Identity and Trust Assurance encryption, verification and authentication

Comodo Encryption Journal

Subscribe to Comodo Encryption Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Comodo Encryption Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

Inventorying PKI Certificates Easier Than Ever with Comodo Discovery Scanning Jersey City, NJ, September 15, 2009 - Enterprises have hundreds, or even thousands, of SSL certificates installed across their global networks. Such large and distributed deployments beleaguer managers with the immense task of administering this important layer of security. Comodo Certificate Manager has been enhanced with Comodo Discovery Agent, to enable internal networks and certificates to be inventoried, recording all accessible SSL/TLS certificates, regardless of issuing CA. When IT professionals are given the charge of reducing the cost of their SSL certificate inventory, they may have no idea how to find all of the certificates their organization has deployed. The lack of reliable information can lead to excessive costs, security lapses and inopportune certificate expirations. Comodo... (more)

Comodo Innovations at SC World Congress October 13 and 14

Jersey City, NJ, September 29, 2009 - Comodo Group will exhibit its landscape of products at the SC World Congress, a trade show for information technology professionals in New York City, October 13 and 14, 2009. Comodo products being demonstrated include Comodo Endpoint Security Manager, which now includes Disk Encryption at no extra charge. Comodo Endpoint Security Manager offers centralized administration of the award-winning Comodo antivirus, firewall and disk encryption software. Endpoint Security Manager also offers a new Offline Updater, permitting administrators to schedule security updates for an entire network. Other Comodo products being demonstrated include Discovery Scanning, an automated inventory of all SSL certificates on a corporate network, and the hardware-free Two-factor Authentication used for regulatory compliance. Comodo Two Factor now has a f... (more)

Comodo Backup, Free Utility, Safeguards Computer Information in Two Ways

Comodo Backup Encrypts and Safeguards Data, Optimizes File Space Jersey City, NJ, November 03, 2009 - In October, Sidekick users experienced the acute distress of losing their data files—apparently forever. If corporate networks lose information, their pain is magnified. The number and size of the files lost may be thousands or millions times greater. The loss may even kill the patient, shutting down a business permanently. Comodo Backup 2.1 protects against data loss crises by taking real-time backups of user data, with more flexibility and control than ever, and still for free. New features in Comodo Backup include step-by-step wizards to guide even novice users through the entire backup, restore and scheduling procedures, and real-time backups. The synchronization feature creates real-time backups by copying files over as soon as they are modified. Granular schedul... (more)

Veracode State of Software Security Report

With the trend of targeted cyber attacks along with the exploitation of common vulnerabilities such as SQL Injection, it is clear that the core software infrastructure of several critical industries remains extremely vulnerable. Released today, the Veracode “State of Software Security Report: Volume 3” uncovered that those security vendors tasked with protecting enterprises are often the most at risk due to the poor quality of their very own software applications. In fact, 72 percent of security products and services applications analyzed in this report failed to meet acceptable levels of security quality. In its most recent State of Software Security report, Veracode analyzed 4,835 applications that were submitted to its cloud-based application security testing platform for independent security verification. That number is nearly double from the previous report (S... (more)

Pragmatic Web Services Security Today - Simple strategies for securing and monitoring Web services

Concerns about security are cited as the single largest barrier to rapid Web services adoption. Yet most Web services today are fairly straightforward point-to-point integrations that can be securely implemented using only digital certificates and the Secure Sockets Layer (SSL) protocol. Regardless of security strategy, enterprises are well advised to monitor their Web services to ensure security has not been compromised. Taken together, widely available standard security technologies and active monitoring provide a sensible approach to the majority of today's Web service security challenges. This article describes how to use these technologies to secure the most common deployments of Web services quickly and easily. I'll close with a brief introduction of WS-Security and how this emerging standard relates to what you do and do not get with SSL. Web Services Securit... (more)

Comodo Says Send Email, Not Postcards Scrawled in Pencil

"If it's urgent enough to send in a business email, it's usually something you don't want others to see," said Melih Abdulhayoglu, Chief Security Architect and CEO of Comodo Group, Inc., a leading Internet security company. "Most emails are not secure messages. To a moderately skilled person, inside the organization or out, they are as easy to read or even to change, as a postcard written in pencil." Emails do not reach their recipients directly. The senders have no control over the route their emails take, from server to server, to their destinations. Anyone between the sender and recipient could intercept messages, read them, change them, redirect them, or delete them. "Email leaks are always humiliating when you finally detect them. And if your competition detects them first, you can lose valuable information." To allow email users to control their confidential mes... (more)

Comodo Releases NOC Monkey 2.0 Beta 2

Comodo, a global Certification Authority, announced that it has released the next generation of its remote web-based server provisioning software NOC Monkey 2.0 beta 2 through their Web Hosting and server automation division PSOFT (Positive Software). NOC Monkey is a web-based tool for remote server management. It simplifies dedicated server maintenance in data centers by providing administrators with a simple web interface to install operating systems remotely; reinstall servers and recover them from file-system crashes and change root passwords without having to connect the console. The range of new features in NOC Monkey 2.0 beta 2 includes support for the Linux Logical Volume Manager. LVM allows administrators to re-partition servers 'on-the-fly' without the need to stop the server first to back it up and comes as default with most modern Linux distributions. Addi... (more)

Online Encryption: Roots Are Showing

Jersey City, NJ, December 15, 2009 - In X.509 encryption, discriminating buyers check to be sure that certificate roots are well-protected. Certificate owners also check the distribution of the roots: can they be found in as many of the major browsers as possible? Owners aim for widespread distribution across all browsers. Public Key Infrastructure (PKI) certificates allow computer users to encrypt information, scrambling it so that only someone with access to the certificate owner's key can unscramble it. The key itself is scrambled, as is the key used to scramble it, and so on back to the document that contains the original key, a long string of alphanumeric characters. The document that contains that string is called the root certificate. The root certificate must be kept secure, because millions of digital certificates use it to encrypt or digitally sign billions... (more)

Comodo Code Signing Certificate Supports Mozilla Standards

Comodo code-signing certificates enable developers to sign Mozilla extensions or "Add-ons" for a wide variety of different operating systems such as Microsoft Windows, Mac OS X and Linux. Mozilla applications recognize XPIs as "trusted" when they are signed with a Comodo Code-Signing certificate. XPI (pronounced "Zippy") is short for "Cross Platform Install." XPI enables Developers to create installer modules for their programs meant to enhance Mozilla applications such as Firefox, Thunderbird, Sea Monkey and Sunbird. Comodo Code-Signing certificates verify and authenticate the entity that has created the XPI file, allowing end users to trust their execution. Most browsers will not accept action commands from downloaded code unless the code is signed by a trusted Certificate Authority. An example of a trusted code-signing certificate, this one has been issued by Como... (more)

Comodo Drags Marketshare From Verisign

Comodo Inc., based in Jersey City, NJ, with additional offices in the UK, Japan, and Israel, has established itself as the second largest High Assurance Certification Authority, a market that provides SSL certificates to Internet businesses. Trailing clear industry leader Verisign, Comodo has nevertheless gained marketshare over the past nine months, according to the UK-based, Internet tracking company Netcraft. Comodo now has 16% of the SSL market, compared with Verisign’s 71%, and has gained 2 percentage points over the past nine months. The market itself grew by about 8% in this period, according to Comodo. “The SSL protocol, when delivered via an efficient and cost effective High Assurance authentication system continues to prove itself as an effective ubiquitous solution to the issue of privacy on the Internet”, said Melih Abdulhayoglu, CEO a... (more)

Data Breaches Pain IT Executives

Jersey City, NJ, December 17, 2009 - The US unemployment rate is so high that two US Senators have introduced the Employ America Act, aiming to cut back on alien workers hired on H1-B visas. With a 10%+ jobless rate, there is a lot of talented competition for work. If an IT executive loses a job because of a data breach, he or she might be out of work for a long time—without benefits. IT executives at ChoicePoint, Inc., looked like heroes when they reacted swiftly to a potential data breach in 2005. More often, though, leaky data pipes lead to unpleasant consequences for the executives responsible: from public outrage to protests and unemployment. HackerGuardian from Comodo helps IT executives detect and prevent catastrophic data losses. Consequences may be light. A public outcry at the Manchester City Council followed the announcement of the loss of two laptops con... (more)