Pwnie Express Advances Industry’s First Full Visibility and Threat Detection Platform for the Enterprise

Powerful Pwn Pulse, Pwn Pad Integration Secures Main Offices and Remote Sites Alike

BOSTON, MA–(Marketwired – Jul 28, 2015) – Pwnie Express, the world leader in remote security assessment, today announced advancements to its Pwn Pulse enterprise solution. Pwn Pulse is the industry’s first full visibility and threat detection platform that discovers and alerts to unknown or high-risk devices and their potential threats wherever they exist across an organization, whether at branch office or headquarters facilities. Now seamlessly integrated with Pwn Pad 3, Pwnie’s most powerful, commercial-grade penetration testing tablet, Pwn Pulse enables users to remotely, securely and effectively assess all sites in real time.

“In my line of work, it is especially critical that we have robust security tools that allow us to detect rogue devices, scan suspicious traffic, and conduct penetration testing in the most effective yet unobtrusive ways, and from any location,” said J.D. LeaSure, President, ComSec LLC, which specializes in technical surveillance countermeasures. “Pwn Pulse integrated with Pwn Pad 3 creates this perfect solution.”

The Pwn Pulse enterprise solution provides continuous visibility throughout the wired, WiFi, 4G/LTE cellular and Bluetooth spectrum, across all physical locations, including remote sites and branch offices, detecting “known-bad,” unauthorized, vulnerable, and suspicious devices in real time. Powered by easy-to-deploy, enterprise-class sensors, Pwn Pulse enables central management from a single cloud dashboard for scalable, continuous intelligence across the enterprise.

The powerful Pwn Pulse and Pwn Pad 3 integration enables security practitioners to conduct remote security assessments across all corporate facilities from a central cloud console. The flexibility this integration provides allows organizations to assess locations where a fixed sensor may not be realistic, such as SWAT or delivery vehicles, bases of military operations, and high risk targets such as politicians or executives. This many-to-one assessment capability allows for more frequent and cost-effective vulnerability scanning and testing of wired and wireless networks.

Pwn Pulse empowers organizations with:

  • Continuous Visibility: Continuously and automatically detect all wired, WiFi and Bluetooth devices in the vicinity of their premises, whether corporate headquarters or remote sites, providing complete threat visibility across the enterprise. Pwn Pulse provides immediately actionable data including a comprehensive list of network devices that may be noncompliant or harmful.
  • Discovery and Alerting for All Devices: Pwn Pulse maintains a baseline of all “known-bad,” unauthorized, vulnerable and suspicious devices and immediately identifies newly discovered unknown devices. Additionally, Pwn Pulse identifies and immediately alerts for known rogue, purpose-built malicious hardware devices and/or risky devices (e.g. misconfigured, default state, vulnerable, suspicious).
  • Centralized Management and Response Capabilities: Secure, centralized management with enterprise-class reporting empowers senior executives with critical knowledge for business decisions. Pwn Pulse is SIEM/WIPS compatible and provides effective rapid threat response that helps to “track and disable” devices, as well as auditing and validation of existing security controls, including enterprise wireless infrastructure and device management technologies.
  • Remote Assessment and Enforcement of Critical Controls: Pwn Pulse validates security policies, configurations and controls, and supports custom scripts to further test and validate security gaps revealed by routine vulnerability scans. Pwn Pulse provides a powerful, proactive way to respond to high probability threats and threat vectors with a full suite of pre-installed penetration testing tools.

“Today’s IT leaders are facing a losing battle with true ownership of the computing devices that comprise their infrastructure,” said Paul Paget, CEO, Pwnie Express. “All organizations, regardless of size, need to consider a rogue device detection and protection strategy that can ultimately help detect ‘known-bad,’ unauthorized, vulnerable, and suspicious devices. Pwn Pulse, along with its integration with Pwn Pad 3, puts IT leaders back in control of their networks by providing full visibility across distributed infrastructure, IT and physical security policy validation and mitigation capabilities against ever-increasing risks created by expanding environments.”

All of Pwnie’s technology for enterprises and security practitioners is backed by the powerful research of Pwnie Labs, the company’s security research and intelligence division. Pwnie Labs specializes in wireless and device analysis and detection techniques, contributes to open source security projects, supports the core infosec community, and establishes industry best practices for remote site penetration testing and device threat mitigation.

The Pwn Pulse enterprise solution is generally available and now fully integrated with the entirety of the Pwnie Express Mobile Line. Pricing for Pwn Pad 3 begins at $1,295 and can be integrated with Pwn Pulse for an annual subscription of $695. To learn more about introductory, bundled pricing offers, or to get a demo, please visit pwnieexpress.com/pwnpulse, contact sales@pwnieexpress.com or call (855) 793-1337.

About Pwnie Express
Pwnie Express is the world leader in remote security assessment, and the first company to empower organizations of all sizes with a full visibility and threat detection platform that discovers and alerts to unknown or high-risk devices and their potential threats wherever they exist on the network. Through its enterprise-class Pwn Pulse platform and its long-trusted Pwn Plug, Pwn Phone and Pwn Pad devices, Pwnie Express provides continuous visibility throughout the wired/wireless/RF spectrum, across all physical locations including remote sites and branch offices, detecting “known-bad”, unauthorized, vulnerable, and suspicious devices. Backed by the powerful security research of Pwnie Labs, Pwnie Express helps its customers reduce the attack surface created by the explosion of devices introduced by Bring Your Own Device (BYOD and the expansion of threat vectors brought on by the Internet of Things (IoT). It is headquartered in Boston, Massachusetts. To learn more, visitwww.PwnieExpress.com or @PwnieExpress.

 

(Original Post)

Beta Books and You

Regarding the new book, second in the Dissecting the Hack series, “Dissecting the Hack: The V3rb0t3n  Network.”

I have never run into any projects that started out in Beta, which you immediately realized were so flawless that they could go straight to production. After rushing out this book to make sure that it made it to you at Black Hat and DEF CON, I still have not seen any projects that have started out in Beta that are immediately flawless.

When I approached Syngress at the RSA Conference just a few months ago, I spoke to Chris over dinner and explained the very demanding demands for the book. It became clear very quickly that one of the most important ones was time. I wanted – no, needed – this book to be done and published by Black Hat and DEF CON of this year. It had been too long since the last one – the story of the reason for that delay is a saga all unto its own which we’re not going to get into here.

Amazingly – miraculously! – he said yes. They would give it a shot, they would do their best to meet those deadlines… which meant we would have to have the book sent to the publishers ASAP (this is in April), though the tireless Brian Baskin was still finishing up the technical section. With the hard work of everyone involved, we would still have it done and ready so that it would be able to go into processing (by the publishers) by June. This is a process that with a normal book takes months to do. Many eyes will look at it, many people will have a back and forth exchange about it, discovering minute errors in the production process and the text – making sure that it’s vetted and done the way it needs to be.

I asked them to do it in weeks. Needless to say, there were fewer eyes on it, fewer edits, fewer back and forths, and way less luxury of time to ensure that it was the final product that we would want to release to you. Therefore, it is my undeniable, somewhat questionable, pleasure to be able to tell you that for only the first 200 lucky buyers of the “limited edition” run that we have at Black Hat and DEF CON will be holding in their hands a collector’s item.

The content inside the book is intact. It’s a great story. It’s a great technical section (if I do say so myself). It just isn’t formatted to the specifications that a final product should be and will be. Even on Twitter (from the very beginning) I’ve always said that this was a pre-release, one-off run of the books just so it could make it to Black Hat and DEF CON.

In addition – and most importantly! – I would like to make a special note that the biggest error was to accidentally not have the names of Kristen Sims and Brian Baskin on the cover where they belong! I greatly appreciate all that they’ve done and you should know that this book would not be in your hands if not for the time and hard work that they’ve put in. So I’ve taken it upon myself to fix that immediately by purchasing stickers with all our names printed uniformly on it. That sticker will be placed over where my name (with an error in it as well) is on the book! Yes, we are patching our book in production… but it’s still only a beta so it should be fine!

So please enjoy the story. Please learn from the story. And please try not to giggle (too much) at the errors you will find in the book. I’ve never run away from owning up to my mistakes, and I believe I was over-ambitious to try and get this project done so quickly and to expect there would be no hiccups or mistakes. But just like Bob likes to say – “I’ve never let reality get in the way of me trying to accomplish something.”

And sometimes, that even succeeds.

See you at Black Hat, see you at DEF CON! Awkward hugs will be given out, and this version of the book will be available at the Pwnie Express booth…. for a very limited run (and at a discount). And after Black Hat and DEF CON, the final run will be edited, revised, and perfected!

Pwnie Express Named Finalist for MassTLC Technology Leadership Awards Innovative Technology of the Year – Security

Pwnie Express has been recognized as a finalist in this year’s Massachusetts Technology Council’s (MassTLC) 18th Annual Technology Leadership Awards http://masstlcawards.org/finalists/, representing the best of the region’s technology industry across 16 categories.  Pwnie Express and its Pwn Pulse solution is one of five finalists named in the Security category for Innovative Technology of the Year.

Pwn Pulse is the first full visibility and threat detection platform that discovers and alerts to unknown or high-risk devices and their potential threats wherever they exist across the organization, whether at branch office or headquarters facilities. This is done through a unique system of sensors, software and tools designed to allow users to remotely, securely and effectively assess all sites.

Pwn Pulse provides continuous visibility throughout the wired, WiFi and Bluetooth spectrum, across all physical locations including remote sites and branch offices, detecting “known-bad,” unauthorized, vulnerable, and suspicious devices. Powered by easy-to-deploy enterprise-class sensors, Pwn Pulse enables central management from a single cloud dashboard for scalable, continuous intelligence across the enterprise, as well as remote and branch locations.

The Massachusetts Technology Leadership Awards are considered to be one of the state’s most prestigious tech awards program.  Winners will be announced during the Awards Gala on September 16, 2015.

In a statement, Mass TLC President Tom Hopcroft offered the following about the awards program, “Massachusetts continues to be a world innovation leader, and the 18th annual MassTLC Leadership Awards recognizes our tech industry’s best-of-the-best—established leaders, high-growth companies and startups alike all blazing trails in important categories such as security, robotics and the Internet of Things. The people and organizations named as finalists for Technology Leadership Awards only scratch the surface of the breadth and depth of talent and innovative spirit here in the Bay State.”

Looming Rapid7 IPO highlights surge of Boston-area cybersecurity tech

beta Boston

Looming Rapid7 IPO highlights surge of Boston-area cybersecurity tech

July 13, 2015

By Hiawatha Bray

 

These days, Maria Cirino isn’t just a venture capitalist. She’s an arms merchant in an escalating global war on Internet crime.

“This is World War III without the bullets and the bombs,” said Cirino, managing partner at the Boston venture capital firm .406 Ventures.

Cirino’s investment portfolio includes startup firms that are supposed to help businesses and governments defend themselves against online threats that are ever more sophisticated.

 Much of the weaponry in this digital war is made in Massachusetts. The Commonwealth is home to dozens of network security companies. Some are world-famous, like RSA, a business unit of the data storage giant EMC Corp., Akamai Technologies Inc., and Raytheon Co. But the state also hosts a horde of venture-funded startups, some of them on the verge of going public.

Rapid7 is due to go first. The Boston company filed for an initial public offeringof stock in June and recently amended the filing, raising the target for its stock sale to $111 million. Rapid7 declined to comment on the filing, which would make it the first Massachusetts-based tech company to go public this year.

Another security company, Burlington-based Veracode, is also keeping mum about a report by Fortune magazine that it has filed to go public this year, under a law that allows startup companies to keep their IPO filings confidential.