In the wake of ongoing data breaches, organizations are spending more money to ensure their networks and applications – and the data they possess – remain secure. After the Target breach, 61 percent of organizations increased their security budgets by an average of 34 percent in 2014, according to a study conducted by the Ponemon Institute.
CDNetworks, a global content delivery network (CDN) provider, is selling a new service called Enterprise Application Security (EAS), the foundation for which is provided by Soha Cloud. CDNetworks announced EAS last week, along with a marquee customer, McLarens. McLarens is leveraging EAS to securely deliver a critical, business application worldwide to its employees and partners.
The breaking news of the Stagefright vulnerability that could allow hackers to silently and completely take over any of the 950,000 Android devices on the market has got to give us, as enterprise IT and security professionals, pause to ask again how much we can trust even our own company’s employees.
The team at Soha Systems is very excited to announce that Soha Cloud for is now available in the Microsoft Azure Marketplace, enabling customers to secure their Azure applications, hide them from public exposure on the Internet, and eliminate the attack surface of their clouds. Soha also supports user authentication to any directory, in the cloud or on-premise, and provides full audit trail, access control policies, 2FA and MFA.
After first learning of Soha nearly a year ago, I immediately began thinking about how they addressed many of the challenges I was currently facing in exposing internal (campus-type) applications to my BYOD Enterprise Users (e.g. Jira, Confluence, Dashboards, IM, etc.). As the months passed and “cloud” utilization conversations resumed to potentially include sensitive customer-facing applications/data, I frequently asked myself, “Would Soha work for this too?” As it turns out I was not the only one asking this question. When I finally circled back with Soha to see what was new, I was surprised to see just how much progress had been made against what I had hoped Soha would develop, and the speed in which it was brought to release.
The recently released LogJam Attack is essentially a man-in-the-middle attack that can be used to downgrade vulnerable TLS connections to use weak cryptography. This attack essentially exploits support of export-grade ciphersuites similar to the FREAK attack released in March 2015.
Yes, all of those items really belong together. Let me explain.
Packet Pushers Network Break 35 podcast hosted by Greg Ferro and Ethan Banks discussed Soha Systems launch in their most recent podcast. You can download it here. The Soha Systems review and analysis starts at 30:12.