Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

2/27/2013
02:49 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

HyTrust Wins Major Patents For Automated Cloud Security And Virtual Infrastructure Management

Patents automate risk mitigation and compliance in virtualized infrastructure, and ease adoption of multitenant clouds

SAN FRANCISCO--(BUSINESS WIRE)--FROM THE RSA CONFERENCE--HyTrust®, the leader in policy management and access control for virtualization and cloud infrastructure, today announced that it has been awarded three separate patents by the U.S. Patent and Trademark Office (USPTO) in the area of virtualization infrastructure security. The new HyTrust patent portfolio features foundational technologies that greatly automate risk mitigation and compliance in virtualized infrastructure, and ease the adoption of multi-tenant clouds. While each technology offers particular benefits, the entire portfolio delivers the highest value when used in combination to help create automated security in virtualized data centers and cloud environments.

"Our primary mandate at HyTrust is to solve real-world problems for private and public sector organizations running massive multi-tenant clouds and more, and we're gratified that our efforts have been rewarded in this critical field," said Eric Chiu, president and founder, HyTrust. "As demand for optimal cloud security, control, management and compliance continues to rise, these patents further demonstrate that our solutions portfolio offers the best option for automating and securing cloud operations while cutting administrative costs and reducing the potential for errors."

The three patents awarded recently to HyTrust are:

Methods and Systems for Securely Managing Virtualization Platform

Adaptive Configuration Management System

Intelligent Security Control System for Virtualized Ecosystems

The first patent represents the basis for HyTrust's ground-breaking solution, HyTrust Appliance (HTA), which enables optimized virtualization with an enhanced return on investment (ROI). HTA automates numerous virtualized infrastructure security and compliance functions, particularly centralized access control and log reporting, the detection of host configuration errors, and workflow for one-time permissions.

The second patent, which covers Adaptive Configuration, builds on the benefits enabled by the first, using collective data and automation to shrink the ongoing cost of maintaining the safe configuration of hypervisors and other resources, such as virtual networks. It determines and recommends configuration changes (just as an individual's connections in a social network provide knowledge and recommendations that help make a decision). Adaptive Configuration also monitors the state of hypervisors and resources across the virtualization environment, analyzes the results, and recommends configuration changes based on emergent benchmarks, best practices, or established policy. Recommended changes can be automatically implemented throughout the environment, or implemented after administrator approval. The technology then monitors the results of the implemented recommendations and other changes in the environment, and makes iterative configuration recommendations that help keep virtualized resources secure and in compliance.

Finally, the Intelligent Security Control System (ISCS) covered in the third patent magnifies the financial benefits of essentially 'self-securing' virtualized data centers and clouds. It automatically discovers and categorizes the metadata, behavior, and administrator-defined security controls for various types of virtualized services and resources in real time. It then applies similar controls to all virtualized services and resources in a large data center or cloud. For example, ISCS technology could be used to determine the administrative privileges granted to groups in Active Directory, and automatically apply the relevant ones to privileged user roles in the virtualized environment. It could also automatically apply an enterprise's PCI-based policy to all Virtual Machines it identifies processing credit card information.

"The ultimate draw of virtualized infrastructure has always been that it offers greater efficiencies, flexibility and adaptability than traditional data centers, while reducing the resource allocation and costs associated with management and operations," said Jeff Byrne, Senior Analyst with Taneja Group. "HyTrust's portfolio of patented technologies and solution set goes much further than any other security control or management offering in realizing that potential."

About HyTrust (www.hytrust.com)

Cloud Under Control&trade

HyTrust®, headquartered in Mountain View, CA, is the leader in policy management and access control for virtual infrastructure. HyTrust empowers organizations to virtualize more--including servers that may be subject to compliance--by delivering enterprise-class controls for access, accountability, and visibility to their existing virtualization infrastructure. The Company is backed by top tier investors Granite Ventures, Cisco Systems, VMware, Trident Capital, and Epic Ventures; its partners include VMware; VCE; Symantec; CA; McAfee; Splunk; HP Arcsight; Accuvant; RSA and Intel Corporation.

- See more at: http://www.rsaconference.com/events/2013/usa/for-media/sponsor-news.htm#sthash.zaMubgd5.dpuf

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/13/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14300
PUBLISHED: 2020-07-13
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in th...
CVE-2020-14298
PUBLISHED: 2020-07-13
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the co...
CVE-2020-15050
PUBLISHED: 2020-07-13
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.
CVE-2020-10987
PUBLISHED: 2020-07-13
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
CVE-2020-10988
PUBLISHED: 2020-07-13
A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device.