Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

4/1/2019
01:12 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Security Approach Prevents Data Theft By Imposing Limits on Data Travel, Preventing Unauthorized Access to High Value Servers

HopSphere Radius Security Applies Standard Routing Principles to "Put Data on a Leash," restricting critical data from going to dangerous or untrusted destinations

AUSTIN, TX – March 28, 2019 – HOPZERO Corporation, pioneers of intelligent data containment based on routing distance, today announced the availability of its unique flagship product, HopSphere Radius Security.  Available immediately, the new product addresses the seemingly unstoppable data breach pandemic, addressing challenges of insider abuse and compliance requirements. HopSphere Radius Security imposes absolute travel limits for data packets based on security policy and machine learning of what distance is normal, allowable and safe.

Designed specifically for use by data owners and InfoSec managers, HopSphere Radius Security represents an agentless endpoint security solution that proactively identifies data compromises and prevents undetected exfiltration. Unlike firewalls that don’t detect or stop data exfiltration and are prone to configuration error, HOPZERO proactively constrains information from traveling outside an organization’s network by leveraging existing security and network infrastructure. 

Reversing the direction of IDS (Intrusion Detection Systems) and IPS (Intrusion Prevention Systems), HOPZERO stops data from leaving an organization opposed to data entering an organization.   HopSphere Radius Security introduces EDS/EPS (Exfiltration Detection/Prevention) technology that compliments IDS/IPS providing a powerful enterprise exfiltration security solution.

“The data breach crisis grows increasingly worse, and traditional means of security have proven largely ineffective at stopping a determined cybercriminal, activist or rogue insider,” said HOPZERO founder and CEO, Bill Alderson.  “HOPZERO utilizes immutable networking principles to effectively put high value data on a leash and govern how far it can go. Unlike anything available today, this method represents a whole new way of implementing security to safeguard valuable assets.”

HopSphere Radius Security utilizes a unique approach to network security by setting data lifespan “hop” routing limiting how far servers can reach or be reached. In networking, hop distance refers to the total number of routers, from source to destination—that a packet passes through. HopSphere Radius Security is designed to protect mission critical systems.

These critical systems, such as high value databases, are limited to communicate with only previously determined neighbors.  By monitoring normal traffic, HopSphere Radius Security builds custom neighborhoods keeping unauthorized users—even those within the company—out of protected servers. The product effectively cloaks the server, making it invisible and unapproachable to the would-be attacker, while sending an alarm to the security team detailing where the unsuccessful attack is coming from. The alarm captures the IP address of the attempting station identifying the attacker and storing evidence of the attempt for remediation and potential legal action.

This method of reducing data travel distance results in fewer reachable devices, proven mathematically, to shrink the potential attack surface. Accessibility to fewer global network devices means fewer hackers can reach, or be reached, by a target computer or server, improving security. Access to designated servers may be limited to a hop count or radius that only enables internal access or connections to a smaller “sphere of trust”—a fundamentally new approach to security. HopSphere Radius Security makes it impossible to access systems directly from outside the sphere of trust created by the lower packet lifetime.

"The HOPZERO product offers great value to organizations who are concerned about data loss", said Kerry Kelley, former CIO of US Strategic Command. Now a private consultant working in the security industry, Kelley says,  "With HOPZERO, the attack surface can be deterministically reduced, and data fully protected using the novel approach of router hop count in a game-changing way of turning the tables on would-be attackers."

HopSphere Radius Security helps organizations assess risk and meet compliance requirements. With it, organizations can comply with privacy and data storage laws and regulations. For cloud environments, HopSphere Radius Security could be used to show where a cloud hosting company, CDN or other partner or provider is sending or storing an organization’s data. Particularly useful is HOPZERO’s one click GDPR filter which maps where any GDPR data is collected by an organization’s servers. One GDPR compliance company, https://icomply365.com/ uses HOPZERO’s solution to vet which servers are collecting information subject to GDPR.

HopSphere Radius Security is a cloud-based solution that complements existing security and networking hardware without requiring changes to individual components. The system is easily implemented by the HOPZERO support team without the use of endpoint software agents. In an emergency breach situation, HOPZERO can have their system up and running in less than one hour to quickly identify potential hackers.

About HOPZERO

HOPZERO is the pioneer of a revolutionary SaaS solution that secures information by controlling the distance it can travel. HOPZERO “puts data on a leash,” long enough to do business yet short enough to prevent compromise. HOPZERO is headquartered in Austin, Texas.   See in 90 seconds how HOPZERO Thwarts Phishing at hopzero.com/videosor review a ground-breaking assertion of mathematical proof that reduction in attack surface improves security risk at hopzero.com/whitepaper.

 

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
TeamViewer Admits Breach from 2016
Dark Reading Staff 5/20/2019
How a Manufacturing Firm Recovered from a Devastating Ransomware Attack
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Could you pass the hash, I really have to use the bathroom!
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-9892
PUBLISHED: 2019-05-22
An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbit...
CVE-2019-10066
PUBLISHED: 2019-05-22
An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment i...
CVE-2019-10067
PUBLISHED: 2019-05-22
An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context...
CVE-2019-6513
PUBLISHED: 2019-05-21
An issue was discovered in WSO2 API Manager 2.6.0. It is possible for a logged-in user to upload, as API documentation, any type of file by changing the extension to an allowed one.
CVE-2019-12270
PUBLISHED: 2019-05-21
OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configure excessive permissions by default on Windows. During installation, a displaylistcache file share is created on the Windows server with full read and write permissions for the Everyone group at both the NTFS and Share levels. The ...