SAN FRANCISCO (PRWEB) March 04, 2019
At the RSA Conference 2019 today, VeriClouds announced it has launched a hardware device that extends its line of compromised credentials detection services. The new device adds another layer of protection and improves the security and privacy of detecting compromised credentials.
VeriClouds Local Service Device is the next generation of devices that protects organizations through a Zero Trust approach.
- Compare credentials in the state they are in – organizations can use their hashed and salted passwords as is and do the comparison with VeriClouds’ data repository.
- Maintain security of your data at all times – the device will be delivered to the customer and will run inside the customer’s network without a connection to the outside. VeriClouds or any other third party will not have a way to access the device or any data stored on the device.
- Protect against insider threats - VeriClouds' device enables its clients to protect against insider threats in the case of a rogue employee trying to access VeriClouds’ service with malicious intent. All data is protected with AES 256 encryption while in transit, at rest, and in use.
“We’ve created this service specifically for our most privacy and security-conscious customers. Now they can compare their hashed passwords inside their cloud or on-premise infrastructure. Such capability opens up the door for many new use cases that were previously not possible for privacy and security reasons,” said Stan Bounev, Chief Customer Success Officer of VeriClouds.
The Local Service Device is capable of comparing credentials without being connected to the Internet. The whole process happens at VeriClouds customers’ environment, and VeriClouds does not have a connection to the device by design. The new device enables hashed and salted passwords to be compared between an offline copy of the customer’s credentials database and VeriClouds device in a secure environment without any data leaving VeriClouds’ customers local network.
Privacy and security compliance have taken a key role in the design of the detection process. Many organizations have their own internal regulations around storing, querying and transmitting credentials data. VeriClouds Local Service Device fills that void by engineering its device around the key privacy and security principles available today.
VeriClouds device can be used in real-time use cases to detect leaked credentials during the full customer lifecycle – from account setup to authentication to password reset.
The Local Service Device uses patent pending technology and runs on a specially designed hardware device, which uses Intel® Software Guard Extensions (Intel® SGX) to protect the sensitive credential verification process and the billions of leaked user passwords and credentials.
“Using Intel SGX allowed us to bring the cost significantly down for our customers, compared to other TEE-options, such as HSM, while maintaining the highest level of security,” said Rui Wang, CTO of VeriClouds.
Learn more about VeriClouds Local Service Appliance
For more information about VeriClouds Local Service appliance visit: https://vericlouds.com/local-device/
Learn More About Intel SGX
For more information about Intel SGX visit: software.intel.com/en-us/sgx
For Support send an email to: intel.com/content/www/us/en/support/contact-support.html#@11
VeriClouds is a credential verification services company helping organizations detect compromised credentials before hackers do, using the same data attackers do, proactively monitoring the dark web and systematically reducing user-centric risk. VeriClouds provides the best approach for eliminating the biggest cause of massive data breaches, the weak and/or stolen password. VeriClouds was founded in 2014 by Rui Wang, a former security researcher at Microsoft with a PhD in cyber security, and Stan Bounev, a successful entrepreneur with over 17 years of corporate and startup experience. VeriClouds has built one of the largest and most secure commercially available databases of known compromised credentials collected from the dark web and diverse data sources using privacy preserving principles and strong encryption. For more information, visit https://www.vericlouds.com or follow us on Twitter @VeriClouds.