Risk
2/3/2014
01:47 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Catbird Integrates With Cisco Application Centric Infrastructure (ACI)

Catbird, with Cisco ACI integration, allows IT teams to stitch network security into ACI policy

Scotts Valley, CA--February 3, 2014--Catbird, the leader in security policy automation and enforcement for private clouds and virtual infrastructure, today announced a new partnership with Cisco. Revealed today on Cisco's blog, the partnership brings Catbird's policy-based security automation, evidence of control, and compliance enforcement capabilities to Cisco's Application Centric Infrastructure (ACI).

"ACI's policy-based approach to the physical and virtual network is a perfect complement to our policy-based network security approach for data center asset control and compliance enforcement", said Edmundo Costa, CEO of Catbird. "Catbird was built to secure SDN. The partnership with Cisco ACI will dramatically reduce the cost and complexity of compliance by ensuring that network security controls are delivered based on an application-based policy, in a flexible and elastic manner."

Within today's highly dynamic cloud data centers, assets and their network configurations are subject to change yet compliance continues to rely on manual processes lacking automation. Catbird, with Cisco ACI integration, allows IT teams to stitch network security into ACI policy, providing a highly standardized, automated approach to provisioning security as part of the network policy, through the asset lifecycle from asset inception to teardown. Catbird also delivers enterprise-wide visualization, workflow and reporting for assurance of control, continuous measurement, and enforcement, essential for complying with standards such as PCI, HIPAA and FISMA.

ACI's network and application view, combined with Catbird's asset-based network security policy automation and enforcement, will allow assets to be seamlessly protected through their entire lifecycle. Network security and compliance measurements are seamlessly integrated into the network fabric, providing customers with enterprise-wide visibility and data protection.

"SDN will transform network security and make hardware-based security obsolete" said Randal Asay, CTO for Catbird. "Network security and compliance policy attributes are delivered via integrated services, something that the hardware world only dreams about. Catbird provides an in-fabric, distributed approach that delivers security deep within the SDN infrastructure."

About Catbird

Catbird brings the power, agility and automation of the cloud to security policy and compliance, with a solution that automates, instruments and enforces policy while providing proof of continuous compliance. Customers rely on Catbird for managing cloud and virtualized infrastructure subject to compliance requirements including HIPAA, PCI-DSS, FISMA and SOX.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-4774
Published: 2015-05-25
Cross-site request forgery (CSRF) vulnerability in the login page in IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 allows remote attackers to hijack the authentication of arbitrary users via vectors involving a FRAME element.

CVE-2014-4778
Published: 2015-05-25
IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 do not send an X-Frame-Options HTTP header in response to requests for the login page, which allows remote attackers to conduct clickjacking attacks via vectors involving a FRAME element.

CVE-2014-6190
Published: 2015-05-25
The log viewer in IBM Workload Deployer 3.1 before 3.1.0.7 allows remote attackers to obtain sensitive information via a direct request for the URL of a log document.

CVE-2014-6192
Published: 2015-05-25
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5 iFix10, 6.0.5 before 6.0.5.6, and 6.0.5.5a before 6.0.5.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-8146
Published: 2015-05-25
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (hea...

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.