Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

4/20/2015
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Passages Helps Businesses Prevent Targeted Attacks, Defend the Network

Company to demo new safe browsing solution at RSA Conference and present session 3Website Counterintelligence 2

San Francisco, RSA Conference 2015, April 20, 2015 ­ Ntrepid® Corporation, a provider of cutting-edge cyber security solutions, announces the upcoming release of Passages, the only secure virtual browser that safeguards businesses against both targeted and pivot attacks ­ threats that have been unaddressed by conventional security solutions in the marketplace thus far.

 ³During the last 18 months, we have seen an unprecedented number of web security breaches and a rapid rise in the use of targeting and other sophisticated Advanced Persistent Threat techniques,² said Lance Cottrell, chief scientist at Ntrepid. ³We believe that the traditional approaches to web security just don¹t work anymore. Passages represents a fundamentally new approach to protecting against a range of web-based attacks, enabling businesses to safely and confidently forge ahead in today¹s global, web-based world. Ntrepid is proud to be leading the charge.²

 Passages begins each browsing session in a clean state by isolating the browser in a virtual machine and cutting off all access to local files. This design prevents all unwanted communication between the local machine and the virtual environment. A virtual private network then segregates all network traffic from the browser protecting the enterprise¹s identity, avoiding targeting and mitigating against pivot attacks. This also prevents an attacker from moving away from the browser to the local machine and ultimately other devices on the local network.

Passages¹ Safehold prevents all drive-by downloads and other malware from reaching the user¹s computer during a browsing session by restricting all downloads to a secure cloud server, where they are scanned and determined malware-free before permission is granted to transfer to the desktop. Finally, Insight for Passages provides enterprise-level provisioning, monitoring and management of the application.

Passages Availability

Ntrepid is offering trials of Passages, and interested parties can sign up at the company¹s RSA Conference Booth #S727 or online at http://www.ntrepidcorp.com/passages/.

RSA Conference: ³Website Counterintelligence ­ Leveraging Web Logs to Gather Intelligence²

The Passages team will provide hands-on demos at RSA Conference in Booth #S727. Experts will be available to discuss how businesses can safely and confidently forge ahead in an increasingly web-based global economy.

Rounding out Ntrepid¹s participation in RSA, as well as the launch of Passages, Cottrell, will conduct conference session MASH-F02, ³Website Counterintelligence ­ Leveraging Web Logs to Gather Intelligence.²

 Cottrell will show how web logs can be used to identify competitors who visit their business¹s website, how to track their activity and analyze behavior to discover research activities, new product development efforts and potential investors. Session attendees will also learn how to develop a successful website counterintelligence strategy, the value of web logs, and how to leverage them to guard your organization against undesired visitors. The session will be held Friday, April 24, 10:10 AM ­ 11:00 AM, West ­ Room 2002. More information is available at https://www.rsaconference.com/events/us15/agenda/sessions/1550/website-counterintelligence-leveraging-web-logs-to.

About Ntrepid

Ntrepid¹s patented technology, leveraging a 15-year history of protecting the national security community from the world¹s most sophisticated opponents, protects tens of thousand of users in some of the world¹s most demanding security environments, with clients including the Department of Defense, Department of Homeland Security, Department of Treasury, Department of Justice, Department of Health and Human Services, and the Department of State. From corporate identity management to secure browsing, Ntrepid products empower enterprise online research and data collection, eliminating threats to an online workforce. More information can be found at http://www.NtrepidCorp.com.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...