Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

2/23/2010
07:51 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Melissa Hathaway, John Stewart, Roland Cloutier Join Core's Advisory Board

Trio will play a significant role in guiding Core's future mission and in achieving those goals

BOSTON, MA " Feb. 23, 2010 - Core Security Technologies, provider of CORE IMPACT Pro, the most comprehensive product for proactive enterprise security testing, today announced that a trio of the IT security industry's most influential thought-leaders have joined its new Advisory Board, an initiative that will help guide the company's future business strategy, vulnerability research and product development plans.

With penetration testing established as a central element of proactive enterprise security programs worldwide, Core Security and its CORE IMPACT automated penetration testing solutions have been consistently recognized as clear leaders in providing customers with the ability to perform comprehensive assessments of their overall IT security standing in direct relation to real-world threats.

In signing on as founding members of the Core Advisory Board, the three experts will play a significant role in guiding Core's future mission and in achieving those goals. Represented on the Board are leading security strategists from payment processing giant ADP and networking behemoth Cisco, as well as a former top cyber-security advisor to two U.S. presidents.

The initial participants in the Core Advisory Board are:

Roland Cloutier, Vice President, Chief Security Officer, ADP Corp. (NASDAQ: ADP): As the newly appointed CSO of ADP, Cloutier offers the world's largest payroll processor a wealth of global protection and security leadership experience, most recently as Vice President and CSO of EMC, where he spearheaded protection of the company's worldwide business operations including leadership of all information, risk, crisis management, and investigative security operations, across both the commercial and government sectors.

Before joining EMC, Cloutier's career included security management roles at companies including AimNet Solutions, Paradigm Technology Partners and Network Data Systems (NDS), along with time in the networking services division of EDS, and over nine years in federal law enforcement.

"The complexities of protecting today's technology platforms that ensure the world's way of life have never been greater or more challenging," said Cloutier. "Core continues to develop and deliver innovative, market-leading security assurance platforms that enable practitioners around the globe to successfully affect their missions. I'm also very excited to work with two of the world's most incredible security thought leaders in advising Core and pioneering the future of advanced security technologies. "

Melissa Hathaway, President of Hathaway Global Strategies, LLC and Former Acting Senior Director for Cyberspace for the National Security and Homeland Security Councils: Having served in two Presidential administrations, Ms. Hathaway brings a multi-disciplinary and multi-institutional perspective to strategic consulting and strategy formulation for public and private sector clients. In her role under President Obama, Ms. Hathaway spearheaded the comprehensive Cyberspace Policy Review. In May 2009, the President presented the blueprint of the Cyberspace Policy Review, announced cyber-security as one of his Administration's priorities, and recognized Ms. Hathaway's leadership in conducting the review.

During the last two years of administration of President George W. Bush, Ms. Hathaway served as Cyber Coordination Executive and Director of the Joint Interagency Cyber Task Force in the Office of the Director of National Intelligence where she built a broad coalition from within the Executive Branch and established an unprecedented partnership with Congress to obtain bipartisan support for addressing cyber-security priorities. She developed and created a unified cross-agency budget submission for FY 2008 and for 2009-13, assembling disparate funding sources into a coherent, integrated program. One of the single largest intelligence programs of the Bush administration, the Comprehensive National Cybersecurity Initiative has been carried forward by the Obama administration. At the conclusion of her government service she received the National Intelligence Reform Medal in recognition of her achievements.

"I'm excited to join my esteemed colleagues in advising Core Security Technologies, as the leading provider of vulnerability validation and certification, I believe that Core can provide private and public sector enterprises with actionable data to mitigate risk from cyber criminals, spies, and miscreants," Hathaway said. "Core's leadership is committed to advancing technologies to bring greater security to our critical infrastructures."

John Stewart, Vice President and Chief Security Officer, Cisco (NASDAQ: CSCO): As CSO of Cisco, Stewart leads multiple corporate security and government teams, sets strategy for the corporate defense, co-leads the operational board for security products, and represents Cisco as an industry leader in multiple forums. His experienced input is sought across the community from government to private sector.

Prior to joining Cisco, Stewart's career in information security encompassed numerous roles including CSO at Digital Island and research scientist in the Office of the CTO at Cable & Wireless America. Stewart has also authored numerous security publications and contributed to national security projects including the Center for Strategic and International Studies (CSIS) Commission on Cybersecurity for the 44th Presidency.

"The security industry needs creative thinking, proof that efforts we undertake are making a difference, and a willingness to challenge ourselves before our adversaries do," Stewart said. "Core's leadership to date in these arenas, combined with its future product and service roadmap, give it an opportunity to change the playing field; I'm pleased to join this elite team in their efforts to make Core successful."

Core Security's Board of Directors and executive leadership believe that adding such a team of experienced, highly recognized IT security experts to its strategic leadership ranks will only serve to help the company continue to diversify and accelerate its ongoing expansion, which was highlighted by record 2009 revenue growth and expansion of its overall customer base to over 900 clients.

Over the coming year, Advisory Board members will specifically contribute to Core's ongoing development of next-generation security testing solutions that will allow organizations to leverage the power of penetration testing to measure and benchmark their IT security standing across vast numbers of systems, applications, infrastructure and end users in a previously unavailable manner.

"The level of expertise manifested by this group of extremely respected, high-profile IT security industry leaders speaks volumes about the value of comprehensive, continuous testing and measurement of the security of IT assets." said Mark Hatton, CEO of Core Security. "These three leaders are among the specific individuals who are already driving evolution of the entire IT security space, both from the standpoint of being experienced strategists and having worked as active practitioners. Having them onboard to help inform and guide our future plans provides Core with a truly unique opportunity and tremendous level of insight that will allow us to continue to build on our success."

About Core Security Technologies Core Security Technologies provides IT security executives with comprehensive security testing and measurement of their IT assets by adding real-world actionable intelligence and verification to their IT security management efforts. Our software products build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at 617-399-6980 or on the Web at: http://www.coresecurity.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...
CVE-2021-3197
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.