Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

1/12/2009
03:35 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Solidcore Earns Patent For Securing POS, ATMs, Kiosks

Patented software replaces antivirus on more than 100,000 devices

CUPERTINO, Calif., Jan. 12, 2009 - Solidcore(r) Systems, Inc., a leader in protecting critical IT infrastructure, today announced that the United States Patent and Trademark Office has granted the company U.S. patent number 7,464,408 titled "Damage Containment by Translation." This is a foundational patent that covers Solidcore's single-solution for securing endpoints like point-of-sale (POS) systems, ATMs, Kiosks, and virtual environments where anti-virus technology does not work. Solidcore's patented technology replaces anti-virus by preventing known and unknown computer threats, security risks, and malicious code with zero performance overhead.

Solidcore's patented endpoint security technology is the first to combine dynamic whitelisting, host intrusion prevention and file integrity monitoring capabilities. The technology is the foundation for Solidcore's S3 Control(tm), POS Check & Control(tm), and S3 Control Embedded(tm) products, and is currently replacing anti-virus on more than 100,000 endpoints worldwide. The patented technology ensures only pre-authorized software and code can run on a computer system while securely allowing software updates from trusted sources. Solidcore prevents disk tampering and provides advanced memory protection to authorized software to defend against buffer overflow vulnerability attacks and zero-day exploits. This level of protection extends across all forms of computer access, including access from a network or a USB key. Solidcore's single-solution for endpoint security also shortens the time, simplifies the effort, and lowers the costs for meeting Payment Card Industry (PCI) compliance across store systems.

"This patent is a significant advancement for securing fixed-function devices and virtualized environments, which are two critical IT segments where anti-virus and the blacklisting security model simply does not work," said Rosen Sharma, chief technology officer for Solidcore. "The patent reinforces Solidcore as the leader for providing comprehensive security and PCI compliance across fixed-function devices, and it represents the foundation for how users will secure virtualized environments."

Solidcore's patented technology is providing security and PCI compliance for critical systems throughout the world, and is the chosen protection solution for many of the world's leading fixed-function device manufacturers, including NEC Infrontia point-of-sale systems, NCR automated teller machines (ATMs), and Sharp multifunction printers. The patented technology, which powers the Solidcore S3 Control Embedded software platform, was also recently awarded "NSS Labs Approved" by NSS Labs, the globally recognized leader in independent security testing and certification.

About Solidcore Solidcore is a leader in protecting critical IT infrastructure from devices to the data center. Organizations worldwide trust Solidcore to detect and prevent unwanted change for improving IT compliance, security and availability. Solidcore easily automates PCI controls and is a pioneer in dynamic whitelisting technology for locking down critical systems and preventing unauthorized change events. Solidcore is headquartered in Cupertino, California. For more information, please visit www.solidcore.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29445
PUBLISHED: 2021-04-16
jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...
CVE-2021-29446
PUBLISHED: 2021-04-16
jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...
CVE-2021-29451
PUBLISHED: 2021-04-16
Portofino is an open source web development framework. Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT. The issue will be patched in the upcoming 5.2.1 release.
CVE-2021-29452
PUBLISHED: 2021-04-16
a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible to admins. Unfortunately, privileges were incorrectly checked allowing any logged in user to make this ...
CVE-2021-29444
PUBLISHED: 2021-04-16
jose-browser-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDec...