05:49 PM
Dark Reading
Dark Reading
Products and Releases

HyTrust Acquires HighCloud Security

Combined offering enables 'cloaked' private, hybrid, and public clouds

MOUNTAIN VIEW, Calif. – November 7, 2013 – HyTrust Inc., the Cloud Security Automation Company, today announced that it has acquired HighCloud Security, a leader in cloud encryption and key management software. By combining HyTrust's powerful administrative visibility and control with HighCloud's strengths in encryption and key management, the acquisition offers customers of both companies an unprecedented level of flexibility in addressing security, compliance and data privacy requirements in all cloud environments--private, public and hybrid.

"With the increasing prevalence of data breaches, leaks of classified information by insiders, and surveillance in the cloud, data security and privacy are more important than perhaps ever before," said HyTrust CEO John De Santis. "Cloud computing in all its forms has become the top technology priority for every enterprise, and that's why we've quadrupled our growth at HyTrust in just the past year. By bringing HighCloud Security's market-leading technologies into the HyTrust family of solutions, we can take to market the strongest protection for virtualized cloud infrastructure available anywhere."

The combined offering from HyTrust and HighCloud enables 'cloaked' private, hybrid and public clouds and helps address three of the primary security concerns in cloud environments. These are:

· The broad level of access available to privileged users with malicious intent (or those who acquire their credentials)

· Breaches and other data center disasters caused not by criminal intent but through human error or misconfiguration

· Challenges involved in maintaining the security and privacy of the data itself

While these issues don't always get the attention they deserve, security executives are certainly aware of the concerns that stem from in-house misuse. A recent report1 from Forrester Research notes that insiders rather than extraneous criminal elements were the top source of breaches in the past 12 months, and 36% of them were caused not by malfeasance but by inadvertent misuse of data by employees.

In this environment, HyTrust and HighCloud Security offer unique and complementary strengths to the market.

Eric Chiu, president and founder of HyTrust, said: "HyTrust represents the control point for cloud management, providing automated policy-based security for private cloud environments that can enable both trusted hybrid clouds and 'cloaked' public clouds. HighCloud encryption, meanwhile, can be deployed in private, hybrid and public clouds, ensuring data security and privacy as organizations migrate between these environments."

Cloud computing, and the security concerns that go with it, remain a top priority for most organizations. According to technology analyst firm Gartner Inc., nearly half of large enterprises have deployed a private cloud service and three-fourths expect to have hybrid cloud deployments by 2015.2 A full 80% of organizations intend to use cloud services in some form within the next year, while 60% plan to increase their investment in the next two to five years.3

Chiu continued: "The service also enables a unique level of 'walk-way' freedom by making it possible to securely change cloud providers or decommission from the cloud without having to worry about data being left behind. This also makes it easier for corporations to achieve compliance with regulations such as HIPAA and PCI."

While the technologies can already be used together, the HighCloud solution will in the future be integrated into HyTrust to more tightly bind administrative controls with data security in cloud environments, making encryption and key management invisible to the end user. HighCloud's engineering team will join HyTrust, continuing to provide support and maintenance to existing customers, and moving forward with the development of HighCloud's technology roadmap.

"HighCloud and HyTrust have had many ties over the years and solve complementary problems for customers," said Bill Hackenberger, co-founder, president and CEO of HighCloud Security. "Together, HyTrust and HighCloud give enterprises unprecedented ability to address security, compliance and data privacy requirements for all cloud environments, private, hybrid and public."

Industry Analysts, Customers & Partners Approve

Todd Pavone, executive vice president of Product Development and Strategy at VCE, the industry leader in Converged Infrastructure, explained, "Security is critical to the adoption of cloud computing. HyTrust's acquisition of HighCloud Security is a home run-- it greatly enhances the level of security in a range of evolving user environments while easing the implementation of new technologies."

Wayne Pauley, senior analyst at Enterprise Strategy Group, said, "HyTrust sits at the center of an important IT ecosystem, providing the control, security configuration, compliance assurance and visibility needed to reap the benefits of the cloud. With HighCloud, HyTrust adds strong, cloud-optimized data security to its portfolio – a critical requirement for data protection and compliance. And customers gain improved security for data at rest – enabling the same level of visibility in the new virtual datacenter as its physical counterparts."

Jeff Byrne, senior analyst & consultant, Taneja Group, said, "In the move towards software-defined data centers, HyTrust is a key enabler for software-defined security with the ability to automate and orchestrate controls across the cloud. The HighCloud acquisition is a major step that supports HyTrust's vision of enabling automated, policy-based security for the cloud to prevent breaches and data center disasters."

Shannon Poulin, vice president of marketing for Intel's Datacenter and Connected Systems Group, said, "HyTrust is a strategic collaborator in Intel's software-defined infrastructure initiative, which allows security to be automated and provisioned on-demand across private, hybrid, and public clouds in order to safeguard data, maintain compliance, and increase SLAs. HyTrust's addition of automated encryption and key management, combined with Intel AES-NI acceleration, gives organizations even greater confidence to run their most mission-critical workloads in the cloud while retaining the highest level of data security and privacy."

Dave Shackleford, founder of Voodoo Security, said, "HyTrust has built a strong position for protecting against the insider threat in virtualized datacenters. HighCloud encryption and key management effectively secures the data in these environments, as well as in public clouds. This acquisition gives HyTrust an interesting opportunity to expand its market position, providing tighter controls over both people and data in the cloud."

Eric Novikoff, COO of ENKI, a cloud service provider, said, "Security and data privacy are paramount for our customers, especially those with compliance requirements. The combined strengths of HyTrust and HighCloud technologies make this a truly compelling solution that helps us mitigate customer concerns and expand our offering to more security-sensitive customers."

Derek Brink, vice president and research fellow for IT Security, Aberdeen Group, said, "Aberdeen's research has consistently shown that security, compliance, and visibility are among the leading inhibitors to even faster adoption of virtualization and cloud. It has also shown that augmenting the security capabilities of cloud solution providers, while retaining enterprise visibility and control, corresponds with about one-third less cost per application per year, driven in part by better security and in part by more consistent and efficient operations. HyTrust's acquisition of HighCloud Security is very much in line with these findings, and should be seen as a good move for both companies and their respective customers and business partners."

Forrester analysts John Kindervag, Stephanie Balaouras, Rick Holland and Heidi Shey reported4, "Increasingly, customers want vendors to embed more security functionality into a single service or product. Consolidated offerings give security and risk (S&R) professionals more visibility and control into their environment and they also reduce the operational complexity and cost of managing individual point products." They continue, "Forrester's Zero Trust model states that S&R pros must eliminate the idea of an internal trusted network and an untrusted external network. Three concepts underpin Zero Trust. S&R pros must: 1) verify and secure all resources regardless of location; 2) limit and strictly enforce access control across all user populations, devices, channels, and hosting models; and 3) log and inspect all traffic, both internal and external." HyTrust is delivering the highest levels of visibility and control for cloud environments as would be available for physical datacenters. And it has further consolidated the broadest range of capabilities under one umbrella so that organizations can ensure strong security and compliance.


HyTrust will conduct a webinar on Wednesday, November 20, 2013 at 2:00 PM (EST) to communicate this news in greater detail and demonstrate how, with this move, the company is enabling end-to-end security for cloud environments. Please register here:

About HighCloud Security

Founded by Silicon Valley veterans, Bill Hackenberger and Steve Pate, HighCloud Security offers encryption and key management software designed specifically to address the unique security challenges of virtualized server infrastructures. Virtual machines are mobile, dynamic and contain specific files that can contain sensitive data even when the VMs are dormant. HighCloud addresses these specific vulnerabilities with strong encryption that travels with each VM, encrypts even snapshot and suspended files, and allows organizations to secure data in private, public and hybrid clouds.

About HyTrust (

Cloud Under Control&trade

Headquartered in Mountain View, CA, HyTrust® is the Cloud Security Automation (CSA) company. HyTrust delivers the essential real-time control, security, administrative account monitoring, logging and compliance assurance necessary to enable the benefits of cloud adoption and virtualization of critical workloads. The Company is backed by top tier investors VMware, Cisco Systems, Intel Corporation, In-Q-Tel, Fortinet, Granite Ventures, Trident Capital, and Epic Ventures; its partners include VMware, VCE, Symantec, CA, McAfee, Splunk; HP Arcsight, Accuvant, RSA and Intel Corporation.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
New Mirai Version Targets Business IoT Devices
Dark Reading Staff 3/19/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Reading Schneier's Friday Squid Blog again?
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version that could allow a malicious user with local access to execute code with administrative privileges.
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.