Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

4/1/2019
01:12 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Security Approach Prevents Data Theft By Imposing Limits on Data Travel, Preventing Unauthorized Access to High Value Servers

HopSphere Radius Security Applies Standard Routing Principles to "Put Data on a Leash," restricting critical data from going to dangerous or untrusted destinations

AUSTIN, TX – March 28, 2019 – HOPZERO Corporation, pioneers of intelligent data containment based on routing distance, today announced the availability of its unique flagship product, HopSphere Radius Security.  Available immediately, the new product addresses the seemingly unstoppable data breach pandemic, addressing challenges of insider abuse and compliance requirements. HopSphere Radius Security imposes absolute travel limits for data packets based on security policy and machine learning of what distance is normal, allowable and safe.

Designed specifically for use by data owners and InfoSec managers, HopSphere Radius Security represents an agentless endpoint security solution that proactively identifies data compromises and prevents undetected exfiltration. Unlike firewalls that don’t detect or stop data exfiltration and are prone to configuration error, HOPZERO proactively constrains information from traveling outside an organization’s network by leveraging existing security and network infrastructure. 

Reversing the direction of IDS (Intrusion Detection Systems) and IPS (Intrusion Prevention Systems), HOPZERO stops data from leaving an organization opposed to data entering an organization.   HopSphere Radius Security introduces EDS/EPS (Exfiltration Detection/Prevention) technology that compliments IDS/IPS providing a powerful enterprise exfiltration security solution.

“The data breach crisis grows increasingly worse, and traditional means of security have proven largely ineffective at stopping a determined cybercriminal, activist or rogue insider,” said HOPZERO founder and CEO, Bill Alderson.  “HOPZERO utilizes immutable networking principles to effectively put high value data on a leash and govern how far it can go. Unlike anything available today, this method represents a whole new way of implementing security to safeguard valuable assets.”

HopSphere Radius Security utilizes a unique approach to network security by setting data lifespan “hop” routing limiting how far servers can reach or be reached. In networking, hop distance refers to the total number of routers, from source to destination—that a packet passes through. HopSphere Radius Security is designed to protect mission critical systems.

These critical systems, such as high value databases, are limited to communicate with only previously determined neighbors.  By monitoring normal traffic, HopSphere Radius Security builds custom neighborhoods keeping unauthorized users—even those within the company—out of protected servers. The product effectively cloaks the server, making it invisible and unapproachable to the would-be attacker, while sending an alarm to the security team detailing where the unsuccessful attack is coming from. The alarm captures the IP address of the attempting station identifying the attacker and storing evidence of the attempt for remediation and potential legal action.

This method of reducing data travel distance results in fewer reachable devices, proven mathematically, to shrink the potential attack surface. Accessibility to fewer global network devices means fewer hackers can reach, or be reached, by a target computer or server, improving security. Access to designated servers may be limited to a hop count or radius that only enables internal access or connections to a smaller “sphere of trust”—a fundamentally new approach to security. HopSphere Radius Security makes it impossible to access systems directly from outside the sphere of trust created by the lower packet lifetime.

"The HOPZERO product offers great value to organizations who are concerned about data loss", said Kerry Kelley, former CIO of US Strategic Command. Now a private consultant working in the security industry, Kelley says,  "With HOPZERO, the attack surface can be deterministically reduced, and data fully protected using the novel approach of router hop count in a game-changing way of turning the tables on would-be attackers."

HopSphere Radius Security helps organizations assess risk and meet compliance requirements. With it, organizations can comply with privacy and data storage laws and regulations. For cloud environments, HopSphere Radius Security could be used to show where a cloud hosting company, CDN or other partner or provider is sending or storing an organization’s data. Particularly useful is HOPZERO’s one click GDPR filter which maps where any GDPR data is collected by an organization’s servers. One GDPR compliance company, https://icomply365.com/ uses HOPZERO’s solution to vet which servers are collecting information subject to GDPR.

HopSphere Radius Security is a cloud-based solution that complements existing security and networking hardware without requiring changes to individual components. The system is easily implemented by the HOPZERO support team without the use of endpoint software agents. In an emergency breach situation, HOPZERO can have their system up and running in less than one hour to quickly identify potential hackers.

About HOPZERO

HOPZERO is the pioneer of a revolutionary SaaS solution that secures information by controlling the distance it can travel. HOPZERO “puts data on a leash,” long enough to do business yet short enough to prevent compromise. HOPZERO is headquartered in Austin, Texas.   See in 90 seconds how HOPZERO Thwarts Phishing at hopzero.com/videosor review a ground-breaking assertion of mathematical proof that reduction in attack surface improves security risk at hopzero.com/whitepaper.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/28/2020
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Can you smell me now?
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11844
PUBLISHED: 2020-05-29
There is an Incorrect Authorization vulnerability in Micro Focus Service Management Automation (SMA) product affecting version 2018.05 to 2020.02. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.
CVE-2020-6937
PUBLISHED: 2020-05-29
A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion.
CVE-2020-7648
PUBLISHED: 2020-05-29
All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users who have access to Snyk's internal network by appending the URL with a fragment identifier and a whitelisted path e.g. `#package.json`
CVE-2020-7650
PUBLISHED: 2020-05-29
All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. It allows arbitrary file reads to users with access to Snyk's internal network of any files ending in the following extensions: yaml, yml or json.
CVE-2020-7654
PUBLISHED: 2020-05-29
All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG.