ObjectSecurity News Update

09 October 2009

Greetings,

Here is our latest news update. Since our last update, a lot has happened. Please feel free to pass this email on to anyone else who might be interested. And if you want to stay more closely in the loop, feel free to follow us on Twitter.
If you want to meet ObjectSecurity's executives face-to-face, you can meet them in Silicon Valley, CA, USA, Cambridge, UK, and Munich, Germany.

Just signed up? Browse the archive.

New projects and product releases

*FREE* OpenPMF Trial
ObjectSecurity offers a free trial of their packaged OpenPMF version for Intalio BPMS, which includes a number of cool new features. Please sign up here to receive further information

Success Story - UK Ministry of Defence R&D Contract: Agile SOA Accreditation
ObjectSecurity has delivered a UK Ministry of Defence (MoD) contract to carry out research related to agile Service Oriented Architecture (SOA) accreditation ("Model Driven Security Accreditation", MDSA). The project was awarded by MoD’s Centre for Defence Enterprise (CDE) and is managed by MoD’s Defence Technology and Innovation Centre (DTIC). The contract award underscores ObjectSecurity’s innovative defence / civilian “dual use” capabilities in the areas model-driven security and secure integration (e.g. SOA), which have previously been demonstrated in projects with the US Naval Research Lab, with RTI for the US Navy & US Air Force, and with ESG for the German Bundeswehr. Lack of “agile SOA accreditation” methods and tools have been identified by leading trade bodies (e.g. by ISSA, Cyber Security KTN, Security Network) as one of the top two concerns related to SOA and security. The other top concern, the lack of manageable SOA security policy management tools, is already tackled by ObjectSecurity’s OpenPMF product & solution. We are selling an eBook about agile SOA accreditation (see below). More information is also on our blog.

eBooks: In-Depth eBooks about SOA & Cloud Security, Model Driven Security, Model Driven Security Accreditation
ObjectSecurity offers in-depth studies about hot topics in IT security. Current studies include SOA security, agile policy management ("model-driven security") and agile SOA accreditation/compliance ("model-driven security accreditation"). Other tailor-made studies can be produced upon request.

Webinar & more about: OpenPMF for Intalio BPMS
ObjectSecurity offers a wealth of information about OpenPMF on their website. You can select here from a webinar, podcast, white paper, demo videos, blogs, supported technologies etc.

Success Story: Intel Renews Technical Support Contract 4th Year
ObjectSecurity is pleased to announce that Intel renewed their technical support contract for the 4th year in a row. ObjectSecurity supports some of Intel's operational MICO middleware installations.

Success Story: U.S. Air Force Project Provides Advanced Security Protection for Distributed Systems
ObjectSecurity is pleased to announce the successful completion of a U.S. Air Force Research Laboratories (AFRL) Small Business Innovation Research (SBIR) phase 1 project (AF073-029), which was primed by their partner Real-Time Innovations (RTI), The Real-Time Middleware Experts. The project, entitled “Proactive Determination of Networked Node Vulnerability,” addresses a pervasive need for improved tools to actively seek out weaknesses in network security before and during a security intrusion event. It was integrated with the U.S. Department of Defense (DoD) vision for its next-generation Global Information Grid (GIG) network infrastructure. RTI chose ObjectSecurity OpenPMF 2.0 because of its unique policy driven application incident monitoring capability for DDS. OpenPMF policy enforcement and incident monitoring had previously been integrated with RTI’s implementation of DDS as part of another U.S. Navy SBIR project. The project outcome is ground-breaking because it combines both network intrusion prevention and policy-driven application layer intrusion prevention in an integrated solution, which firstly ties in with state-of-the-art application development platforms and tools, and which secondly supports the agility of today’s complex, interconnected, rapidly evolving IT landscapes.

News & Press Releases

Award: "Most Promising Security Start-up 2009", Global Security Challege 2009, Finalist America West
ObjectSecurity has been awarded “America West Regional Finalist 2009” in the “Most Promising Security Start-up Category” for their OpenPMF™ product by the Global Security Challenge.

Award: "Product of the Year 2009", Cambridge Computer Lab Ring
ObjectSecurity has been awarded the University of Cambridge Computer Lab Ring’s “Product of the Year 2009” award for their OpenPMF product. Developed by University of Cambridge Computer Lab PhD Dr. Ulrich Lang and ObjectSecurity’s expert team since 2000, OpenPMF™ is a security extension for application development tools. It provides an easy-to-use, cost-saving way to automatically make business security & compliance objectives happen for today’s large, interconnected, rapidly evolving applications (e.g. BPM, SOA, Cloud, SaaS, PaaS, Web 2.0).

Award: "TeleTrusT Innovation Award" at ISSE 2009
ObjectSecurity has been awarded the "TeleTrusT Innovation Award" to IT security solutions chosen from a large number of submissions from companies and institutions across Europe (at the 'ISSE 2009' in Den Haag (NL), by the German IT security association TeleTrust).

Advisor: ObjectSecurity appoints Milind Pansare as strategic advisor
ObjectSecurity has appointed Silicon Valley based Dr. William Wilson as strategic advisor. Dr. Wilson will advise on ObjectSecurity’s business and marketing strategy. Milind Pansare brings over 20 years of experience in marketing, product management and technology leadership to the advisory team. Milind has held several leadership roles in alliances, partner and developer programs, product management, product marketing, engineering management and software engineering at large Silicon Valley based computer software and systems companies such as Sun Microsystems and Hewlett Packard as well as startups. He holds a BS in Computer Science and has held several engineering leadership roles, managing teams that developed window systems, user interfaces, secure operating systems, and technology in the Java platform.

Partner: ObjectSecurity Partners with Center For Advanced Defense Studies (CADS)
ObjectSecurity partners with the Center for Advanced Defense Studies (CADS). CADS is a non-profit, non-governmental, international educational institution based in Washington, DC, that researches, educates, and implements programs to enhance global security. ObjectSecurity’s products and services make application & workflow security manageable, cheaper, and less risky. “... We are delighted to partner with this renown thought leader and innovator in the areas that are at the core of today’s cyber security challenges for both defense and civilian enterprises.” – Lt. Col. (Ret.) David E.A. Johnson, Executive Director, Center for Advanced Defense Studies.

Partner: ObjectSecurity Partners with PROMIS
ObjectSecurity partners with PROMIS Solutions in the area of security modeling based on TOGAF and EVA Netmodeler. The combination with ObjectSecurity’s unique OpenPMF model-driven security management product and leading expertise in model-driven security allows customers to manage security compliance (risk / control objectives) at the architecture level. ObjectSecurity’s OpenPMF then automatically implements these requirements in technical controls (specifically access control, reporting / monitoring). Mike Ater, CEO of PROMIS Solutions AG: “... We are pleased to partner with the leading expert in model–driven security and their unique product – OpenPMF.”

Silicon Valley Presence Strengthened
ObjectSecurity executive Dr. Ulrich Lang now runs the Silicon Valley office full-time. It is located at Plug & Play Tech Center in Palo Alto, CA, USA. Contact us if you would like to set up a meeting.

Press: San Jose / Silicon Valley Business Jounral Coverage
ObjectSecurity has been covered in the "The Pitch" section of the widely circulated San Jose / Silicon Valley Business Journal.

Modeldrivensecurity.org blog
ObjectSecurity blog discusses model driven security, and now also model-driven security accreditation..

Click here to view an up-to-date news list.

Events - meet ObjectSecurity face-to-face at these events (contact us to arrange a meeting)

Click here to view an up-to-date events list and here to view our full publication list

Why you are getting this newsletter

You are receiving this email because you have subscribed to ObjectSecurity's email newsletter. Please contact us if you have any feedback - we aim to make this newsletter as useful as possible for you.

Please simply reply to this email with "unsubscribe" in the subject or body if you would like to unsubscribe. We are aiming to make this newsletter as useful for you as possible, so any comments or suggestions would be greatly appreciated. Simply reply to this email if you would like to get in touch with us. And please tell your colleagues about this newsletter.