Welcome!

Microservices Expo Authors: Liz McMillan, Pat Romanski, Elizabeth White, Stackify Blog, Andreas Grabner

News Feed Item

Forum Systems Achieves Industry-First International Security Certification

-- Setting a New Bar in Cloud Security, Forum Sentry is the Only API Gateway to Attain Network Device Protection Profile Compliance

BOSTON, Aug. 13, 2014 /PRNewswire/ -- Forum Systems Inc. today announced that Forum Sentry is the world's first API Gateway to achieve Network Device Protection Profile (NDPP) compliance.

In order to facilitate NDPP conformance, Forum Systems pursued a rigorous certification program with Corsec Security, Inc., the largest independent validation consultant in the security industry. The NDPP compliant designation builds on Forum Sentry's FIPS 140-2 certification foundation, reaffirming Forum Systems' commitment to delivering industry-leading API and cloud security gateway technology for protecting XML-, JSON-, SOAP- and HTML-traversing cloud, mobile and enterprise infrastructure traffic.

Although Common Criteria Evaluation Assurance Level 4 (EAL 4) has become the de facto standard for evaluation, the generic EAL 4 requirements may not be relevant, achievable and repeatable in all cases. The creation of technology-specific Protection Profiles with their own set of security assurance requirements can offer more targeted assurance with achievable, repeatable and testable requirements. Protection Profile compliance can require assurances and testing more rigorous than standardized EALs. In cooperation with other countries, the United States has initiated an evaluation paradigm where achieving success for certain IT products requires a transition to Protection Profile compliance and a move away from EALs.

Now "PP Compliant," Forum Sentry is the industry's only FIPS 140-2 NDPP-certified API Gateway for enabling secure connectivity between users, applications and the cloud. The first Layer 4-7 device to achieve NDPP security certification, it holds the industry's only patent for cryptographic acceleration of security processing.

"Improving cloud security is a massive challenge – but also represents a multibillion-dollar global opportunity for companies dedicated to delivering new, powerful and innovative solutions. Last summer, the Information Technology & Innovation Foundation forecasted that U.S. cloud computing providers could lose up to $35 billion in sales through 2016 based on escalating customer privacy and security concerns," said Mamoon Yunus, CEO of Forum Systems. "Entropy for random number generation is the cornerstone of strong cryptography. And Forum Sentry offers the highest level entropy coupled with hardened key protection to provide security assurance to those enterprise organizations hesitant to migrate to the cloud. We are excited to partner with Corsec to showcase Forum Sentry – the most hardened platform that delivers the industry's strongest cryptography."

"We have worked with Forum Systems for more than 10 years, making the rigorous security validation process easier, faster and more efficient so that Forum could focus on its core business objective – continuing to deliver strategic solutions to its customers," said Matthew Appler, CEO of Corsec. "We are pleased to team with Forum Systems to help this innovative company achieve NDPP certification and validate Forum Sentry's cryptographic capabilities in an evaluation that focused on technology-specific, tailored assurance requirements."

Processing and securing more than 10 billion transactions per day worldwide, Forum Sentry significantly reduces the cost and complexity of centralizing security, identity and governance for hundreds of global organizations, including some of the world's largest federal agencies. With the industry's most comprehensive built-in support for data formats and communication protocols, Forum Sentry enables companies to rapidly integrate internal SOA and external RESTful systems.

Last fall, Forum Systems significantly enhanced Forum Sentry with features including intelligent edge caching for network optimization, Amazon S3 integration for secure enterprise-to-cloud storage and expanded OAuth 2.0 support to simplify mobile SSO. Forum Sentry remains the industry's only FIPS 140-2 secured edge caching solution that provides tight integration with all enterprise-class identity stores to satisfy mobile users' demand for anytime, anywhere access while ensuring the highest levels of network security.

Additional Resources

About Corsec
Corsec is the world's leading certification solution. Corsec's 15-year track record includes more than one million hours of validation services delivered, more than 350 completed certifications, and hundreds of clients on five continents. For more information, visit corsec.com.

About Forum Systems
Forum Systems, a wholly owned subsidiary of Crosscheck Networks, Inc., is the innovation leader in API and cloud gateway technology. The industry's most comprehensive solution for centralized security, identity and governance for SOA, REST and mobile communications, Forum Sentry enables comprehensive threat mitigation and trust enablement, providing enterprises and government organizations worldwide with the foundation for achieving Secure Service Mediation. Processing more than 10 billion transactions per day worldwide, the NDPP-, FIPS- and DoD-certified Forum Sentry API Security Gateway delivers unparalleled protection against HTML-, XML-, SOAP- and REST-based vulnerabilities. Notably, Forum Systems products provide simplified integration and task processing with over 100 built-in, standards-based processing tasks. For more information, please visit www.forumsys.com.

All product and company names herein may be trademarks of their respective owners.

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Microservices Articles
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every real-life scenario that a Kubernetes user might encounter? How do you leverage advanced scheduling techniques to shape and describe each scenario in easy-to-use rules and configurations? In his session at @DevOpsSummit at 21st Cloud Expo, Oleg Chunikhin, CTO at Kublr, answered these questions and demonstrated techniques for implementing advanced scheduling. For example, using spot instances and co...
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually need them. However, the concept of skeuomorphism can be thought of as relating more broadly to applying existing patterns to new technologies that, in fact, cry out for new approaches. In his session at DevOps Summit, Gordon Haff, Senior Cloud Strategy Marketing and Evangelism Manager at Red Hat, discussed why containers should be paired with new architectural practices such as microservices rathe...
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, will discuss how to use Kubernetes to setup a SaaS infrastructure for your business. Mike Johnston is an infrastructure engineer at Supergiant.io with over 12 years of experience designing, deploying, and maintaining server and workstation infrastructure at all scales. He has experience with brick and mortar data centers as well as cloud providers like Digital Ocean, Amazon Web Services, and Rackspace....
SYS-CON Events announced today the Kubernetes and Google Container Engine Workshop, being held November 3, 2016, in conjunction with @DevOpsSummit at 19th Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA. This workshop led by Sebastian Scheele introduces participants to Kubernetes and Google Container Engine (GKE). Through a combination of instructor-led presentations, demonstrations, and hands-on labs, students learn the key concepts and practices for deploying and maintainin...
Docker is sweeping across startups and enterprises alike, changing the way we build and ship applications. It's the most prominent and widely known software container platform, and it's particularly useful for eliminating common challenges when collaborating on code (like the "it works on my machine" phenomenon that most devs know all too well). With Docker, you can run and manage apps side-by-side - in isolated containers - resulting in better compute density. It's something that many developer...
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is foundational - something customers routinely cite as a top pain point. In his session at @DevOpsSummit at 21st Cloud Expo, Bill Borsari, Head of Systems Engineering at Datera, explored how organizations can reap the bene...
As software becomes more and more complex, we, as software developers, have been splitting up our code into smaller and smaller components. This is also true for the environment in which we run our code: going from bare metal, to VMs to the modern-day Cloud Native world of containers, schedulers and micro services. While we have figured out how to run containerized applications in the cloud using schedulers, we've yet to come up with a good solution to bridge the gap between getting your contain...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
DevOps is speeding towards the IT world like a freight train and the hype around it is deafening. There is no reason to be afraid of this change as it is the natural reaction to the agile movement that revolutionized development just a few years ago. By definition, DevOps is the natural alignment of IT performance to business profitability. The relevance of this has yet to be quantified but it has been suggested that the route to the CEO’s chair will come from the IT leaders that successfully ma...
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually need them. However, the concept of skeuomorphism can be thought of as relating more broadly to applying existing patterns to new technologies that, in fact, cry out for new approaches. In his session at DevOps Summit, Gordon Haff, Senior Cloud Strategy Marketing and Evangelism Manager at Red Hat, will discuss why containers should be paired with new architectural practices such as microservices ra...