Cloud

12/4/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ScaleFT Announces General Availability of its Zero Trust Access Fabric

ScaleFT is the first company to deliver Google's BeyondCorp as a service - helping companies achieve their own Zero Trust security architecture.

SAN FRANCISCO - ScaleFT, the Zero Trust security company, today announced general availability of its Access Fabric, the globally-distributed real-time authorization engine backing its Zero Trust Access Management platform. Inspired by Google’s BeyondCorp, which allows employees and contractors to work securely from any location across the globe without the use of a VPN, the ScaleFT Zero Trust Access Management platform protects sensitive company resources through an application layer authentication and authorization model that factors in dynamic user and device conditions. Managing access to a company’s server and web application resources through layer 7 controls, ScaleFT is the first company to make the core components of BeyondCorp consumable as a service.

“We’ve witnessed the emergence of BeyondCorp as an industry-wide movement, with more and more companies wishing to achieve the same positive security and productivity outcomes as Google,” said Jason Luce, CEO and co-Founder of ScaleFT. “Few companies have the time, resources, and expert personnel as Google to successfully implement such a complex system themselves, which is what we’ve done for our customers.  Our mission is to make BeyondCorp a reality by breaking the architecture down into more consumable pieces that can be quickly adopted by any size organization. With the GA release of the ScaleFT Access Fabric, any company can start incorporating dynamic Zero Trust workflows for their internal resources with just a few clicks.”

ScaleFT first introduced Zero Trust principles to the market with its Server Access product in 2016, which eliminates the use of static credentials entirely for Linux and Windows servers through a client certificate-backed PKI architecture. Now running in production at a number of companies including Rackspace, Coursera, Quid, Jungle Disk, Zenoss, and more, ScaleFT Server Access has fundamentally changed how companies deal with privileged access, significantly lowering the attack surface of insider threats. With the release of the Access Fabric as the backing architecture for its Web Access product, ScaleFT now extends its capabilities to protecting internal applications such as GitHub Enterprise and the Atlassian suite with a Zero Trust architecture.

The combination of Server Access and Web Access is the full realization of a BeyondCorp architecture, which can now be consumed as a service from ScaleFT. “If a company like ScaleFT can help get us there, we’re 100% on the BeyondCorp model,” said Ryan Seekely, Director of Infrastructure and Security at Quid, Inc. “We won’t be able to do it ourselves and I was very grateful to be able to see a company like ScaleFT come along and solve a lot of the hard parts.” QUOTE FROM CASE STUDY PENDING FINAL APPROVAL

"For many years security has been seen as a blocker. As something that costs money and slows business down. As a result Security is relegated to being an afterthought, or ends up being left out entirely. The result? The increasingly massive breaches we have seen recently," said ScaleFT advisor, Marc Rogers, head of security at Cloudflare and organizer of the DEFCON conference. “With the advent of future-thinking architectures like BeyondCorp, security is finally able to work in harmony with business needs. This approach enables business processes to safely go faster, rather than slowing them down. Companies like ScaleFT can help arm businesses with the tools needed to embrace these new business first security architectures.”

ScaleFT offers a 30-day free trial of its Zero Trust Access Management platform, integrating out of the box with an enterprise’s choice of identity governance solutions, including Okta, G Suite, Active Directory, and more. 

For a live demo of the ScaleFT platform, the company is hosting a webinar on Wed. Dec 13th at 9 AM PST. To reserve a seat, register here.

Also find ScaleFT at KubeCon in Austin, TX this week. The company is hosting a Meetup in conjunction with the Cloud Austin Meetup group, Thursday Dec 7th at 5 PM. Ivan Dwyer of ScaleFT will be giving a presentation about adhering to policies the way Google did with BeyondCorp, along with Bret Piatt, CEO of Jungle Disk, who will be giving a talk about AI/ML in a security context.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
New Cold Boot Attack Gives Hackers the Keys to PCs, Macs
Kelly Sheridan, Staff Editor, Dark Reading,  9/13/2018
Mirai Hackers' Sentence Includes No Jail Time
Dark Reading Staff 9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17243
PUBLISHED: 2018-09-20
Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows SQL Injection.
CVE-2018-17232
PUBLISHED: 2018-09-20
SQL injection vulnerability in archivebot.py in docmarionum1 Slack ArchiveBot (aka slack-archive-bot) before 2018-09-19 allows remote attackers to execute arbitrary SQL commands via the text parameter to cursor.execute().
CVE-2018-17233
PUBLISHED: 2018-09-20
A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVE-2018-17234
PUBLISHED: 2018-09-20
Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVE-2018-17235
PUBLISHED: 2018-09-20
The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted mp4 file, which leads to a heap-based buffer over-read, causing denial of service.