CEO of Jungle Disk, who will be giving a talk about AI/ML in a security context.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
Empathy: The Next Killer App for Cybersecurity?
Shay Colson, CISSP, Senior Manager, CyberClarity360,  11/13/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Post a Comment
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15759
PUBLISHED: 2018-11-19
Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method of verifying credentials. A remote unauthenticated malicious user may make many requests to the service broker with different credentials, allowing them to infer valid credentials and gain access to perfo...
CVE-2018-15761
PUBLISHED: 2018-11-19
Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges...
CVE-2018-17190
PUBLISHED: 2018-11-19
In all versions of Apache Spark, its standalone resource manager accepts code to execute on a 'master' host, that then runs that code on 'worker' hosts. The master itself does not, by design, execute user code. A specially-crafted request to the master can, however, cause the master to execute code ...
CVE-2018-1841
PUBLISHED: 2018-11-19
IBM Cloud Private 2.1.0 could allow a local user to obtain the CA Private Key due to it being world readable in boot/master node. IBM X-Force ID: 150901.
CVE-2018-18519
PUBLISHED: 2018-11-19
BestXsoftware Best Free Keylogger 5.2.9 allows local users to gain privileges via a Trojan horse "%PROGRAMFILES%\BFK 5.2.9\syscrb.exe" file because of insecure permissions for the BUILTIN\Users group.