IoT
4/16/2018
03:35 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Red Balloon Security Announces Strategic Partnership with In-Q-Tel

New York City – Red Balloon Security, a world leader in universally compatible embedded security technology, today announced a strategic development agreement with and investment from In-Q-Tel, Inc. (IQT), the non-profit strategic investor that identifies and accelerates the development of innovative technologies to support the mission of the U.S. Intelligence Community (IC). The IQT partnership will enable Red Balloon Security to speed up the development of new government and commercial versions of the Symbiote Defense, its flagship security product for embedded devices. 

Symbiote Defense is a game changing technology that brings full-spectrum endpoint security to nearly all embedded devices in use today. The groundbreaking innovation at the heart of Symbiote Defense allows the technology to be universally compatible with nearly all embedded hardware, operating systems, and firmware stacks. Invented by Dr. Ang Cui at Columbia University’s Intrusion Detection Systems Lab, Symbiote Defense has already achieved over 14 billion hours of real-world operation without a single recorded failure. 

“We are honored to receive IQT’s support and look forward to working with them in the coming months and years to make embedded device security more broadly available to a wide range of industries, from the defense and governmental sectors to critical infrastructure, transportation, health care, consumer electronics and more,” said Ang Cui, founder and CEO of Red Balloon Security.

The Symbiote Defense is the world’s first viable embedded security solution capable of bringing much needed protection to the critical embedded devices used by dozens of industries. Prior to the strategic agreement with IQT, Red Balloon secured contracts for its technology with the U.S. Department of Defense and the Department of Homeland Security, as well as with organizations in commercial power, telecommunications, automotive, industrial control, and building control industries. It is also under license for use by Hewlett-Packard, Inc. and other consumer electronics manufacturers. 

“Red Balloon Security's solution is targeting previously unaddressed vulnerabilities in the IoT [Internet of Things] and connected device market,” offered George Hoyem, Managing Partner, IQT. “It has the potential to significantly improve the security posture of many embedded devices that are critical to our national security.” 

“The risks to embedded devices are increasing substantially year over year and we are in a unique position to solve this problem with Symbiote Defense. This technology represents the most promising approach to securing the world’s vulnerable embedded devices. It is a turnkey solution for any industrial, commercial, or military application that relies upon embedded devices. We see a strong future for Symbiote Defense and look forward to working with IQT to realize its potential,” stated Dr. Cui. 

About Red Balloon Security 

Red Balloon Security is a leading security provider for embedded devices across all industries. Founded in 2011 by Dr. Ang Cui, the company’s core technology, Symbiote Defense, was originally developed through Columbia University’s Intrusion Detection Systems Lab. After a decade of testing, billions of hours of error-free runtime and deployments in the US military, homeland security, critical infrastructure and consumer products, Symbiote Defense is the worlds most advanced and proven firmware defense system for embedded devices. Red Balloon Security’s pioneering industry research is led by a team of world-class academics, researchers and developers who have published seminal research papers in the fields of embedded security and intrusion detection, directed U.S. Department of Defense funded research activities, responsibly disclosed vulnerabilities within hundreds of millions of ubiquitous embedded devices and worked as embedded security researchers within various intelligence agencies. Website: http://www.redballoonsecurity.com 

About In-Q-Tel

In-Q-Tel is the not-for-profit, strategic investor that works to identify, adapt, and deliver innovative technology solutions to support the missions of the U.S. Intelligence Community. Launched in 1999 as a private, independent organization, IQT’s mission is to identify and partner with companies developing cutting-edge technologies that serve the national security interests of the United States. For more information, visit http://www.iqt.org.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-13435
PUBLISHED: 2018-08-16
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method to disable passcode authentication. NOTE: the vendor indicates that this is not an attack of interest w...
CVE-2018-13446
PUBLISHED: 2018-08-16
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. ...
CVE-2018-14567
PUBLISHED: 2018-08-16
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.
CVE-2018-15122
PUBLISHED: 2018-08-16
An issue found in Progress Telerik JustAssembly through 2018.1.323.2 and JustDecompile through 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object (such as DLL or EXE) with an embedded resource file by clicking on the resource.
CVE-2018-11509
PUBLISHED: 2018-08-16
ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and password as it does for the NAS itself for applications that are installed from the online repository. This may allow an attacker to login and upload a webshell.