5G-Enabled Road Safety and Cybersecurity Services for Connected and Automated Vehicles Research Paper Accepted by 2021 IEEE 93rd Vehicular Technology Conference

No Gravatar

Paper covers how Connected and Automated Vehicles will be protected from 5G malware and other threats, leading to much improved road safety

13 April 2021 – CALGARY, Canada and HELSINKI, Finland: The Celtic – Next 5G-Safe+ project recently had its research paper on “5G-Enabled Road Safety and Cybersecurity Services for Connected and Automated Vehicles” accepted for publication to be presented at the 2021 IEEE 93rd Vehicular Technology Conference (VTC2021), to be held between 25-28 April, 2021 virtually and in Helsinki, Finland.  Co-Written by several organizations in Finland, including: VTT Technical Research Centre of Finland Ltd., The Finnish Meteorological Institute, Vaisala Ltd. and Sitowise Ltd., along with Wedge Networks, Inc. of Canada, the 5G-SAFE+ consortium, the paper outlines a first pass analysis of the use cases and underlying architecture that will eventually be extended towards real pilots and testing in the future work of the consortium.

“Safety and support services running on top of 5G network infrastructures have a great opportunity to facilitate cooperative, connected and automated mobility (CCAM) for automotive and transport verticals in a variety of road conditions and operational environments.  As the rollouts of commercial 5G networks continue all over the world, the increasing coverage and continuously evolving capabilities of the technology make it an ideal connectivity platform for a variety of vehicle-to-everything (V2X) communications scenarios.  Critical network-based services enhancing the road traffic safety are able to exploit the ultra-reliable low latency communication (URLLC) services offered by 5G.  Other non-critical support services can rely on enhanced mobile broadband (eMBB) and massive machine type communications (mMTC) services provided by 5G networks and facilitate the operation of the intelligent road transport systems as well as the comfort and wellbeing of the drivers and passengers.” – IEEE 5G-enabled safety and support services for cooperative, connected and automated mobility.

As cyber security lead for the 5G-SAFE-PLUS consortium, Wedge Networks has provided the WedgeARP™ real-time network security and threat prevention platform that will protect the data and control flows between the different components within the 5G-Enabled Road Safety network.  WedgeARP™ provides network-based, real-time threat prevention for all types of endpoints in a wide range of networks (mobile data, 5G, SD-WAN, SASE, enterprise and carrier networks, SDN, and smart-city/IIoT). With an embedded deep learning AI engine and patented real-time deep content inspection technology, WedgeARP™ can detect never-before-seen malware in milliseconds. Running on an orchestrated threat management platform, it is an effective and autonomous approach to enable large-scale real-time threat prevention.

“Wedge Networks is proud to be providing the cyber security platform on which the 5G-SAFE-PLUS project will be running,” stated Dr. Hongwen Zhang CEO & CTO of Wedge Networks. “The publishing of this paper by the consortium has allowed us to outline the various use cases that are being considered to enhance the safety of connected and automated vehicles that will run on the 5G network with the ultimate goal of zero traffic casualties by 2050.  The paper’s acceptance by VTC2021 for presentation at the conference goes to show the important work that is being carried out in this field of Vehicular Technology and further highlights the need for cyber security for protecting these systems from malware and other threats now and into the future.”

The paper will be published shortly and will be presented virtually, via video recording, at the 2021 IEEE 93rd Vehicular Technology Conference: VTC2021-Spring conference on April 25, 2021.

About the CELTIC-NEXT project 5G-SAFE-PLUS

The 5G-SAFE-PLUS project for “5G Enabled Road Safety Services” aims to prevent traffic accidents and avoid casualties by delivering 5G-enabled time-critical road safety services to vehicles. Here, accurate weather and road maintenance information plays a key role together with direct incident/accident event information. The project will support wide-scale implementation and usage of advanced road weather, road maintenance and road safety services with enhanced 5G networking capabilities and service enablers.

For more information about 5G-SAFE-PLUS, visit: www.celticnext.eu/project-5g-safe-plus/

About CELTIC-NEXT

CELTIC-NEXT is the EUREKA Cluster for next-generation communications enabling the digital society. CELTIC-NEXT stimulates and orchestrates international collaborative projects in the Information and Communications Technology (ICT) domain. The CELTIC-NEXT programme includes a wide scope of ICT topics based on new high-performance communications networks supporting data-rich applications and advanced services, both in the ICT sector and across all vertical sectors. CELTIC-NEXT is labelled for 8 years from January 2019 until December 2026.

CELTIC-NEXT is an industry-driven initiative, involving all the major ICT industry players as well as many SMEs, service providers, and research institutions. The CELTIC-NEXT activities are open to all organisations that share the CELTIC-NEXT vision of an inclusive digital society and are willing to collaborate to their own benefit, aligned with their national priorities, to advance the development and uptake of advanced ICT solutions.

For more information about CELTIC-NEXT, visit: www.celticnext.eu

About Wedge Networks

Wedge Networks is a cyber security software vendor specializing in Real-time Threat Prevention.

Our technology platform, WedgeARP™, has the deepest visibility of network data in the industry, possessing an unmatched ability to defend against malicious attacks that are undetectable with shallow inspection techniques. It delivers the highest real-time performance of orchestrated security services through a software implementation that is portable to all x86 servers. Trained with nearly 1 billion threat samples, its automated and continually-learning embedded artificial neural network can detect never-before-seen malware in milliseconds. WedgeARP™ represents the present and future of how much-needed security services can be delivered, from the cloud core to the ever-expanding network edge, to help reduce the security gap.  Supported by a world class software product team in Canada, it allows enterprises, governments, telecommunications providers and critical infrastructure operators to achieve real-time prevention of advanced threats; and enables Wedge’s distribution partners to increase their Average Revenue Per User (ARPU) and reduce customer CHURN.

With numerous patents, industry awards, and twice bestowed with Build-In-Canada Innovation awards, its products are distributed through MSSP, OEM, VAR and SI partners to end customers worldwide.  Wedge is headquartered in Calgary, Canada with international teams in the North America, Asia Pacific, Europe, and the Middle East and North Africa regions.

For more information on Wedge Networks, visit http://www.wedgenetworks.com/

Please forward any media or PR inquiries to: PR@wedgenetworks.com

Cautionary Statements and Forward Looking Information

This release contains forward-looking statements, which are based on current expectations, estimates, and projections about the Corporation’s business and prospects, as well as management’s beliefs, and certain assumptions made by management. Words such as “anticipates,” “expects,” “intends,” “plans,” “believes,” “seeks,” “estimates,” “may,” “should,” “will” and variations of these words are intended to identify forward-looking statements. Such statements speak only as of the date hereof and are subject to change. The forward-looking statements contained in this news release are made as of the date hereof and Wedge undertakes no obligation to update, publicly or otherwise, or revise any forward-looking information, whether as a result of new information, future events or otherwise unless expressly required by applicable securities laws. The forward-looking information contained in this press release are expressly qualified by this cautionary statement. Readers are cautioned that any such forward-looking statements are not guarantees of future business activities and involve risks and uncertainties, and that the Corporation’s future business activities may differ materially from those in the forward-looking statements as a result of various factors , including, but not limited to: expansion and business strategies, anticipated growth opportunities, the partnership with DLS, the impact of the COVID-19 pandemic, general economic, market or business conditions, the amount of fundraising necessary to perform on its business objectives, operational risks, the ability of the Corporation to raise necessary funds for its business objectives, and the outcome of commercial negotiations. Such statements are not guarantees of future performance and are subject to certain risks, uncertainties, and assumptions that are difficult to predict. Accordingly, actual results could differ materially and adversely from those expressed in any forward-looking statements as a result of various factors. There can be no assurances that such information will prove accurate and, therefore, readers are advised to rely on their own evaluation of such uncertainties. Although the Company believes that the assumptions and factors on which such forward-looking statements is based are reasonable, undue reliance should not be placed on the forward-looking statements as the Company can give no assurance that it will prove to be correct or that any of the events anticipated by such forward-looking statements will transpire or occur, or if any of them do so, what benefits the Company will derive therefrom.

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , | Leave a comment

Wedge Networks Selected For Canadian Technology Accelerator Program In Taiwan

No Gravatar

Wedge and its WedgeARP™ Technology Chosen for the Digital Technology Program as a Result of the Product’s Innovative Differentiated IP, Strong Growth Potential and Competitive Advantage

09 April 2021 – CALGARY, Canada and TAIPEI, Taiwan: Wedge Networks, a global leader in software defined Orchestrated Real-time Threat Prevention, today announced that it has been selected to participate in the Canadian Government’s Technology Accelerator (CTA) Program in Taipei, Taiwan. The CTA initiative, organized through the Canadian Trade Commissioner Service (CTCS), helps Canadian companies with existing technologies explore growth opportunities and expand commercialization in foreign markets; by providing mentoring and introductions to potential partners, investors and customers. Chosen through a highly competitive selection process, the CTCS and a panel of industry experts review applicants and select the strongest and most innovation Canadian companies with highly impactful technology and solutions for exclusive participation.

The CTA program in Taipei, in partnership with local accelerator Garage+, is focused on Canadian tech companies with AI or innovative digital solutions in ICT, 5G, Smart Healthcare, Smart Manufacturing, Smart City, Fintech and any other applied areas to participate in the upcoming CTA Taipei Digital Cohort.

The CTA Taipei Digital Cohort is a non-equity and free-of-charge program that helps Canada’s innovative digital SMEs immerse themselves in the leading Digital ecosystems in Taiwan. This program supports companies by providing access to local mentors, investors, major industry players and innovation partners. Via the CTA program, Canadian companies gain a deeper understanding of the market opportunities for their technology in Taiwan with potential clients, partners and investors.

Wedge Networks and its built-in-Canada WedgeARP™ platform provides network-based, real-time threat prevention for all types of endpoints in a wide range of networks (mobile data, 5G, SD-WAN, SASE, enterprise and carrier networks, SDN, and smart-city/IIoT). With an embedded deep learning AI engine and patented real-time deep content inspection technology, WedgeARP™ can detect never-before-seen malware in milliseconds. Running on an orchestrated threat management platform, it is an effective and autonomous approach to enable large-scale real-time threat prevention solving the problem of the “Expanding Security Gap”.

“Wedge Networks is pleased and excited to be chosen to participate in the CTA Program for Taipei in the Spring cohort,” stated Mr. Rob Fong COO & CFO of Wedge Networks. “By selecting Wedge for this business accelerator program it provides strong credibility to our WedgeARP™ platform and our company as a whole as it emphasizes the Canadian Government’s trust in our built-in-Canada real-time threat prevention technology. We expect that the CTA will rapidly spur our growth in the Taiwanese market as well as allow us to further expand into the surrounding region.”

Because of the current COVID-19 situation, the program will be delivered to participants virtually, with the in-market program being confirmed at a later date. The CTA Program in Taipei runs from April 1 to July 31, 2021.

About the Canadian Trade Commissioner Service
Part of Global Affairs Canada, the Canadian Trade Commissioner Service (TCS) is a network of more than 1000 trade professionals working in Canadian embassies, high commissions, and consulates located in 161 cities around the world and with offices across Canada.

The Trade Commissioner Services helps companies that are looking to export, invest abroad, attract investment abroad or develop innovation and R&D partnerships. They provide advice on marketing strategies and up to date market and sector information to help smooth a Canadian company’s path to doing business abroad.

Created in 1894, the Canadian Trade Commissioner Service (TCS) has 125 years of experience helping Canadian companies succeed in foreign markets by promoting the economic interests of Canada in the global marketplace.

Since Canada’s first Trade Commissioner’s posting to Australia in 1895, the role of the TCS has become increasingly critical and of higher value within an ever evolving global economy. Canada’s active and successful participation in the global economy impacts all Canadians. Consider that a fifth of all jobs in this country are directly linked to international trade and half of what we manufacture in Canada is exported.

For more information about the CTCS, visit: https://www.tradecommissioner.gc.ca

About Garage+
Founded by Epoch Foundation, a renowned non- profit organization based in Taipei, Taiwan, Garage+ doesn’t just provide a space for incubation but also fosters a thriving startup ecosystem supported by experienced and successful entrepreneurs.

The vibrant community of Garage+ helps facilitate early-stage startups to build a team, enhance connections, strengthen core values, access fundraising resources and eventually get to the top. Since 2012, 75% of Garage+ teams have received funds from professional investors and have continued to grow business in various industries.

With the support and sponsorship from major companies in Taiwan including TSMC, Delta Electronic, Quanta Computer, and MediaTek, etc., the Garage+ Campus will expand into a new space (Chia Hsin Building) located in downtown Taipei starting in November, 2014.

For more information about Garage+, visit: https://www.garageplus.asia/en

About Wedge Networks
Wedge Networks is a cyber security software vendor specializing in Real-time Threat Prevention.

Our technology platform, WedgeARP™, has the deepest visibility of network data in the industry, possessing an unmatched ability to defend against malicious attacks that are undetectable with shallow inspection techniques. It delivers the highest real-time performance of orchestrated security services through a software implementation that is portable to all x86 servers. Trained with nearly 1 billion threat samples, its automated and continually-learning embedded artificial neural network can detect never-before-seen malware in milliseconds. WedgeARP™ represents the present and future of how much-needed security services can be delivered, from the cloud core to the ever-expanding network edge, to help reduce the security gap. Supported by a world class software product team in Canada, it allows enterprises, governments, telecommunications providers and critical infrastructure operators to achieve real-time prevention of advanced threats; and enables Wedge’s distribution partners to increase their Average Revenue Per User (ARPU) and reduce customer CHURN.

With numerous patents, industry awards, and twice bestowed with Build-In-Canada Innovation awards, its products are distributed through MSSP, OEM, VAR and SI partners to end customers worldwide. Wedge is headquartered in Calgary, Canada with international teams in the North America, Asia Pacific, Europe, and the Middle East and North Africa regions.

For more information on Wedge Networks, visit http://www.wedgenetworks.com/
Please forward any media or PR inquiries to: PR@wedgenetworks.com

Cautionary Statements and Forward Looking Information

This release contains forward-looking statements, which are based on current expectations, estimates, and projections about the Corporation’s business and prospects, as well as management’s beliefs, and certain assumptions made by management. Words such as “anticipates,” “expects,” “intends,” “plans,” “believes,” “seeks,” “estimates,” “may,” “should,” “will” and variations of these words are intended to identify forward-looking statements. Such statements speak only as of the date hereof and are subject to change. The forward-looking statements contained in this news release are made as of the date hereof and Wedge undertakes no obligation to update, publicly or otherwise, or revise any forward-looking information, whether as a result of new information, future events or otherwise unless expressly required by applicable securities laws. The forward-looking information contained in this press release are expressly qualified by this cautionary statement. Readers are cautioned that any such forward-looking statements are not guarantees of future business activities and involve risks and uncertainties, and that the Corporation’s future business activities may differ materially from those in the forward-looking statements as a result of various factors , including, but not limited to: expansion and business strategies, anticipated growth opportunities, the partnership with DLS, the impact of the COVID-19 pandemic, general economic, market or business conditions, the amount of fundraising necessary to perform on its business objectives, operational risks, the ability of the Corporation to raise necessary funds for its business objectives, and the outcome of commercial negotiations. Such statements are not guarantees of future performance and are subject to certain risks, uncertainties, and assumptions that are difficult to predict. Accordingly, actual results could differ materially and adversely from those expressed in any forward-looking statements as a result of various factors. There can be no assurances that such information will prove accurate and, therefore, readers are advised to rely on their own evaluation of such uncertainties. Although the Company believes that the assumptions and factors on which such forward-looking statements is based are reasonable, undue reliance should not be placed on the forward-looking statements as the Company can give no assurance that it will prove to be correct or that any of the events anticipated by such forward-looking statements will transpire or occur, or if any of them do so, what benefits the Company will derive therefrom.

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , , , | Leave a comment

The Accellion Breach Highlights the Need for Real-time Threat Prevention

No Gravatar

The latest exploit to come down the pipe – the Accellion Breach; has the premise to be just as bad as Solar Winds.  Similar to the Solar Winds hack, where it was a supply-chain exploit that utilized a trusted update server to pass along malware, the Accellion Breach exploits zero-day vulnerabilities in the end-of-lifed Accellion File Transfer Appliance and has impacted multiple federal, state, local, tribal and territorial governments as well as private industry organizations.

Although Accellion had quietly released a patch in December (see Wired.com) and then provided more fixes in January in order to address several vulnerabilities in its network equipment.,  hackers had by then already exploited the vulnerabilities to great effect with dozens of companies and government organizations worldwide acknowledging that they had been breached.  At issue is that Accellion’s File Transfer Appliance is essentially a dedicated piece of hardware used to move large and sensitive files within the network.  In a normal case, attackers would need to hunt around the network in order to find sensitive files, which would require a bit of guessing.  With the Accellion FTA, the guesswork has already been carried out because everything being sent through the appliance would be pre-identified as being sensitive.

As reported by ZDNet, organizations such as banks, financial, transportation, and even other cybersecurity companies are just some of the many that have been affected, with hackers threatening to publish sensitive documents unless they are paid ransom.

What is unfortunate in this case is that the Accellion FTA product, which has been around for more than 20 years, had already been close to “end of life”, with the company already planning to end support for the product as of this April, and had already discontinued support of the underlying operating system, Centos 6, as of November.  The company had been working to transition its customers over to their newer platform, Kiteworks.  With many companies and organizations often taking years to actually transfer away from legacy network equipment like the FTA product, it is expected that more breaches will come to light and could still occur on unpatched devices still in operation. This further highlights the challenges that all organizations are currently facing with the COVID issue, where many are behind on major infrastructure projects and upgrades to their networks.  This is where Wedge can help with a quick L2 transparent install that can be facilitated by the Wedge solution.

Getting back to the technical details behind the breach, there were 4 vulnerabilities that hackers had targeted in order to compromise the device.  These include: 1. An SQL injection, 2. An Operating System Command Execution, 3. A Server-side request Forgery and 4. An Operating System Command Execution.  As per the CISA alert, organizations using this device should follow the mitigation advice provided and ensure that their device has been updated to version FTA_9_12_432 or later.  They should also look to replace out the solution before it reaches its End of Life on April 30, 2021.

Thankfully, for those organizations who are still utilizing the Accellion FTA solution and who are still working on plans for its replacement, there is still a level of protection that can be put in place for this breach, along with others that are sure to arise in the future.  It must be said that even when the Accellion FTA solution is replaced, the problem still remains where exploits like this can occur, potentially with other devices and solutions out there.  The key is having a real-time prevention solution that can scan the actual stream in real-time to prevent any kind of attack.  The WedgeARP™ platform, was developed to help prevent this and other potential breaches.  Built around patented Deep Content Inspection, it can see the intent of content flowing through the network, and has been enhanced with AI and automated machine learning that enables Real-time Threat PREVENTION; essentially stopping breaches like this before they happen.  In this case, in addition to the real-time threat prevention that is the hallmark of the Wedge solution, WedgeARP™ can detect SQL injections in any stream that passes through it, blocking them before they can do any harm.

With many more organizations out there that have the Accellion FTA solution still in place within their networks, WedgeARP™ can help them prevent potential breaches until such time that they are able to replace this EOL solution with something more up to date.  We know that, similar to the SolarWinds hack, many more organizations are going to be affected because of the prevalence of the Accellion FTA in use.  It is just a matter of making sure that your organization has a solution like WedgeARP™ in place to help ensure that your organization doesn’t become a statistic.  To learn more about how WedgeARP™ can help secure your organization against this and other attacks, contact our team at: info@wedgenetworks.com.

Posted in Industry News, Latest Security News, Wedge Channel Partner Forum | Tagged , , , , , | Leave a comment

Mavinci Bilişim Sanayi ve Tic. A.S. Signs OEM Partnership With Wedge Networks, Furthering Its Ties and Embedding Real-time Threat Prevention Into Its Cyber Security Offerings

No Gravatar

With a focus on security, defense and nuclear safety, Mavinci Bilişim Sanayi ve Tic. A.S. to utilize WedgeARP as part of its platform solution in Turkey and across the EU

11 March 2021 – CALGARY, Canada and ANKARA, Turkey: Mavinci Bilişim Sanayi ve Tic. A.S. (“Mavinci”), a leading software development and R&D company, headquartered in Ankara, Turkey, announced today that it has entered into an OEM partnership agreement with Wedge Networks, Inc. to offer the Wedge Absolute Real-time Protection™ (“WedgeARP™”) platform in Europe, starting with Turkey. With its expertise in Artificial Intelligence, Cyber Security, Cloud technologies and High-Tech Computational Engineering, Mavinci will integrate the WedgeARP™ platform into its offerings and will market it under its own brand.

WedgeARP™ provides network-based, real-time threat protection for all types of endpoints in a wide range of networks (mobile data, 5G, SD-WAN, SASE, enterprise and carrier networks, SDN, and smart-city/IIoT). With an embedded deep learning AI engine and patented real-time deep content inspection technology, WedgeARP™ can detect never-before-seen malware in milliseconds. Running on an orchestrated threat management platform, it is an effective and autonomous approach to enable large-scale real-time threat prevention.

The deeper integration of the WedgeARP™ platform into Mavinci’s product portfolio, to be sold under the growing Mavinci brand, will quickly expand the reach of Wedge’s real-time threat prevention into the larger EU market, beginning in Mavinci’s home base of Turkey.  This trusted relationship will enhance the sharing of threat intelligence within the partnership and will allow Mavinci and other partners in the Wedge ecosystem to better respond to cyber threats in real-time.

“Beginning with our agreement with Wedge in the UK market, and after extensive evaluations of the WedgeARP™ platform, it became clear that it could provide us with the solid real-time threat prevention base that could anchor our security product line-up not only in that market but across Europe. Real-time threat prevention is a must-have in the new digital economies that must continuously battle against unknown cyber threats.” said Muhammed Salih Cetin, CEO of Mavinci.

“Mavinci continues to develop innovative solutions to protect people and the environment and with this agreement we are taking firm steps towards becoming a leading company in the security and defense space. By further integrating the Wedge platform with this OEM partnership, it future-proofs our offerings and will quickly vault us into a leadership position in the EU marketplace.”

With almost a decade of experience, Mavinci Bilişim A.Ş. (Türkiye) has been growing rapidly in the European market.  The company continues its focus on offering special solutions to its customers with its expert and experienced research and innovation teams with the goal of developing and offering the right products and software in line with the needs of the market.

“After initially signing Mavinci to a resale agreement in the UK market, both companies quickly realized the huge growth potential for taking the next step into an OEM partnership,” stated Dr. Hongwen Zhang CEO & CTO of Wedge Networks. “Mavinci is a unique organization within its geographical region and application area with its focus on cyber-physical systems and critical infrastructure; where WedgeARP™ excels in providing security.  With a shared vision of providing real-time threat prevention to the broader market, Wedge is proud that its WedgeARP™ security platform will help drive Mavinci’s long-term growth.”

Mavinci Bilişim Sanayi ve Tic. A.S. will distribute, market, and promote the Wedge solutions across the EU market, beginning in Turkey.

About Mavinci Bilişim Sanayi ve Tic. A.S.

Mavinci Bilişim Sanayi ve Tic. A.S. develops high level technical capabilities in the fields of Artificial Intelligence, Cyber Security, Nuclear Safety, CBRN, Cloud technologies, and High-Tech Computational Engineering in the security, nuclear, corporate and defence sectors.

Mavinci has a well-defined containerization process for legacy applications which are working on Linux and/or Windows OSes. Depending on the customer’s requirements our services start from simply virtualizing the environments and moving to the cloud towards analyzing the source code and defining decompositions, components, interdependencies, refactoring, testing, dockerizing and deploying with a microservice architecture. We mainly focus on smart technologies with our own products and software platforms to bring effective, time and money saving solutions in our customers’ lives.

Mavinci owns TTSO Nuclear AS in Turkey in the field of Nuclear Safety and Mavinci Limited as a UK based technology company. The goal of the companies is to design & develop novel, innovative and effective solutions for its customers.

For more information on Mavinci, visit: https://www.mavinci.com.tr/en-US/WebSite

About Wedge Networks

Wedge Networks Inc. is a Real-Time Threat Prevention solutions company. Its innovative technology platform, Wedge Absolute Real-time Protection (WedgeARP™), is a software defined orchestrated network security system. Deployed, via the cloud, on premises, or in a virtualized environment, in data centers by enterprises, governments, and managed security service providers, WedgeARP™ inspects, detects, and blocks in real-time, malware and cyber threats (known, unknown and customized). Wedge does this through its patented Deep Content Inspection (DCI) technologies, combined with artificial intelligence and best-of-breed security functions.

Awarded a Gartner Cool Vendor designation, and twice bestowed with Build-In-Canada Innovation awards, Wedge Networks is headquartered in Calgary, Canada with international teams in the North America, Asia Pacific, and the Middle East and North Africa regions.

For more information on Wedge Networks, visit http://www.wedgenetworks.com/

Please forward any media or PR inquiries to: PR@wedgenetworks.com

Cautionary Statements and Forward Looking Information

This release contains forward-looking statements, which are based on current expectations, estimates, and projections about the Corporation’s business and prospects, as well as management’s beliefs, and certain assumptions made by management. Words such as “anticipates,” “expects,” “intends,” “plans,” “believes,” “seeks,” “estimates,” “may,” “should,” “will” and variations of these words are intended to identify forward-looking statements. Such statements speak only as of the date hereof and are subject to change. The forward-looking statements contained in this news release are made as of the date hereof and Wedge undertakes no obligation to update, publicly or otherwise, or revise any forward-looking information, whether as a result of new information, future events or otherwise unless expressly required by applicable securities laws. The forward-looking information contained in this press release are expressly qualified by this cautionary statement. Readers are cautioned that any such forward-looking statements are not guarantees of future business activities and involve risks and uncertainties, and that the Corporation’s future business activities may differ materially from those in the forward-looking statements as a result of various factors , including, but not limited to: expansion and business strategies, anticipated growth opportunities, the partnership with DLS, the impact of the COVID-19 pandemic, general economic, market or business conditions, the amount of fundraising necessary to perform on its business objectives, operational risks, the ability of the Corporation to raise necessary funds for its business objectives, and the outcome of commercial negotiations. Such statements are not guarantees of future performance and are subject to certain risks, uncertainties, and assumptions that are difficult to predict. Accordingly, actual results could differ materially and adversely from those expressed in any forward-looking statements as a result of various factors. There can be no assurances that such information will prove accurate and, therefore, readers are advised to rely on their own evaluation of such uncertainties. Although the Company believes that the assumptions and factors on which such forward-looking statements is based are reasonable, undue reliance should not be placed on the forward-looking statements as the Company can give no assurance that it will prove to be correct or that any of the events anticipated by such forward-looking statements will transpire or occur, or if any of them do so, what benefits the Company will derive therefrom.


Posted in Industry News, Latest Security News, Wedge Channel Partner Forum, Wedge News | Tagged , , , , , , , , | Leave a comment

Mavinci Limited (UK) Inks Partnership With Wedge Networks to Provide Real-Time Threat Prevention to the Public and Private Sectors

No Gravatar

Bespoke Software Development and R&D Company, Mavinci (UK) to Offer Wedge Networks’ Absolute Real-time Protection Platform – WedgeARP™ Throughout the UK

18 Feb 2021 – CALGARY, Canada and READING, UK: Mavinci Limited (UK) (“Mavinci”), a leading software development and R&D company, headquartered in Reading, UK, announced today that it has entered into a partnership agreement with Wedge Networks, Inc. to offer the Wedge Absolute Real-time Protection™ (“WedgeARP™”) platform across the United Kingdom. With its expertise in Artificial Intelligence, Cyber Security, Cloud technologies and High-Tech Computational Engineering, Mavinci hopes to bring WedgeARP™ to the government and public-private sectors to secure markets such as banking, education, defense, security and more.

WedgeARP™ provides network-based, real-time threat protection for all types of endpoints in a wide range of networks (mobile data, 5G, SD-WAN, SASE, enterprise and carrier networks, SDN, and smart-city/IIoT). With an embedded deep learning AI engine and patented real-time deep content inspection technology, WedgeARP™ can detect never-before-seen malware in milliseconds. Running on an orchestrated threat management platform, it is an effective and autonomous approach to enable large-scale real-time threat prevention.

The addition of the WedgeARP™ platform to Mavinci’s stable of products immediately strengthens their cyber security portfolio and quickly expands the reach of Wedge’s real-time threat prevention throughout the UK.

“We conducted thorough evaluations of WedgeARP and were impressed by its ability and innovations such as Deep Content Inspection and Orchestrated Threat Management. We believe that WEDGE is producing what digital economies need to protect themselves against unknown cyber threats. We are confident that our partnership will bring new opportunities in this fast growing market.” said Muhammed Salih Cetin, CEO of Mavinci.

“Mavinci is developing innovative solutions to protect people and the environment. WEDGE products will be the spearhead for our security oriented technological solutions.  The UK market is investing in cyber prevention with an increasing trend.  We plan on becoming a trusted cyber security provider in the UK market, then aim to become one of the top 5 companies in the long term for providing cyber threat prevention solutions.”

Recently founded in the UK in 2020 by its parent company Mavinci Bilişim A.Ş. (Türkiye), Mavinci (UK) enters the European market with rapid growth momentum.  The company continues its focus on offering special solutions to its customers with its expert and experienced research and innovation teams with the goal of developing and offering the right products and software in line with the needs of the market.

“Mavinci shares our vision to provide real-time threat prevention for rapid digital transformation,” stated Dr. Hongwen Zhang CEO & CTO of Wedge Networks. “As a company with a strong track record of serving the EU market, Mavinci’s expansion into the UK market is timely. Wedge is proud to be a partner that can contribute to Mavinci’s growth”

Mavinci Limited (UK), will distribute, market, and promote the Wedge solutions across the UK.

About Mavinci Limited (UK)

Mavinci Limited is a bespoke software development and R&D company and was established in the UK in 2020 by Muhammed Salih Çetin, CEO of Mavinci AS (Turkey) with the vision of providing “Technology for Humanity”.  Its parent company, Mavinci AS, is well-established and operates in the areas of C5ISR and Simulation, Artificial Intelligence, Cloud Technologies, Cyber Security and Hardware Technologies and is the head of the Technical Support Branch of the National Nuclear Cluster in Turkey.  The company was awarded with the NATO and the National Facility Security Certification by the Ministry of National Defense, which authorizes the company to provide services to NATO as well as supply equipment and logistics to the Turkish Armed Forces.

Mavinci has developed and owns the Intellectual Property Rights for several innovative products and software platforms, with expertise in Artificial Intelligence, Cyber Security, Cloud technologies, and High-Tech Computational Engineering in the security, nuclear, corporate and defence sectors.

Clients for Mavinci include several government agencies, Coca-Cola, NATO related bases, and small to large corporations. The goal of the company is to design & develop novel, innovative and effective solutions for customers.

For more information on Mavinci (UK), visit https://www.mavinci.co.uk/en-US/Website

About Wedge Networks

Wedge Networks Inc. is a Real-Time Threat Prevention solutions company. Its innovative technology platform, Wedge Absolute Real-time Protection (WedgeARP™), is a software defined orchestrated network security system. Deployed, via the cloud, on premises, or in a virtualized environment, in data centers by enterprises, governments, and managed security service providers, WedgeARP™ inspects, detects, and blocks in real-time, malware and cyber threats (known, unknown and customized). Wedge does this through its patented Deep Content Inspection (DCI) technologies, combined with artificial intelligence and best-of-breed security functions.

Awarded a Gartner Cool Vendor designation, and twice bestowed with Build-In-Canada Innovation awards, Wedge Networks is headquartered in Calgary, Canada with international teams in the North America, Asia Pacific, and the Middle East and North Africa regions.

For more information on Wedge Networks, visit http://www.wedgenetworks.com/
Please forward any media or PR inquiries to: PR@wedgenetworks.com

Cautionary Statements and Forward Looking Information

This release contains forward-looking statements, which are based on current expectations, estimates, and projections about the Corporation’s business and prospects, as well as management’s beliefs, and certain assumptions made by management. Words such as “anticipates,” “expects,” “intends,” “plans,” “believes,” “seeks,” “estimates,” “may,” “should,” “will” and variations of these words are intended to identify forward-looking statements. Such statements speak only as of the date hereof and are subject to change. The forward-looking statements contained in this news release are made as of the date hereof and Wedge undertakes no obligation to update, publicly or otherwise, or revise any forward-looking information, whether as a result of new information, future events or otherwise unless expressly required by applicable securities laws. The forward-looking information contained in this press release are expressly qualified by this cautionary statement. Readers are cautioned that any such forward-looking statements are not guarantees of future business activities and involve risks and uncertainties, and that the Corporation’s future business activities may differ materially from those in the forward-looking statements as a result of various factors , including, but not limited to: expansion and business strategies, anticipated growth opportunities, the partnership with DLS, the impact of the COVID-19 pandemic, general economic, market or business conditions, the amount of fundraising necessary to perform on its business objectives, operational risks, the ability of the Corporation to raise necessary funds for its business objectives, and the outcome of commercial negotiations. Such statements are not guarantees of future performance and are subject to certain risks, uncertainties, and assumptions that are difficult to predict. Accordingly, actual results could differ materially and adversely from those expressed in any forward-looking statements as a result of various factors. There can be no assurances that such information will prove accurate and, therefore, readers are advised to rely on their own evaluation of such uncertainties. Although the Company believes that the assumptions and factors on which such forward-looking statements is based are reasonable, undue reliance should not be placed on the forward-looking statements as the Company can give no assurance that it will prove to be correct or that any of the events anticipated by such forward-looking statements will transpire or occur, or if any of them do so, what benefits the Company will derive therefrom.

Posted in Industry News, Latest Security News, Wedge Channel Partner Forum, Wedge News | Tagged , , , , , | Leave a comment

VPN Security, or Lack Thereof, Is Causing Security Liabilities: How WedgeARP™ Can Help with Real-time Threat Prevention

No Gravatar

Techradar published a piece recently on how VPN security is causing businesses a lot of headaches; mainly because there is often a lack of security when using legacy VPN services.  In a survey, highlighted by the article, although businesses around the globe have looked to the use of VPN services as a way to enable employees to stay connected and work from home during the pandemic, nearly two thirds of the survey respondents indicated that inadequate security was the number one concern and pain point with using VPNs.  Despite other concerns such as cost, performance issues and reliability of services, security remained at the top of the list, with almost 40% of those responding believing that their corporate network had already been breached by bad actors.  According to the survey, although many organizations revealed that they were not completely sold on utilizing VPN service going forward as a normal part of their operations, 86% of those responding said that they would consider other alternatives if they could offer improvements in terms of security, configuration and management, cost, performance and availabilty.  These respondents also said that if there was an alternative that could limit remote users’ access to specific applications or services without creating a network attack surface, they would immediately embrace this option.

The Techradar article really serves to provide additional support to what Wedge has been stating for a long time and reinforces the warnings that we have brought up about the lack of security with legacy VPNs and the potential implications that some organizations may face when considering things such as VPN Split-Tunneling.   The COVID pandemic greatly sped up the process and timeline for many companies who had been considering the move to allowing even just a portion of their workforce to a Work From Home (WFH) environment.  Unfortunately, because of the need for companies to quickly put infrastructure in place in order to allow their workers to work remotely under government imposed lockdowns, many of these organizations were ill-prepared to deal with the security ramifications that simple legacy VPNs would introduce into their networks.

Although VPNs were initially put in place to allow workers to access documents and other content from their corporate networks, this was originally set up to service perhaps 5% of the workforce.  When the pandemic hit, the numbers quickly shot up, with organizations requiring VPNs to service 95% or more of their workforce.  This surge in usage revealed legacy VPNs’ stress points and limitations and quickly opened the doors for hackers to utilize these vectors of attack and to use them to their advantage.  VPNs had provided some amount of security by allowing employees to use private tunnels to access their corporate networks; however, because of the lack of any sort of network security on their home networks, malware that was able to find its way onto these personal computers could then potentially use these VPN tunnels to propagate onto the corporate networks.  This increased attack surface has been causing the huge headaches that IT staff have had to deal with. 

Thankfully, there is a solution and that solution is Wedge Absolute Real-time Protection (WedgeARP).  The key to the problem, being faced by so many organizations out there using legacy VPNs, is to make sure that there is a solution in place that is scanning the traffic going through the VPN tunnels; ensuring that all content is malware free, without causing any networks slowdown.  And that is what the WedgeARP platform does and how it is able to provide the real-time threat prevention that is so sorely needed by organizations using VPNs.  By situation itself into the network infrastructure itself, WedgeARP uses Deep Content Inspection to reassemble packets into actual content in real-time that can be scanned by multiple levels of AV services that are orchestrated on the platform, including AI and machine-based services that can detect zero-days and never-before-seen malware.  Because WedgeARP is seeing content as it flows in both directions, it can detect malware that may have found its way onto the endpoint because of an unsecured home network and block it before it has a chance to work its way through the VPN to breach the corporate network.  Managed through a single pane of glass, WedgeARP can provide IT staff with actionable intelligence that it can use to determine where attacks are coming from and where they are being directed to.  As well, because WedgeARP can orchestrate a wide variety of security services, security policies such as limiting remote user access to specific applications and services can be put in place for all users; further reducing the attack surface for the corporate network.  As Techradar mentioned, users have been looking for an alternative to the lack of security on legacy VPNs and WedgeARP is that secure alternative.  To learn more about how WedgeARP is securing the WFH environment by providing much-needed VPN security, contact our team at: info@wedgenetworks.com.            

Posted in Industry News, Latest Security News | Tagged , , , , , , | Leave a comment

Microsoft Aiming to Battle Big Crisis Going on in Cybersecurity Right Now: Wedge Has Been Fighting This Battle For a While…

No Gravatar

Yahoo!Finance recently brought to light the fact that Microsoft has now become one of the big players in cybersecurity. After seeing a 40% year-on-year jump in its growing security business (which totalled $10 billion over the past 12 months), it now makes up around 7% of the company’s total revenue for the previous year.  This revenue comes from Microsoft’s security-related services that now include such products as Azure Active Directory, Intune, Microsoft Defender for Endpoint, Microsoft Cloud App Security, etc. which make up what Microsoft calls its Intelligent Cloud and Productivity and Business Processes segments.

Microsoft has been quietly cobbling together and building these services for a while now, according to CEO Satya Nadella, who states that “…you need to sort of obviously build all of this over a period of years if not decades and then sustain it through not just product innovation, but also I would say, practice every day.”

The announcement of these numbers is not just a random release but come in light of the massive SolarWinds cyber-attack that was uncovered in December and which continues to cause further fallout after hitting various private companies along with a broad swath of government agencies, including Treasury, Commerce and State Departments in the United States and around the world.

According to a Reuters report, Microsoft itself had been hacked, although no customer data appeared to have been breached.  According to the US National Telecommunications and Information Agency (NTIA), within its own organization, Microsoft’s Office 365 software had been hacked, which allowed intruders to monitor the agency’s emails for months.  Because of the extensive use of Microsoft products within the government, and because of the breadth of the security services it has started offering, many of these organizations that were hit started turning to Microsoft to determine the extent of the breaches and for advice on how to protect themselves.

As per Microsoft CEO Nadella, part of Microsoft’s strategy against cyber attacks is the incorporation of a “zero trust” architecture, meaning that the cybersecurity services are built to always function as though there has been a breach of some kind; taking more of a proactive approach to scanning for malware and other hacks going through the network.  This definitely provides a validation for Wedge as it has been incorporating this “zero trust” strategy into its product architecture from the beginning with its Deep Content Inspection technology that reassembles data packets back into MIME objects and then scanning these objects to see the full picture and “intent” of the content passing through.  It has further enhanced its offerings with the use of AI and Machine Learning in order to detect zero-day and previously unknown malware; proactively providing real-time threat PREVENTION.

The growing cybersecurity crisis has deepened over the past year, resulting from the Coronavirus Pandemic causing a massive uptick in companies shifting to a Work From Home (WFH) setup.  This has unfortunately introduced a new attack vector for hackers, who are doing their best to exploit it.  When workers are on their unprotected home networks, outside of the fortified corporate networks, it doesn’t take much to inadvertently click on something that could be malicious.  In the typical corporate network environment, something like this would be easily caught but in the home network that might not even have a simple firewall, these security breaches are greatly magnified.

Of course, the fact that there are a wide variety of different operating systems running the plethora of IoT devices out there does not make security any easier.  Although Microsoft security products provide some protection for devices running Microsoft, Apple and Google operating systems as well as devices running off competing clouds such as AWS and Google Cloud, the increasingly interconnected world will become even more difficult so secure because it becomes less about just protecting the devices with endpoint solutions and more about protecting the whole architecture that these devices connect to.  With cloud services growing at such a rapid rate, protecting end-customers connected to these services will become of paramount importance.

Which brings us back to Wedge and the cybersecurity fight that it has been battling almost since its inception.  Founded on a water treatment plant analogy where its founders felt that the best way to protect users was by cleaning the content at the source; this becomes ever increasingly important in the cloud connected world.  Through its Wedge Absolute Real-time Protection (WedgeARP) platform, the company has been building a platform that can orchestrate an ever-growing number of security services to scan content in real-time at the network layer.  By scanning the content itself, the platform is OS agnostic; able to protect endpoint devices regardless of the OS it is running on.  With patented hyper-streaming technologies and the integration of AI and machine learning, the platform is able to scan content in milliseconds, detecting known and even unknown malware, and then blocking it before the endpoint can be compromised – effectively providing the pro-active real-time threat PREVENTION that is much-needed by IoT devices everywhere.  The solution has been deployed in both service provider and corporate networks around the world, and protects millions of endpoints on a daily basis.

At the start of the pandemic, Wedge took the cyberthreats facing WFH users very seriously and further extended its product offering to help protect workers that had been forced from their fortified corporate office networks to work from their largely unprotected home office networks.  WedgeARP, which is offered through global reseller Ingram Micro as Secure Home Office, Secure Remote Office and Secure Azure Virtual WAN, and which can be run through Microsoft’s Azure cloud services, are just some of the solutions through which Wedge is helping to alleviate the cybersecurity crisis that is looming.  By helping to secure the attack vector that WFH opened up through these offerings, Wedge, as Microsoft is doing now, continues to place itself at the forefront of the larger global cybersecurity battle.  To learn more about WedgeARP and how it is being used to provide real-time threat prevention, contact our team at: info@wedgenetworks.com.  Using innovative approaches can help us hopefully avert the big cybersecurity crisis that is looming.

Posted in Industry News, Latest Security News, Wedge Channel Partner Forum | Tagged , , , , , , , , , | Leave a comment

DLS Technology Enters Partnership with Wedge Networks to Provide Real-Time Threat Prevention from Endpoint to Cloud

No Gravatar

Leading Canadian Technology Solutions and Service Provider, DLS to Offer Wedge Networks Absolute Real-time Protection Platform – WedgeARP™ Across Canada.

21 Jan 2021 – CALGARY & OTTAWA, Canada: DLS Technology Corporation (“DLS”), a leading technology solutions and service provider, headquartered in Ottawa, Canada, is announcing today that it has entered into a technology partnership agreement with Wedge Networks Inc. to offer their combined security solutions across the Canadian and Global markets. Through this technology alliance and strategic partnership, DLS will be able to deliver the Wedge Absolute Real-time Protection™ (“WedgeARP™”) platform, in conjunction with its vKey technologies to its customers, which include Canadian embassies and other related agencies worldwide.

WedgeARP™ provides network-based, real-time threat protection for all types of endpoints in a wide range of networks (mobile data, 5G, SD-WAN, SASE, and smart-city/IIoT). With an embedded deep learning AI engine and patented real-time deep content inspection technology, WedgeARP™ can detect never-before-seen malware in milliseconds. Running on an orchestrated threat management platform, it is an effective and autonomous approach to enable large-scale real-time threat prevention.

The addition of the WedgeARP™ platform to DLS’ comprehensive IT solutions creates an excellent and unique partnership opportunity for providing real-time threat protection to its growing list of customers.

“We have been working well with Wedge on the integration of our products and are excited to enter into this strategic alliance as it will allow us to offer real-time cyber security protection that will further enhance security across our client base, which includes highly secure embassies and other government-related organizations.” said Eric She, President of DLS.

“The Wedge and DLS collaborated platform will allow us to strengthen our security capabilities surrounding  data-in-motion, data-in-use and data-at-rest, all in real-time.”

Named one of Canada’s Fastest-Growing Companies by The Globe and Mail for three consecutive years. DLS been delivering IT and cybersecurity solutions that are effective, efficient, secure and trusted for over two decades, quickly becoming one of Canada’s leading IT solution and service providers.

“DLS is an important organization for Wedge to partner with as they share our beliefs and our mission to offer industry-leading real-time threat prevention,” stated Dr. Hongwen Zhang CEO & CTO of Wedge Networks. “With their current customers covering organizations and institutions including Canadian embassies, which require the highest levels of cyber security, we believe that these agencies will be much better protected with the added WedgeARP™ solution.”

DLS, as a technology partner with Wedge, will help to distribute, market, and promote the Wedge solutions across Canada.

About DLS Technology Corporation

Based in Ottawa, Ontario, Canada, DLS Technology Corporation offers comprehensive technology solutions and services to national clients within the government, healthcare, defence and finance sectors.

Named one of Canada’s Fastest-Growing Companies for three consecutive years, DLS takes a hardware and software-agnostic approach when developing its clients’ unique solutions, focusing on delivering comprehensive products that surpass expectations across all vertical with specialization in:

• Cybersecurity and Multifactor Authentication Advanced Search and Predictive Analytics
• Cloud Computing
• Endpoint Security
• Infrastructure and System Integration
• Identity Management and Authentications (MFA)
• Modern Workspace Transformation
• Secure Remote Access (SRA)
• Virtualization

About Wedge Networks

Wedge Networks Inc. is a Real-Time Threat Prevention solutions company. Its innovative technology platform, Wedge Absolute Real-time Protection (WedgeARP™), is a software defined orchestrated network security system. Deployed, via the cloud, on premises, or in a virtualized environment, in data centers by enterprises, governments, and managed security service providers, WedgeARP™ inspects, detects, and blocks in real-time, malware and cyber threats (known, unknown and customized). Wedge does this through its patented Deep Content Inspection (DCI) technologies, combined with artificial intelligence and best-of-breed security functions.

Awarded a Gartner Cool Vendor designation, and twice bestowed with Build-In-Canada Innovation awards, Wedge Networks is headquartered in Calgary, Canada with international teams in the North America, Asia Pacific, and the Middle East and North Africa regions.

For more information on Wedge Networks, visit http://www.wedgenetworks.com/
Please forward any media or PR inquiries to: PR@wedgenetworks.com

Cautionary Statements and Forward Looking Information

This release contains forward-looking statements, which are based on current expectations, estimates, and projections about the Corporation’s business and prospects, as well as management’s beliefs, and certain assumptions made by management. Words such as “anticipates,” “expects,” “intends,” “plans,” “believes,” “seeks,” “estimates,” “may,” “should,” “will” and variations of these words are intended to identify forward-looking statements. Such statements speak only as of the date hereof and are subject to change. The forward-looking statements contained in this news release are made as of the date hereof and Wedge undertakes no obligation to update, publicly or otherwise, or revise any forward-looking information, whether as a result of new information, future events or otherwise unless expressly required by applicable securities laws. The forward-looking information contained in this press release are expressly qualified by this cautionary statement. Readers are cautioned that any such forward-looking statements are not guarantees of future business activities and involve risks and uncertainties, and that the Corporation’s future business activities may differ materially from those in the forward-looking statements as a result of various factors , including, but not limited to: expansion and business strategies, anticipated growth opportunities, the partnership with DLS, the impact of the COVID-19 pandemic, general economic, market or business conditions, the amount of fundraising necessary to perform on its business objectives, operational risks, the ability of the Corporation to raise necessary funds for its business objectives, and the outcome of commercial negotiations. Such statements are not guarantees of future performance and are subject to certain risks, uncertainties, and assumptions that are difficult to predict. Accordingly, actual results could differ materially and adversely from those expressed in any forward-looking statements as a result of various factors. There can be no assurances that such information will prove accurate and, therefore, readers are advised to rely on their own evaluation of such uncertainties. Although the Company believes that the assumptions and factors on which such forward-looking statements is based are reasonable, undue reliance should not be placed on the forward-looking statements as the Company can give no assurance that it will prove to be correct or that any of the events anticipated by such forward-looking statements will transpire or occur, or if any of them do so, what benefits the Company will derive therefrom.

Posted in Industry News, Latest Security News, Wedge Channel Partner Forum, Wedge News | Tagged , , , , , , | Leave a comment

The Global Pandemic is Causing Cyber-Security Teams to Burnout: Why Automated Real-time Threat Prevention Can Help

No Gravatar

ZDNet published an eye-opening –  but at the same time very understandable – article that outlined why the Coronavirus pandemic is seeing cybersecurity teams struggling with burnout as time goes on.  With the second wave hitting many countries, and further lockdowns occurring, this has forced many security operation centres (SOCs) to work remotely while dealing with the new threats that the Work From Home (WFH) environment has introduced.  Not surprisingly, this is leading to higher workloads and an increase in burnout for cybersecurity staff.

According to research from the Ponemon Institute, the current pandemic has increased the hours and workload of information security staff, which was already a high intensity / high stress environment to begin with.  The shift that many organizations saw in 2020, going from mainly office-based to working from home, was also mirrored by a significant number of cybersecurity personnel having to do the same, with over 1/3 of SOC environments shifting to work remotely.

As we’ve mentioned in earlier posts, the big shift to WFH has exacerbated the problems for cybersecurity staff.  Before, when they just had to secure an office environment, they dealt with a wide range of threats such as phishing, malware, ransomware, etc.  Now that a large portion of their organizations are in an WFH environment, it adds an additional layer of complexity and more challenges as they must now also protect those outside of the fortified office network environment from these threats and other ones that are introduced by employees working remotely.

As employees connect to work systems from their home internet connections (and often from their own personal computers), this opens up additional attack vectors that cyber criminals can use to enter corporate networks.  Again, all of these changes have made it even harder for cybersecurity staff, who themselves are now working remotely at home with potentially less resources available to them.  Just like other staff, cybersecurity teams are having to do their jobs while also dealing with the additional pressures and distractions of the work from home environment.  With these additional distractions, it can be hard for cybersecurity analysts to stay productive and focus on defending the networks that they have been tasked with protecting.

The same Ponemon survey has spotlighted that the additional pressures of working in the cybersecurity field while having to work remotely has lowered staff moral to the extent that 3/4 have stated they have experienced burnout from the job.  This has led to some security analysts leaving their positions, further increasing the shortage of these analysts and leading to an increase in the average salary for these positions; which has risen to $111,000, up from $102,000 just prior to the start of the pandemic a year ago.
Although, like many other jobs, SOCs can optimally operate when their staff can meet in-person.   However, SOCs may not be going back to becoming an in-person entity any time soon with potentially other disasters, physical or otherwise, forcing a similar pattern of working remotely in the future.  Organizations need to learn how to manage their cybersecurity staff remotely when events occur that prevent them from working from the office.

And this is where Wedge Networks comes in with its Wedge Absolute Real-time Protection platform (WedgeARP), a deep content inspection-based solution that orchestrates best-in-breed security services along with Ai / Machine learning   We have been keenly aware of the expanding security gap (where rapidly expanding security workloads are greatly outpacing enterprise security capacity) and have tailored our platform to help alleviate this issue.  Not only is WedgeARP effective in providing automated real-time PREVENTION of advanced threats, but it also has detailed analytics built-in to its “single-pane-of-glass” user interface; providing security teams with actionable intelligence that can aid them in further fortifying their networks.  By helping to reduce cybersecurity teams’ workloads – stopping threats before they can cause damage corporate networks – and then by providing them with easy-to-use tools that can reduce the “alert noise” that their other solutions are generating, WedgeARP is an effective solution that can actually help to close the security gap.  By allowing cyber security teams to work smarter and not harder, this can reduce burnout in the employees and help organizations retain these highly skilled staff members.

To learn more about how WedgeARP and its automated real-time threat prevention can help your cybersecurity team work more efficiently in these ever-stressful times, contact us at: info@wedgenetworks.com.  

Posted in Industry News, Latest Security News, Wedge Channel Partner Forum | Tagged , , , , , , , , | Leave a comment

The SolarWinds Aftermath: Detection and Response is Not A Viable Solution – The Benefits of Real-time Threat Prevention

No Gravatar

The SolarWinds compromise has unleashed a flurry of activity in the cybersecurity industry as of late.  Almost all of the activities are related to trying to remediate against the hack that has left untold numbers of organizations vulnerable; and trying to patch holes in their security to ensure that they do not continue to potentially leak confidential information.  

After the SolarWinds revelation, both the Canadian Government and the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which is a part of the U.S. Department of Homeland Security, issued an emergency directive calling on all federal civilian agencies to review their computer networks for signs of compromise and to disconnect from SolarWinds Orion products immediately.  Unfortunately, SolarWinds, which has a wide variety of government contracts (including military and intelligence services, according to Reuters), was attacked and the attackers used a “supply chain attack” method to embed malicious code into SolarWinds’ legitimate software updates.

What is now known is that the malicious updates to SolarWinds’ Orion platform was to blame for global hacks, including the one on FireEye, that occurred earlier this month.  In the FireEye attack, it was reported that the company’s “Red Team” toolkit was stolen, which are tools that can be used to look for vulnerabilities in systems.  This hack of FireEye and data theft puts the toolkit in the hands of hackers, who can then use them for mounting new attacks around the world.

Unfortunately, the SolarWinds compromise is far-reaching; by embedding malware into legitimate software updates via a supply chain attack, this further deteriorates the effectiveness and erodes the trust in the use of endpoint monitoring and detection and response solutions as a viable means of protecting an organization’s network and data from attacks.  In this instance, anyone using the affected SolarWinds Orion Platform updates maybe have been open to hacker attack since early Spring of this year.  

SolarWinds,  through its investor filings, has alerted that as many as 18,000 of its 300,000 customers may have been compromised;  which could be just the tip of the iceberg.  Going forward and looking to 2021, we feel that there will continue to be massive fall-out and data breaches from this hack that will have a global effect on both governments and enterprises still relying on high touch solutions that are installed on the endpoint.  And this is not all.  More recently, many tech giants such as Cisco, Intel, Nvidia, Microsoft, Visa, MasterCard, to name some names, were shown to have been targeted and may have already been compromised and so they are rushing to close holes and remediate where needed.

What does this mean going forward? And can a similar attack be prevented?

Now that the SolarWinds compromise has been detected, this should heighten security analysts’ awareness to these types of attacks and should hopefully make it harder for hackers to perpetrate a compromise such as this.   However, much of the activity surrounding this attack continues to fall in the Detect and Remediate category, which is both costly from a time and resources viewpoint and is an “after the fact” response; basically having to clean up the network and eradicate the malware from any devices that have been infected.

Unfortunately, the reason why this attack was so severe is because it came from a “trusted” source, targeting the DLL of SolarWinds and moving throughout the network from there.  This targeted endpoints, which continue to be the weakest points within a network and which are usually the hardest to secure.  For network security to be effective, it needs to be able to stop malicious content before it can  hit the endpoint.

It is because of the inherent weakness that endpoints have within networks that calls for the need for a “zero-trust” approach to security where EVERYTHING should be scanned in order to ensure that it is secure.  Even if a device within a network has previously been known as being “secure”, one never knows if it has been compromised at some point.  And so the “zero-trust” approach would continue scanning the content both going in and out of the device to ensure that any malicious content that might have infiltrated the device does not move further than the device itself. 

The SolarWinds attack continues to strengthen Wedge’s position that the Detect and Remediate approach to network security, especially with high security requirements such as those for governments, is not truly viable.  We continue to champion Real-time Threat Prevention with our Wedge Absolute Real-time Protection platform, which is a network-based solution that orchestrates a wide variety of industry-best security functions and patented technologies such as Deep Content Inspection, that can scan EVERYTHING for greater visibility of content flowing through the network.  This works in combination with SubSonic and GreenStream technologies, providing real-time performance in high throughput networks, and AI / Machine Learning for the ability to detect novel and previously unknown malware.  By providing Real-time Threat Prevention, malware such as this, is detected and blocked at the network before they can do any harm.  This secures the network as well as all endpoint devices connected to the network by detecting and blocking all malicious content so that there is no “patient zero”.  This not only allows organizations to save on remediation costs but also enables them to make better and more efficient use of the resources that have.

A quick analogy that describes the detect and remediate way of doing things would be akin to asking question “ what is the value of living in a gated community when you still have to fight intruders in your bedroom because the gate continues to allow these intruders in?”.  Such is the case of solutions that rely on sandboxes to provide a verdict on the safety of content only after having already let it through to the endpoint and causing “patient zero”.

At this point, the compromised SolarWinds update file has been identified and most AM/AV solutions should be able to detect and block the malware going forward.  However, any sort of variations of the malware and zero-days would not yet be fingerprinted and could pass through these solutions.  That is where WedgeARP’s incorporation of both a patented Deep Content Inspection engine, orchestrating best-in-breed security services with AI / Machine Learning can enable the ability to provide real-time threat PREVENTION; detecting even unknown malware variants and blocking them before they can do any harm.

What about if there are already infected endpoints within the network?  What are the benefits of utilizing WedgeARP after the intrusion has already taken place?

With the SolarWinds compromise, the biggest threat appears to be the potential theft of information and data leakage from infected endpoints, as well as hackers being allowed to access the confidential information therein.  As in the FireEye case, they had their “Red Team” toolkit stolen.  What happens if an organization decides to deploy WedgeARP while there are still infected endpoints in the network?  The good thing is that WedgeARP has two-way scanning; looking at both inbound and outbound traffic for malicious content – WedgeARP SCANS EVERYTHING!  If there is malware within the network that is trying to “call home”, these communications would be detected and prevented from occurring; effectively cutting off communications between the malware inside the network and the Command and Control server that may be trying to control it.  Combine this with the East-West content scanning that can be enabled within the network and WedgeARP, with its WedgeIQ analytics platform, becomes a powerful tool for analysts to more easily detect which endpoints have been compromised and make remediation much easier.

To find out more about WedgeARP and the benefits that Real-time Threat Prevention has over the typical Detect and Remediate methodology , please contact us at: info@wedgenetworks.com. Our team will be happy to answer your questions and provide an introduction to the WedgeARP platform.

Posted in Industry News, Latest Security News | Tagged , , , , , , , , , , , | Leave a comment