Risk
11/13/2007
02:57 AM
Connect Directly
RSS
E-Mail
50%
50%

Sun to Purchase ID Firm Vaau

Sun Microsystems strengthens market-leading identity management portfolio with intent to acquire Vaau

SANTA CLARA, Calif. -- Sun Microsystems, Inc. (NASDAQ:JAVA)(1) and Vaau, Inc. today announced that the two companies have entered into a definitive agreement pursuant to which Sun will acquire Vaau, a premier provider of Enterprise Role Management (ERM) and identity compliance solutions.

As a leader in enterprise role management and identity certification, Vaau provides an integrated set of capabilities to automate and enforce internal security controls that will further enhance Sun's ability to provide comprehensive solutions to our customers across the full spectrum of governance, risk and compliance.

As regulatory requirements continue to tighten, enterprises must find new ways to reduce auditing costs. By leveraging ERM, organizations can reduce these costs by discovering, defining, and managing user access with a common vocabulary that links business and IT. Vaau's RBACxTM solution combined with the provisioning and identity auditing capabilities of Sun's identity management portfolio powered by the Solaris™ 10 Operating System will enable organizations to streamline the provisioning process and significantly reduce the cost of auditing.

“This announcement further underscores Sun's leadership in the high growth identity audit and compliance categories, adding both a market-leading solution and proven implementation services to our portfolio,” said Jim McHugh, vice president of Marketing, Software Infrastructure, Sun Microsystems. “As a leader in enterprise role management and identity certification, Vaau provides an integrated set of capabilities to automate and enforce internal security controls that will further enhance Sun's ability to provide comprehensive solutions to our customers across the full spectrum of governance, risk and compliance.”

Sun Microsystems Inc. (Nasdaq: SUNW)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0485
Published: 2014-09-02
S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in (1) common.py or (2) local.py in backends/.

CVE-2014-3861
Published: 2014-09-02
Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element.

CVE-2014-3862
Published: 2014-09-02
CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to discover potentially sensitive URLs via a crafted reference element that triggers creation of an IMG element with an arbitrary URL in its SRC attribute, leading to information disclosure in a Referer log.

CVE-2014-5076
Published: 2014-09-02
The La Banque Postale application before 3.2.6 for Android does not prevent the launching of an activity by a component of another application, which allows attackers to obtain sensitive cached banking information via crafted intents, as demonstrated by the drozer framework.

CVE-2014-5136
Published: 2014-09-02
Cross-site scripting (XSS) vulnerability in Innovative Interfaces Sierra Library Services Platform 1.2_3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.