Endpoint

9/24/2015
10:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Red Balloon Security Announces Advanced Host Based Security For Embedded Devices

HP first to deploy secured embedded devices technology on select LaserJet printers

September 22nd, 2015 (New York, NY) – Red Balloon Security, the leading company behind strong host-based embedded security, today announced commercially available defense technologies that significantly reduce the threat of embedded device malware attacks on end users and organizations. HP is deploying this host-based defense technology on three new HP LaserJet Enterprise printers and MFPs coming out this fall. HP will also deliver a firmware update enabling these capabilities on all Future Smart-enabled HP LaserJet Enterprise printers already operating in the field.

Red Balloon Security’s technology originated from a Columbia Engineering laboratory in response to increased and forecasted exploitation of embedded devices.  Columbia University exclusively transferred the technology to Red Balloon Security to make advanced anti-malware available to the commercial market. “Our technology is the culmination of almost a decade of work,” said Dr. Ang Cui, Chief Scientist and CEO of Red Balloon. “It was designed to install easily on any device without modifying the hardware or source code and works on any CPU and all operating systems.”

Red Balloon Security technology is a first-of-its-kind intrusion defense that provides persistent implant detection, in-device memory monitoring and situational awareness to protect against malicious attacks.  The technology is broadly compatible with printers, routers, automobiles, telephony, peripherals, point of sale, industrial control, aviation, medical equipment and more.  It can be installed on any embedded devices, a result of Red Balloon Security’s decade long relationship with Department of Homeland Security Science and Technology (S&T) Directorate and DARPA. Until now, hardening all types of embedded devices has proven intractable and prohibitively costly at scale.

Red Balloon Security is making a commitment to improving device security, and upgrades are planned to continue to fortify the security posture of the company’s technologies.

About Red Balloon Security

Red Balloon Security is the leading embedded device security company, delivering deep host-based defense for all devices. We build technologies that provide intrusion defense and situational awareness capable of defending against advanced zero-day exploitation of embedded devices. Red Balloon Security works with public sector, manufacturers and enterprises. Red Balloon Security is a privately held company based in New York City started by researchers from Columbia University.  It is a Columbia Portfolio Company and a Microsoft Ventures Accelerator company. More information can be found at https://www.redballoonsecurity.com.

 

# # #

 

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Microsoft President: Governments Must Cooperate on Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/8/2018
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
2018 on Track to Be One of the Worst Ever for Data Breaches
Jai Vijayan, Freelance writer,  11/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1643
PUBLISHED: 2018-11-15
The Installation Verification Tool of IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...
CVE-2018-0693
PUBLISHED: 2018-11-15
Directory traversal vulnerability in FileZen V3.0.0 to V4.2.1 allows remote attackers to upload an arbtrary file in the specific directory in FileZen via unspecified vectors.
CVE-2018-0694
PUBLISHED: 2018-11-15
FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2018-0695
PUBLISHED: 2018-11-15
Cross-site scripting vulnerability in User-friendly SVN (USVN) Version 1.0.7 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2018-0697
PUBLISHED: 2018-11-15
Cross-site scripting vulnerability in Metabase version 0.29.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.