FireEye, an advanced cyber attack prevention specialist, has announced the official opening of a research and development (R&D) centre in Dresden, Germany, for tomorrow. The FireEye European R&D team will conduct advanced mathematical research through techniques known as 'formal methods' to validate the security of the FireEye endpoint technology. The centre will initially host 15 researchers and has partnered with Technische Universität Dresden according to CBR - How One Company is Using Maths to Beat the Hackers.
It's good to see formal methods - the mathematical techniques used to verify safety-critical software - being applied to security in a commercial setting. Malvern-based company D-RISQ are also applying formal methods technology based on many years of research.
An unusual and interesting international IP deal in cyber security. Espion, a cyber security business in Ireland with interests in digital forensics and security awareness, has licensed its IP to Versai, a Canadian firm. The IP comprises a self-signature-creating AI algorithm which makes up the core of VersAi’s product line for inbound threat detection and prevention, as well as outbound policy and content security. Originally designed as a hybrid AI algorithm, borrowing from both symbolic (probabilistic reasoning, logic) and non-symbolic (machine learning, fuzzy logic, pattern detection) approaches, the technology has apparently been commercially proven and tested over 11 years as an email and content security gateway.
Bit9, an endpoint security vendor has announced it has raised $38million in investment and also acquired 'Carbon Black'. The interesting thing about Bit9 is its claim to have stopped some of the most advanced attacks seen in recent years such as Flame, Gauss and the malware responsible for the RSA breach. I also like the sound of 'Carbon Black', not a company I have heard of before, but their website says they "prepare your digital enterprise for the inevitable compromise by collecting, and retaining, precisely the data that incident responders need to answer the critical questions of any investigation" - which is a key part of enterprise forensic readiness.
This could be interesting but given the failure of 'standards' in IT generally I guess we will have to wait and see - Password-free online authentication a step closer - a report in Computer Weekly looks at the Fido (Fast IDentity Online ) Alliance protocol, aimed at helping companies eliminate passwords in favour of multi-factor identity checks using a variety of alternatives.