Attacks/Breaches

7/3/2018
08:40 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Trustonic Awarded Cybersecurity Certification By French Government

Mobile, IoT and application security specialist accredited federally and internationally

03 July 2018, Cambridge, UK – Trustonic has been awarded the new Security Visa by the French National Cybersecurity Agency. This prestigious stamp of approval is used by the Agence nationale de la sécurité des systèmes d’information (ANSSI) to help commercial businesses and government organizations make informed decisions about cybersecurity solutions.

The ANSSI Security Visa recognizes the most secure, reliable and robust solutions. This certification is based on extensive penetration testing and in-depth analysis which ensures compliance with stringent international standards.

“Security is a top priority for business and government and both recognize that app protection is central in the battle against malware, hacking and fraud,” says Christophe Colas, SVP Products & Licensing, Trustonic. “Together with the other international accreditations we already have, including FIPS and GlobalPlatform, this latest award based on the Common Criteria certification of our product, demonstrates the robustness and reliability of our platform against the very highest standards. It gives our customers the confidence that they are choosing a solution that has been evaluated and approved by the most rigorous bodies, a critical consideration for banking, payments, IoT, government and enterprise mobile app developers who want to protect sensitive data, IP, customer information and, ultimately, their reputation.”

The Trustonic platform is already embedded into more than 1.5 billion devices and combines hardware and software security with development tools that make building the most secure mobile apps easy for developers. Trustonic provides a Trusted Execution Environment (TEE), a hardware-based security technology that offers a secure operating system (OS) isolated from the normal device OS, utilizing a unique and distinct trusted identity embedded into devices during manufacture. This makes the device, and trusted applications running on it that have been developed using Trustonic’s SDK, highly protected against threats and enables enhanced security such as biometric authentication and secure PIN entry.

“Many app developers use software protection alone or OS-based security functions, but it is rarely robust or effective enough to protect sensitive apps,” adds Colas. “By using Trustonic Application Protection, they can easily build enhanced hardware-backed protected applications to deliver faster, richer and safer services to any device.”

Learn more about how Trustonic Application Protection can protect your mobile app.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17317
PUBLISHED: 2018-09-21
FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the io_mode, ap_mode, io_action, io_in_iface, io_in_set, io_in_ip, io_in_mask, io_in_gw, io_out_iface, io_out_set, io_out_mask, io_out_gw, iface, or domain parameter to /ww...
CVE-2018-17320
PUBLISHED: 2018-09-21
An issue was discovered in UCMS 1.4.6. aaddpost.php has stored XSS via the sadmin/aindex.php minfo parameter in a sadmin_aaddpost action.
CVE-2018-17141
PUBLISHED: 2018-09-21
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.
CVE-2018-17173
PUBLISHED: 2018-09-21
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail.
CVE-2018-17174
PUBLISHED: 2018-09-21
A stack-based buffer overflow was discovered in the xtimor NMEA library (aka nmealib) 0.5.3. nmea_parse() in parser.c allows an attacker to trigger denial of service (even arbitrary code execution in a certain context) in a product using this library via malformed data.