Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

2/27/2013
02:49 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

HyTrust Wins Major Patents For Automated Cloud Security And Virtual Infrastructure Management

Patents automate risk mitigation and compliance in virtualized infrastructure, and ease adoption of multitenant clouds

SAN FRANCISCO--(BUSINESS WIRE)--FROM THE RSA CONFERENCE--HyTrust®, the leader in policy management and access control for virtualization and cloud infrastructure, today announced that it has been awarded three separate patents by the U.S. Patent and Trademark Office (USPTO) in the area of virtualization infrastructure security. The new HyTrust patent portfolio features foundational technologies that greatly automate risk mitigation and compliance in virtualized infrastructure, and ease the adoption of multi-tenant clouds. While each technology offers particular benefits, the entire portfolio delivers the highest value when used in combination to help create automated security in virtualized data centers and cloud environments.

"Our primary mandate at HyTrust is to solve real-world problems for private and public sector organizations running massive multi-tenant clouds and more, and we're gratified that our efforts have been rewarded in this critical field," said Eric Chiu, president and founder, HyTrust. "As demand for optimal cloud security, control, management and compliance continues to rise, these patents further demonstrate that our solutions portfolio offers the best option for automating and securing cloud operations while cutting administrative costs and reducing the potential for errors."

The three patents awarded recently to HyTrust are:

Methods and Systems for Securely Managing Virtualization Platform

Adaptive Configuration Management System

Intelligent Security Control System for Virtualized Ecosystems

The first patent represents the basis for HyTrust's ground-breaking solution, HyTrust Appliance (HTA), which enables optimized virtualization with an enhanced return on investment (ROI). HTA automates numerous virtualized infrastructure security and compliance functions, particularly centralized access control and log reporting, the detection of host configuration errors, and workflow for one-time permissions.

The second patent, which covers Adaptive Configuration, builds on the benefits enabled by the first, using collective data and automation to shrink the ongoing cost of maintaining the safe configuration of hypervisors and other resources, such as virtual networks. It determines and recommends configuration changes (just as an individual's connections in a social network provide knowledge and recommendations that help make a decision). Adaptive Configuration also monitors the state of hypervisors and resources across the virtualization environment, analyzes the results, and recommends configuration changes based on emergent benchmarks, best practices, or established policy. Recommended changes can be automatically implemented throughout the environment, or implemented after administrator approval. The technology then monitors the results of the implemented recommendations and other changes in the environment, and makes iterative configuration recommendations that help keep virtualized resources secure and in compliance.

Finally, the Intelligent Security Control System (ISCS) covered in the third patent magnifies the financial benefits of essentially 'self-securing' virtualized data centers and clouds. It automatically discovers and categorizes the metadata, behavior, and administrator-defined security controls for various types of virtualized services and resources in real time. It then applies similar controls to all virtualized services and resources in a large data center or cloud. For example, ISCS technology could be used to determine the administrative privileges granted to groups in Active Directory, and automatically apply the relevant ones to privileged user roles in the virtualized environment. It could also automatically apply an enterprise's PCI-based policy to all Virtual Machines it identifies processing credit card information.

"The ultimate draw of virtualized infrastructure has always been that it offers greater efficiencies, flexibility and adaptability than traditional data centers, while reducing the resource allocation and costs associated with management and operations," said Jeff Byrne, Senior Analyst with Taneja Group. "HyTrust's portfolio of patented technologies and solution set goes much further than any other security control or management offering in realizing that potential."

About HyTrust (www.hytrust.com)

Cloud Under Control&trade

HyTrust®, headquartered in Mountain View, CA, is the leader in policy management and access control for virtual infrastructure. HyTrust empowers organizations to virtualize more--including servers that may be subject to compliance--by delivering enterprise-class controls for access, accountability, and visibility to their existing virtualization infrastructure. The Company is backed by top tier investors Granite Ventures, Cisco Systems, VMware, Trident Capital, and Epic Ventures; its partners include VMware; VCE; Symantec; CA; McAfee; Splunk; HP Arcsight; Accuvant; RSA and Intel Corporation.

- See more at: http://www.rsaconference.com/events/2013/usa/for-media/sponsor-news.htm#sthash.zaMubgd5.dpuf

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned
Nicole Sette, Director in the Cyber Risk practice of Kroll, a division of Duff & Phelps,  11/19/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-1001
PUBLISHED: 2019-11-21
Multiple cross-site scripting (XSS) vulnerabilities in Chyrp before 2.1.2 and before 2.5 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the (1) content parameter to includes/ajax.php or (2) body parameter to includes/error.php.
CVE-2014-8356
PUBLISHED: 2019-11-21
The web administrative portal in Zhone zNID 2426A before S3.0.501 allows remote authenticated users to bypass intended access restrictions via a modified server response, related to an insecure direct object reference.
CVE-2015-3140
PUBLISHED: 2019-11-21
Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567
CVE-2019-19207
PUBLISHED: 2019-11-21
rConfig 3.9.2 allows devices.php?searchColumn= SQL injection.
CVE-2019-19203
PUBLISHED: 2019-11-21
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read.