FireEye, an advanced cyber attack prevention specialist, has announced the official opening of a research and development (R&D) centre in Dresden, Germany, for tomorrow. The FireEye European R&D team will conduct advanced mathematical research through techniques known as 'formal methods' to validate the security of the FireEye endpoint technology. The centre will initially host 15 researchers and has partnered with Technische Universität Dresden according to CBR - How One Company is Using Maths to Beat the Hackers.
It's good to see formal methods - the mathematical techniques used to verify safety-critical software - being applied to security in a commercial setting. Malvern-based company D-RISQ are also applying formal methods technology based on many years of research.
Wednesday, 5 March 2014
Friday, 21 February 2014
An unusual and interesting international IP deal in cyber security. Espion, a cyber security business in Ireland with interests in digital forensics and security awareness, has licensed its IP to Versai, a Canadian firm. The IP comprises a self-signature-creating AI algorithm which makes up the core of VersAi’s product line for inbound threat detection and prevention, as well as outbound policy and content security. Originally designed as a hybrid AI algorithm, borrowing from both symbolic (probabilistic reasoning, logic) and non-symbolic (machine learning, fuzzy logic, pattern detection) approaches, the technology has apparently been commercially proven and tested over 11 years as an email and content security gateway.
Tuesday, 18 February 2014
Bit9, an endpoint security vendor has announced it has raised $38million in investment and also acquired 'Carbon Black'. The interesting thing about Bit9 is its claim to have stopped some of the most advanced attacks seen in recent years such as Flame, Gauss and the malware responsible for the RSA breach. I also like the sound of 'Carbon Black', not a company I have heard of before, but their website says they "prepare your digital enterprise for the inevitable compromise by collecting, and retaining, precisely the data that incident responders need to answer the critical questions of any investigation" - which is a key part of enterprise forensic readiness.