Blog

Tag: cloud

Fasoo Launches Sparrow on Cloud, SaaS version of SASTSPARROW, a static code analysis application, is now available as a Software as a Service (SaaS) offering to help organizations quickly detect critical software vulnerabilities at the early stages of software development.  “SPARROW on Cloud“, SPARROW’s cloud solution is an agile, flexible, reliable and cost effective solution that allows organizations to easily manage application security challenges.

“IoT has brought an upsurge in new software that connects and operates everything from cars to medical devices and with that, enormous risk at the development level,” said Fasoo’s CEO Dr. Kyugon Cho. “Providing software developers with a cloud based application security testing solution was the logical next step for Fasoo as it is so essential for software to be secure at the code level.”

Unlike other Static application security testing (SAST) solutions, SPARROW analyzes source code with a robust static analysis engine that uses a deep semantic method to find vulnerabilities that other SAST applications may have difficulty identifying.  The solution is designed to enforce multiple policies dynamically to different projects or users/groups, and offers faster analysis speed (1M LOC per hour) with accuracy (OWASP benchmark score: 94.8).  In addition, SPARROW enables organizations to identify and fix issues by leveraging machine learning and automation features like:

  • Intelligent Issue Clustering: SPARROW categorizes similar issues in groups that allow organizations to identify and correct issues efficiently.
  • Active Suggestion: SPARROW not only identifies software vulnerabilities, but also can help remediate code using automated code suggestions.
  • Issue Classification:  SPARROW analyzes, ranks, and prioritizes high priority issues in an easy to read dashboard display.
  • Advanced Issue Filtering: SPARROW provides detailed filter options for the detected issues (e.g., source API, sink API, called method, etc.).

SPARROW is used by government agencies, corporations and anyone developing embedded software that requires a very high level of software quality. The SAST version of SPARROW is also used by government and the financial industry which aim to eliminate security weaknesses from their source code.

Fasoo is offering a limited introductory promotion for the cloud version of SPARROW. By purchasing a subscription between January 17, 2017 and March 30, 2017, customers will get the equivalent amount of extra time at no extra cost. For example, if customers select a one month subscription (Silver) they will receive an extra month free. Please click here for more information about SPARROW on Cloud.

Fasoo Extends Data Security at IBM Insight 2015This is the second year Fasoo participated in the IBM Insight conference in Las Vegas and by the reaction of customers, IBM employees and other vendors, we made a big splash.  Enterprise Digital Rights Management and data-centric security for sensitive information appear to be at the top of many people’s minds.

The event had over 13,000 attendees from all over the world and focused on Analytics, Big Data, Content Management, Information Governance and Security.  There was a major focus on using analytics to understand and predict trends for business and to help eliminate security threats.  Cloud and mobile transcend these categories as business has become mobile, fluid and unfortunately more dangerous.  There was also a big presence of the Internet of Things, as more organizations are extending business models through wearable and more autonomous devices.

Fasoo partners The Dayhuff Group and Neocol joined us as we showed how to strengthen security for content as users localize it from databases, download it from IBM ECM repositories, create it locally or share it with external parties, in the cloud or on mobile devices.  With the new IBM relationship with Box, many customers are worried about protecting sensitive information regardless of location or device.  They like sharing information easily, but need to make sure its always protected.

Security presentations focused on insider threats and external hackers or advanced persistent threats (APT) causing a lot of problems for companies.  A lot of companies today are terrified that a trusted insider may inadvertently share sensitive files in the cloud or leave them on a mobile device that is lost or stolen.  One presentation referred to the weakest link in your security as the person who does something accidentally.  You can have all the firewalls, end-point encryption and data loss prevention systems in the world, but it won’t stop Bill Blake presents at IBM Insight 2015a privileged user that does something stupid.

Bill Blake presented “Closing the Threat Gap: A 21st Century Approach to Minimizing Risk” in the Solution Expo theater to a good group of people.  I had a conversation with one of the presentation attendees about protecting reports as users download them from an ERP system.  He knows the data is controlled inside the system, but he loses visibility to it when localized in a spreadsheet or PDF.  We discussed how Fasoo can protect the files once downloaded by encrypting it and assigning a dynamic security policy to it.  He can always control that report no matter where it is.

Dayhuff had its annual Insight After Party at the Ri Ra Irish Pub in the Mandalay Bay shoppes.  We were in a private room, but could hear all the fun throughout the place.  There was a great band playing that got everyone in a dancing mood.  It was great to discuss business and personal things with the Dayhuff staff, IBM staff and lots of customers.  It’s always amazing that no matter where you live, you can always find someone Ri Ra at IBM Insight 2015who shares your love of great beer, loves or hates your sports teams or has similar experiences to you.  There is nothing better than getting to know someone over a pint.

Neocol talked about its SmarterDLP solution at Insight this year to help solve a major problem that every organization faces.  Combining Fasoo EDRM, IBM StoredIQ and some of its own technology, Neocol can help a company search for sensitive content in files share, document repositories, on a user PC and numerous other locations, and then lock it in place. This solves two problems.  Finding sensitive information and then encrypting it with a security policy immediately to ensure that only authorized users can access it.  The reality today is that organizations have so much unstructured content in so many locations, they don’t know where to start looking for the most critical information.

Customer interest was high during the Solution Expo and through numerous conversations at many of the informal parties, meals and other opportunities to interact.  I spoke with one gentleman who needed to make sure that documents involved in legal cases were made inaccessible once the case was over.  Today he has to get validation from all involved that they destroyed the case documents; that’s a tough one.  One woman needed to make sure she could control any PII (personally identifiable information) or financial data that was downloaded from an IBM Content Manager system.  I also talked to a few manufacturing companies that wanted to protect process information and parts drawings as they shared them internally and with subcontractors.  A lot of people were amazed that we can lock and control these files no matter where they are.

We want to thank everyone whom came to the booth and made it a successful event.  We look forward to it next year.

Folder Crypto

Fasoo, the leader in data and application security, today announced the launch of Folder Cryptor for Dropbox, a B2C service to safely secure personal contents in Dropbox.

With the growing number of personal PCs, smartphones and tablet PCs, the use of public cloud storage services like Dropbox, Google Drive, Box and more to store and share personal information has dramatically increased. The cloud’s widespread use has made it a target for hackers to steal data that is stored and shared in this environment. Files shared with others can be leaked or be delivered to a third party mistakenly or deliberately. The result can lead to sensitive files containing personal photographs, passwords and other confidential information being exposed.

Last September, personal photos and videos of over 100 celebrities were stolen from their Apple iCloud accounts and widely shared through social media. Then last October, 7 million Dropbox usernames and passwords were stolen. These headlines are causing Dropbox users to be concerned as the amount of personal information being leaked from the cloud continues to increase.

With the launch of Folder Cryptor for Dropbox, Fasoo offers a robust security service for Dropbox users to safely store and share personal information within the cloud. Files uploaded into these secure folders through Folder Cryptor are automatically encrypted and are considered safe even when they are hacked and stolen. Because these files are encrypted throughout their entire life, users can safely and easily share them with family, friends and coworkers.

Dropbox users can simply install Folder Cryptor on their PC (Windows/Mac) or mobile device (iOS/Android) and only requires your existing Dropbox authentication. Since users will be automatically connecting with their Dropbox account, Folder Cryptor will secure their files without having to manage any user credentials.

“The most basic part of using cloud storage services should be the security of personal information and contents.” said Jongsin Choi, Managing Director of the Cloud Service Division at Fasoo. “We are also planning to launch Folder Cryptor services for a variety of other cloud storage services in the near future.”

Folder Cryptor offers a free trial version where users can create up to three secure folders. For unlimited secure folders, including all features from the trial version, users can purchase Folder Cryptor Pro for only $2.99 (one-time payment). This service can be downloaded from http://www.foldercryptor.com as well as on your mobile device from Apple App Store or Google Play.

Categories
Book a meeting