Andrey Golov, CEO of Security Code, the leading provider in IT infrastructure security solutions, made a presentation on Digital Independence at the IEEE International Conference on Cyber Warfare and Security, which takes place on October 20-21, 2020, Islamabad (Pakistan) and organized by the National Center for Cybersecurity (NCCS) to invite researchers and cyber security practitioners across the world to share their research work and experiences related to the state-of-the-art and the emerging areas of cyber security. ICCWS-2020 provided its participants an opportunity to learn, share and demonstrate their ideas, strategies, and policies pertaining to cyber security.

Cyberspace, a fifth generation warfare domain, has recently attracted attention of many developed and developing countries. The reports of government websites being hacked and sensitive data being stolen by foreign groups are not new anymore. It is noteworthy that effective cyber-attacks can cripple entire nation’s infrastructure and damage its economy. In fact, Cyber Security has now been recognized as a global problem, transcending national boundaries. The challenge is accelerating with new sophisticated zero-day attacks costing economies Billions of dollars annually. The scale of the problem, rapid advancement, and the technical nature of cyber-attacks widens the skills gap. To create cyber security awareness and ensure knowledge spill over to the society, there is a dire need of a domain specific scientific platform in the region to provide a knowledge sharing venue for researchers, academicians and industry experts.

Trusted Access Technologies showcased its innovative cybersecurity products at the Russian-Malaysian Technology Day Conference.

During the conference held on October 21^st, Anis Khasun, the managing director of Trusted Access Technologies (Security Code), talked about the latest cybersecurity threats and explained how the company can protect critical infrastructures against the most sophisticated attacks.

The main goal of Russia-Malaysia Technology Day Conference is to strengthen cooperation between the two countries in ICT field amid challenging times caused by COVID-19.

The event was organized by Tech Global, Malaysia-Russia Business Council (MRSBC) and Malaysia Digital Economy Corporation (MDEC) with the support of the Ministry of Industry and Trade of the Russian Federation and the Trade Representation of the Russian Federation in Malaysia.

Today’s hard situation forces us to work from home, but still we need to preserve the valuable asset – our data. We could help you set up secure remote working program.

We are offering the secure remote access as well as information centric endpoint protection portfolio for a year for free. Portfolio will include:

• Continent 4 VPN client– Secure access to your internal applications and sensitive data
• Secret Net Studio – Data protection and deep integrity control of remote endpoint

Contact us (sales@trustedaccesstech.com) and we will help you to set everything up quickly.

We care about your safety.

 

Security Code participated in United Arab Emirates Innovation month 2020. The company’s workshop was held on 10 th of February in Sharjah in partnership with the University of Sharjah.

Anis Khasun, the Managing Director of Trusted Access Technologies (Security Code), explained at the event the importance of holistic approach to cyber security.

“The main purpose of the workshop is to show how to ensure the security of the data by creating trusted platform inside the existing IT infrastructure and delivering security mechanisms on top of it”, he said.

During the event, Security Code also presented its main solutions that can help government entities and enterprises in protecting their IT infrastructure against the most sophisticated cyber threats.

The Sharjah leg of the programme was inaugurated by Shaikha Bodour Bint Sultan Al Qasimi, Chairperson, Sharjah Investment and Development Authority (Shurooq). The activities in Sharjah are being held under the patronage of Shaikh Sultan Bin Mohammad Bin Sultan Al Qasimi, Crown Prince and Deputy Ruler of Sharjah.

The week-long event in Sharjah, held at Sharjah Book Authority, features more than 80 Sharjah and UAE government organisations, universities, and local and international companies.

Security Code participated in the 17th international Conference on Applied Science and Technology (IBCAST), which was held in mid-January in Islamabad, Pakistan. The company’s experts told about the issues of digital sovereignty, UEFI security, encryption performance of wide-block and stream ciphers, and mechanisms for evaluating modern encryption algorithms, including GOST ciphers.
The IBCAST conference has been held since 2002 in the vicinity of Islamabad. To date, it has been attended by more than 12,000 scientists and engineers from foreign universities, as well as scientific organizations that have submitted about 2,750 scientific papers. This year, the conference was attended by representatives of government organizations such as the strategic planning Division (SPD Force) and the national engineering and scientific Commission (NESCOM).
Andrey Golov, General Director of Security Code, made a presentation on “Digital sovereignty: why it is important and how to achieve It”, in which he reviewed examples of using information technology as a pressure tool, and also proposed an approach to achieving digital sovereignty without completely rebuilding the IT infrastructure. In his second report, “UEFI security Review”, he analyzed the prerequisites for using UEFI by hackers, gave examples of malware that uses UEFI, and suggested a way to analyze UEFI vulnerabilities and deactivate Intel ME.
Alice Koreneva, Ph. D., head of the cryptographic analysis Department of Security Code, made a report on “Performance of encryption of wide-block and stream ciphers”, prepared in collaboration with the scientific consultant of Security Code, Ph. D., Professor Vladimir Fomichev. This report presented new cryptographic schemes-wide-block algorithms. They allow you to significantly improve the performance of encryption, while maintaining important cryptographic qualities. The second report was entitled “Mechanisms for evaluating block and stream ciphers, including GOST”. It discussed the main methods used to analyze modern encryption algorithms. Using the example of many years of research on GOST algorithms by cryptographers from all over the world, Alice Koreneva reviewed various evaluation techniques and presented the main results confirming the reliability and security of Russian Federation national ciphers.
“The Pakistani side has demonstrated a very high level of hospitality, and we are also pleasantly surprised by the expertise of our colleagues. I hope that this conference will be the first in a series of international events where we will show our expertise and lay the foundations for long – term cooperation with the countries of the Middle East and South Asia,” Andrey Golov sums up.
“We are very happy to respect the Russian school of information security and our country as a whole. Russia was the absolute leader in the number of invited reports in the Cyber Security and Assurance Technologies section. Our company received three honorary awards based on the results of the conference” – Alice Koreneva comments on her participation in IBCAST.

Security Code signed strategic partnership agreement with ITRAMAS.

ITRAMAS, a Malaysian leading technology corporation, will take on Malaysian distribution for Security Code.

ITRAMAS Corporation was represented by CEO Mr. Lee Choo Boo, Head of R&D Dr. Lim Way Foong and Corporate Advisor Mr. Tengku Mahaleel.

“We are very pleased to announce our partnership with ITRAMAS, a corporation that has unique and leading position in Malaysian ICT market. Our cooperation will bring to the region new holistic approach to cybersecurity”, says Anis Khasun, managing director of Trusted Access Technologies (Security Code).

“Our solutions will help Malaysian government entities and enterprises to protect themselves against sophisticated cyber threats, 0-day attacks, backdoor and supply chain attacks”, he added.

ITRAMAS is a leading Malaysian engineering company in the field of advanced technology. The corporation has extensive experience in implementing large-scale projects in the field of electronic production, cybersecurity and smart city. ITRAMAS cooperates with CyberSecurity Malaysia to ensure the state’s digital independence and cyber sovereignty.

Gartner released a “Market Guide for Cloud Workload Protection Platforms” in the April of 2019. Security Code was again mentioned as a representative vendor of security solutions mentioned in the report.

According to Gartner “At YE18, we estimated that the CWPP market was in the range of $600 million to $700 million in revenue with aggregate double-digit year-over-year growth.” (Market Guide for Cloud Workload Protection Platforms, 8 April 2019, ID: G00356240 Page 4).

The analytical company highlights the following trends that have influenced the growth of the market:

• Workloads are being moved from on-premises to public cloud IaaS, and the overall number of IaaS workloads is growing.
• In public cloud IaaS, workload-centric host-based CWPP solutions provide an easier architectural option for enforcing security policy than traditional in-line network-based security controls. Workload-based offerings automatically scale out and back as the number of workloads increases and decreases.
• Likewise, the need for pervasive Secure Sockets Layer/Transport Layer Security (SSL/TLS) decryption and inspection is performed more easily at the host workload where the session is terminated versus having to decrypt traffic in line using “man-in-the-middle” approaches. This is especially true for inspecting traffic that moves laterally east/west from service to service in microservices-based architectures.

The shift to cloud-native application development using container-based application architectures, microservices-based applications and adoption of serverless PaaS will require new CWPP capabilities both in development and at runtime. Cloud-native apps require solutions designed to address the protection requirements of cloud-based systems. (Market Guide for Cloud Workload Protection Platforms, 8 April 2019, ID: G00356240 Page 4)

There are two distinct markets – for agents who are put on servers and protect them (Cloud Workload Protection Platforms (CWPP)) and the adjacent Cloud Security Posture Management (CSPM) market, which is important for the full implementation of a secure cloud.

In this way, CWPP solutions protect servers from within, while CSPM solutions exercise external control over server machines in the cloud.

Source: Gartner, Market Guide for Cloud Workload Protection Platforms, 8 April 2019

The security code’s vGate product can provide CSPMsecurity: delineation of access to virtual machines, network configuration, storage configuration, access rights management virtual environment administrator. As a result, the solution significantly reduces the risks of IB in large virtualization environments.

Together with the Secret Net Studio product, which protects every single virtual machine and falls into the CWPP solution category, they are a holistic solution for the protection of virtual and physical servers. Secret Net Studio is a comprehensive solution to protect workstations and servers at the level of data, applications, network, operating system and peripheral hardware.

Recall that the basis of the platform for server protection is a set of mechanisms, which we talked about last time: the basis is operational hygiene – a set of basic measures that significantly reduce the risks ofIB. configuration and vulnerability management, network traffic filtering, system integrity control, app start-up control, RAM protection, data encryption in IaaS environment, EDR server activity monitoring, system intrusion detection, false vulnerability detection system, signature antivirus.

“We are grateful to Gartner for including us as a representative vendor for the second year in a row. We believe this indicates a continuing high level of confidence of independent analysts in our products and is especially relevant, given our serious actions to enter the international market,” said Andrei Golov, CEO of Security Code.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Find out more

The Security Code is a Russian developer of software and hardware that protects information systems and meets international and industry standards. nine licenses of fsTEK of Russia, the Fsb of Russia and the Ministry of Defense of the Russian Federation. More than 60 valid certificates issued by these authorities confirm the high quality of products and allow them to be used in information systems with the most stringent security requirements. The company’s products are used to protect confidential information, trade secrets, personal data and information that constitutes state secrets.

There are currently more than 400 qualified professionals in the Security Code, many of whom have unique expertise in the development of IB solutions. More than 900 authorized partners of the company supply its products and provide their quality support in all regions of Russia and CIS countries. More than 32,000 government and commercial organizations trust and use Security Code products to protect workstations, servers, virtual infrastructures, mobile devices, and network interactions across all information components Systems.

vGate is an information protection tool designed to ensure the security of virtual infrastructures based on VMware vSphere and Microsoft Hyper-V platforms, as well as the critical task of bringing virtualization infrastructure into line legislation, industry standards and the world’s best practices.

Secret Net Studio is a comprehensive solution for protecting workstations and servers that protects information simultaneously at the data, application, network, operating system, and peripheral equipment level, and enables you to implement centralized management and monitoring of all security mechanisms with the ability to collect, correlate, filter and prioritize information security events. The product is available in two editions: Secret Net Studio – to protect sensitive information and Secret Net Studio – C – to protect state secrets.

Security Code took part in GITEX Technology Week 2018, international IT exhibition, which took place in Dubai (UAE) from 14 to 18 October 2018. This ICT and electronics market event is the biggest and the most significant one for the Persian Gulf countries. The exhibition attracted attention of more than 150 thousands visitors and more than 4,5 thousands of companies participated this year.

Continue reading “Security Code exhibited at GITEX Technology Week in Dubai”

Research and consulting company Gartner has released its October 2018 report “Market Guide for Information-Centric Endpoint and Mobile Protection”. The “Security Code” was included in the Representative Vendors list.  Our solutions are designed to satisfy requirements listed in the report.

According to Gartner, “Data losses are at an all-time high, and data breaches — both criminal actions and careless accidents — must be prevented by any and all means…  Security and risk management leaders who grapple with endpoint security challenges must accept that astute information protection requires a blending of several methods…  The interconnected world and its increasingly pervasive data-sharing demands will soon force companies to put the solutions together to resolve different aspects of loss.” (Gartner, Market Guide for Information-Centric Endpoint and Mobile Protection, October 15, 2018)

Gartner identifies eight ways to encrypt and protect business information:

1. Preboot OS-level encryption of physical or virtual device
2. Postboot OS file system encryption
3. Container encryption
4. Removable media encryption
5. Data loss prevention controls (DLP)
6. Content collaboration platforms (CCPs)
7. Secure PIM
8. Enterprise digital rights management

Vendors are expanding their products to more completely address these capabilities and reduce information loss and endpoint security risks.

Gartner, Market Guide for Information-Centric Endpoint and Mobile Protection, October 15, 2018

Systems can be protected by Secret Net Studio for Data – information-centric endpoint protection solution. It allows to control sensitive data handling, block access to confidential files, prevent unauthorized printing and moving to the USB-device.

Secret Net Studio offers three protection methods: Container, Data loss prevention controls (DLP) and Enterprise digital rights management.

Gartner defines these methods are described in the following way:

• “Container – files are unreadable without successful login to a protected virtual file system. App access to container and import/export of files may be controlled. Some containers may include DLP features. This method is suitable for shared systems and multiple users. Defense value: Information protection is independent of OS and disk protection, and can be highly portable. Containers can be context-dedicated to specific business processes or act as a broad workspace.
• Data loss prevention controls (DLP) – file transfers can be blocked or processed with encryption based on keywords, user, project and other contexts. This method is suited to context-dependent data protection. Defense value: Data transfer events can be identified and evaluated using business rules and policies.
• Enterprise digital rights management – this method is suited to platform-independent, context-dependent data protection. Files are imbued with persistent protection policies when created, read and updated. The policies can specify access by company, user, project and other details. EDRM can also stipulate limitations on app behavior, such as blocking “save as,” clipboard copying, printing and so on. Defense value: EDRM creates the tightest possible access control relationships between files and apps. Policies can be detailed, and access can be tracked.” (Gartner, Market Guide for Information-Centric Endpoint and Mobile Protection, October 15, 2018)

“We are doing our first steps in the international market so far. And we have to fill our solution with new features and methods of data protection. But we are pleased to know that our current solution that was developed for Russian companies is partially compliant with market demands. It means that the main vectors of data protection are approximately the same in different countries. So far, we are going to develop our solution taking in consideration all the methods of data protection that are required by international market”, – says Dmitry Zryachikh, CTO “Security Code”*.

* About “Security Code” and Trusted Access

Trusted Access is a foreign division of “Security Code”. We have unique security solutions successfully used by more than 32 000 organizations to address any information security issues on workstations, servers, virtual infrastructure and networks. Our products and solutions protect the most critical IT systems.

Company has technical partnerships with Microsoft, VMware, Kaspersky lab, Intel.

Gartner Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About “Security Code”

“Security Code” has unique security solutions successfully used by more than 32 000 organizations to address any information security issues on workstations, servers, virtual infrastructure and networks. Our products and solutions protect the most critical IT systems.

Company has technical partnerships with Microsoft, VMware, Kaspersky lab, Intel.

Trusted Access, the leading provider in IT infrastructure security solutions, will be exhibiting at GITEX Technology Week in Dubai, 14-18 October 2018. Company stand is SR-B6.

GITEX Technology Week 2018 is the 38th international IT-exhibition in Persian Gulf. It is the largest and most authoritative exhibition of the latest achievements in the field of information and communication technologies and electronics. There are expected more than 150 000 visitors and more than 4500 companies to exhibit this year.

Trusted Access will be introducing its three products:

• vGate – Private cloud security posture management solution. It allows to enhance cloud security and ensure compliance with security regulations beyond virtual machines.
• Secret Net Studio Trusted Environment – Unique pre-OS endpoint security solution. It gives company a way to externally control consistency of standard endpoint protection mechanisms. It cannot be detected and deactivated remotely.
• Secret Net Studio for Data – Information-centric endpoint protection solution. It allows to control sensitive data handling, prevent data leakage and streamline incident investigation process.

“This year will be the second time that we are exhibiting at GITEX. We’ve got a lot of benefits from our first participating in GITEX in 2017. Trusted Access products are represented at the local market for more than a year and they have big success. That is because we offer our customers not just an abstract concept; and not just technology: we bring to the local market the product, which has a long history — dozens of years. Our information security tools are easily deployed and simple to operate. That is why we are exhibiting at GITEX – we want to share information and spread our technologies to the Middle East and Africa regions. Our exclusive distributor in the region is Al Hosani Computer LLC  –  company’s specialists know the market well and are ready to help us with any localization requirements and issues”, – says Andrey Golov, CEO at Trusted Access.

Additional information:

Trusted Access by Security code has unique security solutions successfully used by more than 32 000 organizations to address any information security issues on workstations, servers, virtual infrastructure and networks. Our products and solutions protect the most critical IT systems.

Company has technical partnerships with Microsoft, VMware, Kaspersky lab, Intel.

Security code mentioned in Gartner’s Market Guide for Cloud Workload Protection Platforms.