Risk

7/1/2013
03:52 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Cenzic Grants Rights On Some Key Patents To WhiteHat Security

Litigation between the two companies will be dismissed

Campbell, CA – July 1, 2013 – Cenzic, the leading provider of application security intelligence to reduce security risks, today announced that Santa Clara, Calif.-based WhiteHat Security has licensed Cenzic's foundational patents. Under this license agreement, Cenzic extends certain rights to WhiteHat to utilize its patents. Litigation between the two companies will be dismissed, with prejudice, with this license.

As part of this license agreement, WhiteHat, for an undisclosed sum, has licensed Cenzic's patents and related applications, which are foundational for web application scanner products and related services. These Cenzic patents and applications have been licensed by other leading web application security providers, including HP, IBM, and NTObjectives. With this license agreement, Cenzic also receives rights to all of WhiteHat's issued patents and related applications.

"We're glad that WhiteHat Security has taken responsibility in recognizing the value of our foundational patents in the application security space and are thereby licensing them," said John Weinschenk, CEO and President of Cenzic. "This further validates the unique distinction of Cenzic's technology patents to the extent that several large players and former competitors in the space utilize our technology today to strengthen their own capabilities. We're pleased to see our unique and differentiated technology innovations being adopted in this way."

About Cenzic

Cenzic provides the leading application security intelligence platform to continuously assess Cloud, Mobile and Web applications to reduce online security risk. Cenzic's solutions scale from single applications to enterprise-level deployments with hybrid approaches that enable testing of applications at optimal levels. Cenzic helps brands of all sizes protect their reputation and manage security risk in the face of malicious attacks. Cenzic's solutions are used in all parts of the software development lifecycle, and most importantly in production, to protect against new threats even after the application has been deployed. Cenzic's application security intelligence platform is architected to handle web, cloud and mobile applications and is the first to provide risk reduction recommendations for business, application developers and specific applications. Today, Cenzic secures more than half a million online applications and trillions of dollars of commerce for Fortune 1000 companies, all major security companies, government agencies, universities and SMBs. More information about Cenzic can be found at www.cenzic.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How the US Chooses Which Zero-Day Vulnerabilities to Stockpile
Ricardo Arroyo, Senior Technical Product Manager, Watchguard Technologies,  1/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3906
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.
CVE-2019-3907
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
CVE-2019-3908
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data.
CVE-2019-3909
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change the credentials without vendor intervention.
CVE-2019-3910
PUBLISHED: 2019-01-18
Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.