Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

3/1/2016
02:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Nexusguard Selects Tinfoil Security for Cybersecurity Alliance

Complementary alliance creates a holistic ecosystem to deliver comprehensive cybersecurity

March 01, 2016 08:30 AM Eastern Standard Time

SAN FRANCISCO--(BUSINESS WIRE)--Nexusguard, the worldwide leader in distributed denial of service (DDoS) security solutions, today announced it has entered into a cybersecurity alliance with Tinfoil Security, a leading provider of application vulnerability detection. The relationship unites Nexusguard’s DDoS mitigation capability with Tinfoil’s developer-friendly service that lets security teams quickly scan their applications for vulnerabilities. The move gives customers comprehensive cybersecurity capabilities, with protections designed for the network and application layers.

Enterprise IT deployments face growing threats from countless sources. DDoS attacks continue to pose a significant challenge to network security and organizations’ online presence. However, the challenges extend far beyond just denial of service attacks. Intrusions and application vulnerabilities cause significant problems for IT security, as well. Companies need both elements of security to confidently address the existing threat landscape.

“Companies are fighting a war on multiple fronts. One of the best solutions is to ally against these developing threats to provide the best coverage,” Michael Borohovski, co-founder and chief technology officer for Tinfoil Security. “Finding vulnerabilities at the application layer is important, certainly – yet we believe there is a greater opportunity to do even more. Working with Nexusguard enables us to give companies a stronger defense against the threats they face every day.”

“As businesses work to overcome new zero-day threats in cyber attacks, we see increasing demand for best-in-breed technology,” Xenophon Giannis, vice president for Nexusguard, explains. “Our alliance with Tinfoil Security empowers customers access to an industry-leading service to tackle any form of intrusion or attack. A holistic security ecosystem gives businesses the comprehensive cybersecurity advantage required for today’s digital world.”

Nexusguard will be at RSA 2016 to discuss new solutions for cybersecurity protection. Visit Nexusguard in booth N5010. For more information, contact: [email protected].

About Nexusguard

Founded in 2008, Nexusguard is the global leader in fighting malicious Internet attacks. Nexusguard protects clients against a multitude of threats, including distributed denial of service (DDoS) attacks, to ensure uninterrupted Internet service. Nexusguard provides comprehensive, highly customized solutions for customers of all sizes, across a range of industries, and also enables turnkey anti-DDoS solutions for service providers. Nexusguard delivers on its promise to maximize peace of mind by minimizing threats and improving uptime. Headquartered in San Francisco, Nexusguard’s network of security experts extends globally. Visit www.nexusguard.com for more information.

About Tinfoil Security

Tinfoil Security provides security for DevOps, through an easy to use, developer friendly service that lets you scan your web application or API for vulnerabilities and fix them quickly. We're a team of experts with extensive backgrounds in security across many organizations. We focus on creating simple, usable security products and providing the best security on the market. We streamline the security process and focus on developers, providing the first line of security tools that easily integrate into the DevOps and development processes. Tinfoil was founded in 2011 by Ainsley Braun and Michael Borohovski, two MIT and intelligence community alumni who were tired of seeing their own information insecure on the Internet. Visit https://www.tinfoilsecurity.com/ for more information.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Take me to your BISO 
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-23369
PUBLISHED: 2021-05-10
In YzmCMS 5.6, XSS was discovered in member/member_content/init.html via the SRC attribute of an IFRAME element because of using UEditor 1.4.3.3.
CVE-2020-23370
PUBLISHED: 2021-05-10
In YzmCMS 5.6, stored XSS exists via the common/static/plugin/ueditor/1.4.3.3/php/controller.php action parameter, which allows remote attackers to upload a swf file. The swf file can be injected with arbitrary web script or HTML.
CVE-2020-23371
PUBLISHED: 2021-05-10
Cross-site scripting (XSS) vulnerability in static/admin/js/kindeditor/plugins/multiimage/images/swfupload.swf in noneCms v1.3.0 allows remote attackers to inject arbitrary web script or HTML via the movieName parameter.
CVE-2020-23373
PUBLISHED: 2021-05-10
Cross-site scripting (XSS) vulnerability in admin/nav/add.html in noneCMS v1.3.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the name parameter.
CVE-2020-23374
PUBLISHED: 2021-05-10
Cross-site scripting (XSS) vulnerability in admin/article/add.html in noneCMS v1.3.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the name parameter.