Cloud

12/4/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ScaleFT Announces General Availability of its Zero Trust Access Fabric

ScaleFT is the first company to deliver Google's BeyondCorp as a service - helping companies achieve their own Zero Trust security architecture.

SAN FRANCISCO - ScaleFT, the Zero Trust security company, today announced general availability of its Access Fabric, the globally-distributed real-time authorization engine backing its Zero Trust Access Management platform. Inspired by Google’s BeyondCorp, which allows employees and contractors to work securely from any location across the globe without the use of a VPN, the ScaleFT Zero Trust Access Management platform protects sensitive company resources through an application layer authentication and authorization model that factors in dynamic user and device conditions. Managing access to a company’s server and web application resources through layer 7 controls, ScaleFT is the first company to make the core components of BeyondCorp consumable as a service.

“We’ve witnessed the emergence of BeyondCorp as an industry-wide movement, with more and more companies wishing to achieve the same positive security and productivity outcomes as Google,” said Jason Luce, CEO and co-Founder of ScaleFT. “Few companies have the time, resources, and expert personnel as Google to successfully implement such a complex system themselves, which is what we’ve done for our customers.  Our mission is to make BeyondCorp a reality by breaking the architecture down into more consumable pieces that can be quickly adopted by any size organization. With the GA release of the ScaleFT Access Fabric, any company can start incorporating dynamic Zero Trust workflows for their internal resources with just a few clicks.”

ScaleFT first introduced Zero Trust principles to the market with its Server Access product in 2016, which eliminates the use of static credentials entirely for Linux and Windows servers through a client certificate-backed PKI architecture. Now running in production at a number of companies including Rackspace, Coursera, Quid, Jungle Disk, Zenoss, and more, ScaleFT Server Access has fundamentally changed how companies deal with privileged access, significantly lowering the attack surface of insider threats. With the release of the Access Fabric as the backing architecture for its Web Access product, ScaleFT now extends its capabilities to protecting internal applications such as GitHub Enterprise and the Atlassian suite with a Zero Trust architecture.

The combination of Server Access and Web Access is the full realization of a BeyondCorp architecture, which can now be consumed as a service from ScaleFT. “If a company like ScaleFT can help get us there, we’re 100% on the BeyondCorp model,” said Ryan Seekely, Director of Infrastructure and Security at Quid, Inc. “We won’t be able to do it ourselves and I was very grateful to be able to see a company like ScaleFT come along and solve a lot of the hard parts.” QUOTE FROM CASE STUDY PENDING FINAL APPROVAL

"For many years security has been seen as a blocker. As something that costs money and slows business down. As a result Security is relegated to being an afterthought, or ends up being left out entirely. The result? The increasingly massive breaches we have seen recently," said ScaleFT advisor, Marc Rogers, head of security at Cloudflare and organizer of the DEFCON conference. “With the advent of future-thinking architectures like BeyondCorp, security is finally able to work in harmony with business needs. This approach enables business processes to safely go faster, rather than slowing them down. Companies like ScaleFT can help arm businesses with the tools needed to embrace these new business first security architectures.”

ScaleFT offers a 30-day free trial of its Zero Trust Access Management platform, integrating out of the box with an enterprise’s choice of identity governance solutions, including Okta, G Suite, Active Directory, and more. 

For a live demo of the ScaleFT platform, the company is hosting a webinar on Wed. Dec 13th at 9 AM PST. To reserve a seat, register here.

Also find ScaleFT at KubeCon in Austin, TX this week. The company is hosting a Meetup in conjunction with the Cloud Austin Meetup group, Thursday Dec 7th at 5 PM. Ivan Dwyer of ScaleFT will be giving a presentation about adhering to policies the way Google did with BeyondCorp, along with Bret Piatt, CEO of Jungle Disk, who will be giving a talk about AI/ML in a security context.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12735
PUBLISHED: 2018-06-25
SAJ Solar Inverter allows remote attackers to obtain potentially sensitive information via a direct request for the inverter_info.htm or english_main.htm URI.
CVE-2017-9312
PUBLISHED: 2018-06-25
Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. When a crafted TCP packet is received, the device reboots immediately.
CVE-2018-10956
PUBLISHED: 2018-06-25
IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal.
CVE-2018-11039
PUBLISHED: 2018-06-25
Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vuln...
CVE-2018-11040
PUBLISHED: 2018-06-25
Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser request...