Cloud

12/4/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ScaleFT Announces General Availability of its Zero Trust Access Fabric

ScaleFT is the first company to deliver Google's BeyondCorp as a service - helping companies achieve their own Zero Trust security architecture.

SAN FRANCISCO - ScaleFT, the Zero Trust security company, today announced general availability of its Access Fabric, the globally-distributed real-time authorization engine backing its Zero Trust Access Management platform. Inspired by Google’s BeyondCorp, which allows employees and contractors to work securely from any location across the globe without the use of a VPN, the ScaleFT Zero Trust Access Management platform protects sensitive company resources through an application layer authentication and authorization model that factors in dynamic user and device conditions. Managing access to a company’s server and web application resources through layer 7 controls, ScaleFT is the first company to make the core components of BeyondCorp consumable as a service.

“We’ve witnessed the emergence of BeyondCorp as an industry-wide movement, with more and more companies wishing to achieve the same positive security and productivity outcomes as Google,” said Jason Luce, CEO and co-Founder of ScaleFT. “Few companies have the time, resources, and expert personnel as Google to successfully implement such a complex system themselves, which is what we’ve done for our customers.  Our mission is to make BeyondCorp a reality by breaking the architecture down into more consumable pieces that can be quickly adopted by any size organization. With the GA release of the ScaleFT Access Fabric, any company can start incorporating dynamic Zero Trust workflows for their internal resources with just a few clicks.”

ScaleFT first introduced Zero Trust principles to the market with its Server Access product in 2016, which eliminates the use of static credentials entirely for Linux and Windows servers through a client certificate-backed PKI architecture. Now running in production at a number of companies including Rackspace, Coursera, Quid, Jungle Disk, Zenoss, and more, ScaleFT Server Access has fundamentally changed how companies deal with privileged access, significantly lowering the attack surface of insider threats. With the release of the Access Fabric as the backing architecture for its Web Access product, ScaleFT now extends its capabilities to protecting internal applications such as GitHub Enterprise and the Atlassian suite with a Zero Trust architecture.

The combination of Server Access and Web Access is the full realization of a BeyondCorp architecture, which can now be consumed as a service from ScaleFT. “If a company like ScaleFT can help get us there, we’re 100% on the BeyondCorp model,” said Ryan Seekely, Director of Infrastructure and Security at Quid, Inc. “We won’t be able to do it ourselves and I was very grateful to be able to see a company like ScaleFT come along and solve a lot of the hard parts.” QUOTE FROM CASE STUDY PENDING FINAL APPROVAL

"For many years security has been seen as a blocker. As something that costs money and slows business down. As a result Security is relegated to being an afterthought, or ends up being left out entirely. The result? The increasingly massive breaches we have seen recently," said ScaleFT advisor, Marc Rogers, head of security at Cloudflare and organizer of the DEFCON conference. “With the advent of future-thinking architectures like BeyondCorp, security is finally able to work in harmony with business needs. This approach enables business processes to safely go faster, rather than slowing them down. Companies like ScaleFT can help arm businesses with the tools needed to embrace these new business first security architectures.”

ScaleFT offers a 30-day free trial of its Zero Trust Access Management platform, integrating out of the box with an enterprise’s choice of identity governance solutions, including Okta, G Suite, Active Directory, and more. 

For a live demo of the ScaleFT platform, the company is hosting a webinar on Wed. Dec 13th at 9 AM PST. To reserve a seat, register here.

Also find ScaleFT at KubeCon in Austin, TX this week. The company is hosting a Meetup in conjunction with the Cloud Austin Meetup group, Thursday Dec 7th at 5 PM. Ivan Dwyer of ScaleFT will be giving a presentation about adhering to policies the way Google did with BeyondCorp, along with Bret Piatt, CEO of Jungle Disk, who will be giving a talk about AI/ML in a security context.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15504
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.
CVE-2018-15505
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 a...
CVE-2018-15492
PUBLISHED: 2018-08-18
A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.
CVE-2018-15494
PUBLISHED: 2018-08-18
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
CVE-2018-15495
PUBLISHED: 2018-08-18
/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curl_exec call, as demonstrated by a file:///etc/passwd value.