The editors at Solutions Review have curated this list of the most noteworthy identity management and information security news for the week of May 26. This curated list features identity management and information security vendors such as SandboxAQ, QuSecure, TrustCloud, and more.
Keeping tabs on all the most relevant identity management and information security news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month, in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy identity management and information security news items.
Identity Management and Information Security News for the Week of May 26
SandboxAQ Successfully Tests its Quantum Navigation System with the U.S. Air Force
SandboxAQ, a quantum security solutions provider, this week announced it has successfully tested its advanced, quantum sensor-based magnetic anomaly navigation system with the U.S. Air Force (USAF). The test flights, conducted last week at Travis Air Force Base by the 60th Air Mobility Wing, were part of an ongoing readiness and modernization effort to explore and develop an Assured Positioning, Navigation, and Timing (APNT) solution to augment the Global Positioning System (GPS). Such solutions will provide uninterrupted navigation in situations where GPS is unavailable or intentionally denied or spoofed. In January 2023, the USAF awarded SandboxAQ a Direct-to-Phase-II Small Business Innovation Research (SBIR) contract to research quantum navigation technologies. “The need for GPS-alternatives is critical,” said Maj. Patrick Morgan, Wing Tactics. “If we’re executing a mission where GPS is not available, it’s important to have another solution to ensure mission continuity and ensure a safe exit and return to base for our Airmen.”
VulnCheck Launches XDB, A Comprehensive Hub of Exploits for Security Teams
VulnCheck, a vulnerability intelligence company, this week announced the launch of VulnCheck XDB, a comprehensive repository of exploits and proof-of-concepts hosted on git repositories. The complementary tool helps vulnerability researchers, offensive teams, and detection engineers prioritize the vulnerabilities that matter most and enhance security in company environments. VulnCheck XDB crowdsources data while also scouring public records, threat research and open-source git repositories in real-time for exploit code. The complimentary exploit hub associates exploit proof of concept code with known CVEs. Users can access XDB on VulnCheck’s website and search by CVE to discover which vulnerabilities have written exploits, helping improve prioritization and security.
QuSecure Named as “Most Promising Unicorn” in SC Media’s 2023 SC Awards Program
QuSecure, Inc., a leader in post-quantum cybersecurity (PQC), this week announced that it has been recognized as a 2023 SC Award finalist in the Excellence Award category for Most Promising Unicorn. The announcement was made as part of SC Media’s 2023 SC Awards coverage. Now in its 26th year, the SC Awards program is cybersecurity’s most prestigious and competitive program, recognizing the solutions, organizations, and people driving innovation and success in information security. Hundreds of entrants vying for Excellence Awards were judged by a panel of industry leaders, from sectors including healthcare, financial services, manufacturing, consulting, and education.
Black Ink Tech and Incode Partner on Joint Identity Solution
Black Ink Technologies Corp, a digital ledger and tokenization provider, is pleased to announce its partnership with Incode on a solution that delivers validated global identity. Incode is a leading provider of digital biometric verification and identification authentication solutions. The “everywhere digital identity” solution will capture a person’s digital identity using Incode’s biometric system, then match it to government records for validation and verification. That verification can then be transferred through Blank Ink Tech’s Validated Data Tokens and ChainIT platform. The generated QR code displays the Individual’s Validated Data Token ID, or IVDT-ID, record, where and when it was created, how it was created, as well as who validated and verified the information. The IVDT-ID is device independent, meaning even a smartphone can be used to validate an identity. With the permanent, immutable blockchain record, they can confirm the identity is authentic without needing to access the government records directly. The Incode system biometrically matches the individual to their digital identity, and all of the data points are Touch Audit enabled.
TrustCloud Expands Audit Partner Network
TrustCloud, a trust assurance solutions provider, announced the expansion of its Trusted Partner Network to provide customers with access to premier audit experts. TrustCloud customers get preferred access to the audit firm that will best suit their needs, with special rates available, to reduce the time and costs associated with the compliance process. The right audit partner can turn a potentially time-consuming, expensive, and confusing process into a straightforward exercise, designed to improve an organizations’ security posture and win business from prospective customers. TrustCloud audit partners have demonstrated an exceptional ability to guide companies through the audit process, fairly evaluate their security posture, and provide helpful advice to maintain ongoing compliance.
Expert Insights Section
Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.
FAR, FIPS, and Federal Networks – The Cryptography Conundrum
Karen Walsh of Allegro Solutions decrypts the cryptography conundrum our country is facing at the federal level. While security-first compliance can enable organizations to achieve basic cyber hygiene, outdated laws and standards often reinforce the use of outdated technologies. For anyone watching the Cybersecurity Maturity Model Certification (CMMC) drama unfold over the last three years, the update to the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 highlights the inconsistencies inherent in compliance objectives and security outcomes. As the federal government inches closer to a comprehensive standard across the Defense Industrial Base (DIB) and Federal Civilian Executive Branch (FCEB) supply chains, it must address the FIPS-validated cryptography conundrum.
Removing the Confusion Around Methods of Data Security
Billy VanCannon of Baffle breaks down all current data security methods, helping remove much of the confusion. Once isolated to the IT department, data privacy and security are now top priorities across the organization and the boardroom. Executives understand that protecting data has profound business implications, from maintaining compliance to securely analyzing data for market differentiation. However, there needs to be more clarity around which protection methods a company might implement based on their business needs.
What to Consider When Building an Autonomous SOC
Gunter Ollmann of Devo offers a crash course on autonomous SOC, laying down the foundation on what to consider when building yours. Today’s threat landscape demands more from IT and security professionals than ever before. Schools are being forced to shut down due to ransomware attacks, major brands are falling victim to reputation-harming data breaches, and an explosion of connected devices has broadened the attack surface. At the same time, cyber-criminals are getting smarter and savvier, developing new ways to evade detection software and make money. As cyber-criminals are getting more creative, the cybersecurity industry is improving and developing innovative solutions to protect businesses. Earlier this year, the FBI revealed it had turned the tables on the notorious Hive ransomware gang by secretly hacking the group’s systems, saving $130 million in ransomware demands for more than 300 victims. Despite our best efforts, there are still elements holding us back as an industry and continuing to make organizations vulnerable to cyber-attacks. Prevention, monitoring, and mitigation all happen in the Security Operations Center (SOC), and, right now, SOCs are facing the perfect storm for cyber-crime: lack of visibility into complex operating environments, inability to analyze cloud-scale volumes of data, and an industry-wide shortage of cybersecurity talent. As a result, security professionals are experiencing widespread burnout and unrealistic workloads, which lowers their productivity and creates higher security risks.
- Identity Management and Information Security News for the Week of May 26; SandboxAQ, QuSecure, TrustCloud, and More - May 26, 2023
- Identity Management and Information Security News for the Week of May 12; Corvus Insurance, Qumulo, UberEther, and More - May 12, 2023
- 18 World Password Day Quotes from Industry Experts in 2023 - May 3, 2023