Welcome!

Microservices Expo Authors: Dan Blacharski, Yeshim Deniz, Mehdi Daoudi, AppNeta Blog, Elizabeth White

News Feed Item

Forum Systems Achieves Industry-First International Security Certification

Setting a New Bar in Cloud Security, Forum Sentry is the Only API Gateway to Attain Network Device Protection Profile Compliance

BOSTON, Aug. 13, 2014 /PRNewswire/ -- Forum Systems Inc. today announced that Forum Sentry is the world's first API Gateway to achieve Network Device Protection Profile (NDPP) compliance.

In order to facilitate NDPP conformance, Forum Systems pursued a rigorous certification program with Corsec Security, Inc., the largest independent validation consultant in the security industry. The NDPP compliant designation builds on Forum Sentry's FIPS 140-2 certification foundation, reaffirming Forum Systems' commitment to delivering industry-leading API and cloud security gateway technology for protecting XML-, JSON-, SOAP- and HTML-traversing cloud, mobile and enterprise infrastructure traffic.

Although Common Criteria Evaluation Assurance Level 4 (EAL 4) has become the de facto standard for evaluation, the generic EAL 4 requirements may not be relevant, achievable and repeatable in all cases. The creation of technology-specific Protection Profiles with their own set of security assurance requirements can offer more targeted assurance with achievable, repeatable and testable requirements. Protection Profile compliance can require assurances and testing more rigorous than standardized EALs. In cooperation with other countries, the United States has initiated an evaluation paradigm where achieving success for certain IT products requires a transition to Protection Profile compliance and a move away from EALs.

Now "PP Compliant," Forum Sentry is the industry's only FIPS 140-2 NDPP-certified API Gateway for enabling secure connectivity between users, applications and the cloud. The first Layer 4-7 device to achieve NDPP security certification, it holds the industry's only patent for cryptographic acceleration of security processing.

"Improving cloud security is a massive challenge – but also represents a multibillion-dollar global opportunity for companies dedicated to delivering new, powerful and innovative solutions. Last summer, the Information Technology & Innovation Foundation forecasted that U.S. cloud computing providers could lose up to $35 billion in sales through 2016 based on escalating customer privacy and security concerns," said Mamoon Yunus, CEO of Forum Systems. "Entropy for random number generation is the cornerstone of strong cryptography. And Forum Sentry offers the highest level entropy coupled with hardened key protection to provide security assurance to those enterprise organizations hesitant to migrate to the cloud. We are excited to partner with Corsec to showcase Forum Sentry – the most hardened platform that delivers the industry's strongest cryptography."

"We have worked with Forum Systems for more than 10 years, making the rigorous security validation process easier, faster and more efficient so that Forum could focus on its core business objective – continuing to deliver strategic solutions to its customers," said Matthew Appler, CEO of Corsec. "We are pleased to team with Forum Systems to help this innovative company achieve NDPP certification and validate Forum Sentry's cryptographic capabilities in an evaluation that focused on technology-specific, tailored assurance requirements."

Processing and securing more than 10 billion transactions per day worldwide, Forum Sentry significantly reduces the cost and complexity of centralizing security, identity and governance for hundreds of global organizations, including some of the world's largest federal agencies. With the industry's most comprehensive built-in support for data formats and communication protocols, Forum Sentry enables companies to rapidly integrate internal SOA and external RESTful systems.

Last fall, Forum Systems significantly enhanced Forum Sentry with features including intelligent edge caching for network optimization, Amazon S3 integration for secure enterprise-to-cloud storage and expanded OAuth 2.0 support to simplify mobile SSO. Forum Sentry remains the industry's only FIPS 140-2 secured edge caching solution that provides tight integration with all enterprise-class identity stores to satisfy mobile users' demand for anytime, anywhere access while ensuring the highest levels of network security.

Additional Resources

About Corsec
Corsec is the world's leading certification solution. Corsec's 15-year track record includes more than one million hours of validation services delivered, more than 350 completed certifications, and hundreds of clients on five continents. For more information, visit corsec.com.

About Forum Systems
Forum Systems, a wholly owned subsidiary of Crosscheck Networks, Inc., is the innovation leader in API and cloud gateway technology. The industry's most comprehensive solution for centralized security, identity and governance for SOA, REST and mobile communications, Forum Sentry enables comprehensive threat mitigation and trust enablement, providing enterprises and government organizations worldwide with the foundation for achieving Secure Service Mediation. Processing more than 10 billion transactions per day worldwide, the NDPP-, FIPS- and DoD-certified Forum Sentry API Security Gateway delivers unparalleled protection against HTML-, XML-, SOAP- and REST-based vulnerabilities. Notably, Forum Systems products provide simplified integration and task processing with over 100 built-in, standards-based processing tasks. For more information, please visit www.forumsys.com.

All product and company names herein may be trademarks of their respective owners.

SOURCE Forum Systems Inc.

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@MicroservicesExpo Stories
When you decide to launch a startup company, business advisors, counselors, bankers and armchair know-it-alls will tell you that the first thing you need to do is get funding. While there is some validity to that boilerplate piece of wisdom, the availability of and need for startup funding has gone through a dramatic transformation over the past decade, and the next few years will see even more of a shift. A perfect storm of events is causing this seismic shift. On the macroeconomic side this ...
Developers want to create better apps faster. Static clouds are giving way to scalable systems, with dynamic resource allocation and application monitoring. You won't hear that chant from users on any picket line, but helping developers to create better apps faster is the mission of Lee Atchison, principal cloud architect and advocate at New Relic Inc., based in San Francisco. His singular job is to understand and drive the industry in the areas of cloud architecture, microservices, scalability ...
A Man in the Middle attack, or MITM, is a situation wherein a malicious entity can read/write data that is being transmitted between two or more systems (in most cases, between you and the website that you are surfing). MITMs are common in China, thanks to the “Great Cannon.” The “Great Cannon” is slightly different from the “The Great Firewall.” The firewall monitors web traffic moving in and out of China and blocks prohibited content. The Great Cannon, on the other hand, acts as a man in the...
This recent research on cloud computing from the Register delves a little deeper than many of the "We're all adopting cloud!" surveys we've seen. They found that meaningful cloud adoption and the idea of the cloud-first enterprise are still not reality for many businesses. The Register's stats also show a more gradual cloud deployment trend over the past five years, not any sort of explosion. One important takeaway is that coherence across internal and external clouds is essential for IT right n...
Cloud promises the agility required by today’s digital businesses. As organizations adopt cloud based infrastructures and services, their IT resources become increasingly dynamic and hybrid in nature. Managing these require modern IT operations and tools. In his session at 20th Cloud Expo, Raj Sundaram, Senior Principal Product Manager at CA Technologies, will discuss how to modernize your IT operations in order to proactively manage your hybrid cloud and IT environments. He will be sharing be...
Back in February of 2017, Andrew Clay Schafer of Pivotal tweeted the following: “seriously tho, the whole software industry is stuck on deployment when we desperately need architecture and telemetry.” Intrigue in a 140 characters. For me, I hear Andrew saying, “we’re jumping to step 5 before we’ve successfully completed steps 1-4.”
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...
To more closely examine the variety of ways in which IT departments around the world are integrating cloud services, and the effect hybrid IT has had on their organizations and IT job roles, SolarWinds recently released the SolarWinds IT Trends Report 2017: Portrait of a Hybrid Organization. This annual study consists of survey-based research that explores significant trends, developments, and movements related to and directly affecting IT and IT professionals.
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
NHK, Japan Broadcasting, will feature the upcoming @ThingsExpo Silicon Valley in a special 'Internet of Things' and smart technology documentary that will be filmed on the expo floor between November 3 to 5, 2015, in Santa Clara. NHK is the sole public TV network in Japan equivalent to the BBC in the UK and the largest in Asia with many award-winning science and technology programs. Japanese TV is producing a documentary about IoT and Smart technology and will be covering @ThingsExpo Silicon Val...
Cloud Expo, Inc. has announced today that Aruna Ravichandran, vice president of DevOps Product and Solutions Marketing at CA Technologies, has been named co-conference chair of DevOps at Cloud Expo 2017. The @DevOpsSummit at Cloud Expo New York will take place on June 6-8, 2017, at the Javits Center in New York City, New York, and @DevOpsSummit at Cloud Expo Silicon Valley will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Is your application too difficult to manage? Do changes take dozens of developers hundreds of hours to execute, and frequently result in downtime across all your site’s functions? It sounds like you have a monolith! A monolith is one of the three main software architectures that define most applications. Whether you’ve intentionally set out to create a monolith or not, it’s worth at least weighing the pros and cons of the different architectural approaches and deciding which one makes the most s...
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...
In large enterprises, environment provisioning and server provisioning account for a significant portion of the operations team's time. This often leaves users frustrated while they wait for these services. For instance, server provisioning can take several days and sometimes even weeks. At the same time, digital transformation means the need for server and environment provisioning is constantly growing. Organizations are adopting agile methodologies and software teams are increasing the speed ...
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, will discuss how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He will discuss how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor – all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
Software as a service (SaaS), one of the earliest and most successful cloud services, has reached mainstream status. According to Cisco, by 2019 more than four-fifths (83 percent) of all data center traffic will be based in the cloud, up from 65 percent today. The majority of this traffic will be applications. Businesses of all sizes are adopting a variety of SaaS-based services – everything from collaboration tools to mission-critical commerce-oriented applications. The rise in SaaS usage has m...
The proper isolation of resources is essential for multi-tenant environments. The traditional approach to isolate resources is, however, rather heavyweight. In his session at 18th Cloud Expo, Igor Drobiazko, co-founder of elastic.io, drew upon his own experience with operating a Docker container-based infrastructure on a large scale and present a lightweight solution for resource isolation using microservices. He also discussed the implementation of microservices in data and application integrat...
We'd all like to fulfill that "find a job you love and you'll never work a day in your life" cliché. But in reality, every job (even if it's our dream job) comes with its downsides. For you, the constant fight against shadow IT might get on your last nerves. For your developer coworkers, infrastructure management is the roadblock that stands in the way of focusing on coding. As you watch more and more applications and processes move to the cloud, technology is coming to developers' rescue-most r...
2016 has been an amazing year for Docker and the container industry. We had 3 major releases of Docker engine this year , and tremendous increase in usage. The community has been following along and contributing amazing Docker resources to help you learn and get hands-on experience. Here’s some of the top read and viewed content for the year. Of course releases are always really popular, particularly when they fit requests we had from the community.