Security Archives - Page 3 of 5 - Jet Developers Blog

Sandwich: AI-Powered Framework Revolutionizes Cryptography Management

SandboxAQ, a cutting-edge quantum technology platform driven by AI, has unveiled an open-source framework called Sandwich, which aims to revolutionize contemporary cryptography management. The platform’s primary objective is to propel organizations toward achieving cryptographic agility.

This innovative solution provides developers with a unified API, enabling them to seamlessly integrate chosen cryptographic algorithms into their applications. By offering this agility, the platform allows for rapid adaptation to evolving technologies and emerging threats, thereby reducing the need for extensive code rewrites.

Furthermore, Sandwich empowers developers with enhanced observability and control over cryptographic operations, bolstering the overall cybersecurity protocols of organizations.

Graham Steel, the head of product at SandboxAQ’s quantum security group, highlighted that the conventional methods of cryptography management have struggled to keep up with the demands posed by new technology stacks and agile development practices. He emphasized that this challenge is compounded by the necessity for greater cryptographic agility to safeguard organizations against existing and future threats emanating from quantum computers. The platform’s API serves as a solution by simplifying cryptography manipulation, helping developers avoid common mistakes and enabling audit teams to swiftly verify the adherence to cryptographic policies.

The central concept behind Sandwich is its ability to abstract cryptography from application code, creating a crypto-agile architecture. This architecture empowers developers to effortlessly update and replace algorithms whenever necessary. The API facilitates updates to the cryptography layer, ensuring the integrity of applications without concerns about disruptions or additional coding requirements.

The framework is equipped with libOQS, which streamlines access to novel post-quantum cryptography (PQC) algorithms developed by The National Institute of Standards and Technology (NIST).

Sandwich supports multiple programming languages, including C/C++, Rust, Python, and Go, as well as various operating systems like MacOS and Linux. This flexibility offers developers the freedom to work in their preferred environment and easily access popular cryptographic libraries, including new post-quantum cryptography algorithms from NIST.

Steel underscored that the support for multiple languages, operating systems, and cryptographic libraries simplifies the secure implementation of cryptography into applications, while maintaining the adaptability to developers’ coding preferences.

The framework also streamlines cryptographic security and management through the adoption of modern DevOps practices. It offers industry-standard protocols that make it easier for developers to integrate proven cryptographic methods into applications. These methods are available in runtime as cohesive cryptographic objects called “sandwiches.”

The three-step process of “sandwich” creation reduces implementation complexity, wherein developers select the desired protocol and preferred implementation, and the framework constructs these components into a secure tunnel interfacing with the application via the Sandwich API.

Steel emphasized that the Sandwich API ensures the correct and secure implementation of application cryptography. It verifies newly updated cryptography for configuration errors, vulnerabilities, and performance issues, enhancing cryptographic agility by allowing developers to swap out cryptographic libraries as technologies and threats evolve, all without necessitating code rewrites.

The framework’s abstraction offers programming flexibility, shielding developers from the intricacies of cryptographic library utilization. Once integrated, the Sandwich framework empowers developers to swiftly update their cryptography through the API, eliminating the need for code rewrites and expediting application transitions to production.

Steel stated that as fault-tolerant quantum computers emerge, crypto-agility will become crucial, necessitating the adoption of post-quantum cryptography algorithms. With Sandwich, developers can take a self-serve approach to implementing cryptography, speeding up the process without direct input from cryptographers or security experts.

Steel noted that the global shift to NIST’s new post-quantum cryptography algorithms will be essential to protect sensitive data against quantum computers’ decryption capabilities. By incorporating the libOQS library, Sandwich provides developers easy access to these algorithms, allowing them to experiment with cutting-edge cryptographic techniques and strike a balance between security and performance at the application level.

SandboxAQ has introduced its Security Suite, designed to discover and address cryptographic vulnerabilities through crypto-agile encryption management. The suite is already in use by numerous U.S. government agencies and enterprises, including the U.S. Air Force, DISA, the U.S. Department of Health and Human Services, SoftBank, Vodafone, Cloudera, Informatica, and several global banks and telecommunication providers.

The adoption of the Sandwich library across various dimensions within SandboxAQ’s operations has infused crypto-agility into the company’s products and catalyzed research and development efforts.

In conclusion, the Sandwich framework from SandboxAQ represents a groundbreaking advancement in cryptography management, enabling cryptographic agility, streamlined implementation, and enhanced cybersecurity across various applications and industries.

Hackers Unveil Veilid: A Privacy-Centric App Development Tool

A collective of hackers, identifying themselves as the Cult of the Dead Cow (cDc), has introduced an innovative open-source tool named Veilid. This development was showcased at the DEF CON convention held in Las Vegas on a recent Friday.

The cDc group has devised a coding framework targeted towards application developers who wish to prioritize user privacy and security while steering clear of ad-generated revenue based on user data amassed by most applications.

According to reports by Engadget, Katelyn “medus4” Bowden, the leader of cDc, expounded on the group’s distinctive vision for the internet in contrast to its current reality. She emphasized, “We feel that at some point, the internet became less of a landscape of knowledge and idea sharing and more of a monetized corporate machine.” She further added, “Our idea of what the internet should be looks more like the open landscape it once was before our data became a commodity.”

The group’s initiative draws inspiration from existing free apps and services like Signal, renowned for its robust encryption for text and voice communications, and Tor, known for enabling anonymous web browsing by concealing user location. The novel undertaking, presented at the annual Def Con hacking conference in Las Vegas, strives to lay the foundation for messaging, file-sharing, and even social networking apps that abstain from data collection and rely on end-to-end encryption to counteract surveillance even by governments.

This innovative codebase, known as Veilid (pronounced as “vay-lid”), is intended for developers to craft applications for both mobile devices and the web. The core idea revolves around allowing applications to communicate with one another across the internet in a private and secure manner, avoiding reliance on centralized and often corporate-owned systems. Veilid equips app developers with the necessary code to integrate into their software, thereby enabling their users to join and engage in conversations within a peer-to-peer network.

Within this network, the Veilid protocol ensures that apps send fully encrypted content to each other. Drawing parallels with BitTorrent, a file-sharing software that concurrently shares different segments of the same content to expedite downloads, the Veilid network gains speed as more devices participate and distribute the load.

This system, integrating aspects of Tor and IPFS networks, primarily employs Rust, along with elements of Dart and Python. It allows diverse devices running apps to connect via Veilid without disclosing their IP addresses or locations to each other or the app developers, thus upholding user privacy.

Nonetheless, similar to other open-source projects, the principal challenge lies in encouraging programmers and engineers to dedicate time to crafting apps compatible with Veilid. While developers have the potential to generate income through these apps or ad sales, the absence of detailed user data hampers targeted advertising or marketing to specific user groups.

Veilid marks a significant release from the Cult of the Dead Cow, the oldest and most influential U.S. hacking collective, credited with coining the term “hacktivism” by combining hacking and activism. Originating as online storytellers in the 1980s, the group now boasts a roster of top cybersecurity experts who were among the pioneers alerting the public about software vulnerabilities and collaborating with vendors to address them.

Notable figures like Peiter Zatko, alias Mudge, part of this group, have previously held roles such as program manager at DARPA and security chief for Stripe, before taking on leadership positions in companies like Twitter.

Presently, cDc is focused on forming a community and foundation to support the Veilid project. Bowden emphasized that some may struggle to grasp their motive for undertaking this endeavor devoid of profit-seeking.

White House Launches Groundbreaking AI Initiative to Enhance Government System Security Against Cyber Threats

In a significant move, the White House has unveiled a groundbreaking initiative aimed at fortifying the security of government systems against cyber threats through the power of artificial intelligence (AI). Branded as the AI Security Challenge, this competition seeks to invigorate the landscape of cybersecurity by providing up to $10 million in rewards to exceptional teams capable of devising AI-driven solutions that effectively detect and thwart malicious activities targeting federal networks.

Addressing Cybersecurity Vulnerabilities

In light of a string of high-profile breaches targeting government entities, critical infrastructure, and private sector entities, the Biden administration is firmly committed to bolstering the nation’s cybersecurity stance. This innovative contest, as reported by Reuters, emerges as a strategic response to these challenges. Recognizing AI’s transformative potential, the White House envisions AI as a formidable ally in safeguarding government systems. By harnessing AI’s prowess to automate tasks, analyze data, and uncover anomalies, the government seeks to heighten its defensive capabilities in the realm of cybersecurity.

An Inclusive Contest of Collaborative Prowess

The AI Security Challenge opens its doors to a diverse array of participants, including researchers, academics, industry veterans, and students from the United States and allied nations. This contest, spanning a span of two years, is meticulously divided into three distinct phases. In the initial phase, participants will focus on crafting AI models capable of discerning malevolent activities within simulated federal networks. Progressing further, the second phase will evaluate these models against actual data culled from federal agencies. The pinnacle of this competition arrives with the third phase, where live federal networks will serve as the litmus test for the models’ performance, scalability, and resilience.

A Consortium of Support

Distinguished by its collaborative spirit, the AI Security Challenge has garnered sponsorship from several influential entities. Spearheaded by the Office of Science and Technology Policy (OSTP), the initiative enjoys support from the Department of Homeland Security (DHS), the National Institute of Standards and Technology (NIST), and the National Science Foundation (NSF). Importantly, the private sector is also rallying behind this cause. Industry titans such as Microsoft, Google, IBM, Amazon Web Services, and Intel have joined hands to provide their backing and expertise.

A Commitment to Excellence and Ethics

Underpinning the AI Security Challenge is a dual commitment to excellence and ethical AI practices. As envisioned by the White House, this contest serves as a beacon for innovation, fostering a collaborative community of experts capable of assisting the government in its ongoing cybersecurity efforts. Moreover, the initiative firmly adheres to the principles of responsible AI, ensuring fairness, privacy, accountability, and transparency in every facet of its execution.

Paving the Way Forward

Prospective participants can mark their calendars as registration for the AI Security Challenge commences on August 16. The initial phase of solution submissions is slated to conclude by November 15. As the contest unfolds, anticipation mounts for the eventual announcement of winners in 2025. Through this pioneering initiative, the White House is paving the way for a future where AI not only strengthens cybersecurity but also forges new avenues of collaboration and excellence.

LetMeSpy Shuts Down After Data Breach Wipes Servers and Stolen Victim Data

LetMeSpy, a spyware based in Poland, has officially ceased operations following a devastating data breach in June. The breach resulted in the destruction of its servers and the significant amount of data that had been stolen from thousands of victims phones.

In an announcement posted on its website in both English and Polish, LetMeSpy confirmed the “permanent shutdown” of its spyware service, with operations set to conclude by the end of August. As part of the shutdown process, LetMeSpy has blocked user access, preventing both login attempts and new account registrations.

Further details regarding the data breach were disclosed in a notice on LetMeSpy’s former login page, which is now non-functional. According to the notice, the hacker responsible for the breach gained unauthorized access to the LetMeSpy website’s database and proceeded to download and delete data from the site.

Notably, LetMeSpy’s app is no longer operational, as confirmed by network traffic analysis conducted by TechCrunch. Additionally, the spyware maker’s website no longer provides access to the spyware app for download.

LetMeSpy was an Android phone monitoring app that specialized in remaining concealed on a victim’s phone home screen, making it challenging to detect and remove. Once installed on a person’s phone, often by someone with knowledge of their phone passcode, LetMeSpy would continuously steal various forms of data, including messages, call logs, and real-time location information.

An external organization, the nonprofit transparency collective DDoSecrets, managed to obtain a copy of LetMeSpy’s database. The leaked data, shared with TechCrunch for analysis, revealed that LetMeSpy had been used to steal data from over 13,000 compromised Android devices worldwide. Interestingly, LetMeSpy’s website had previously claimed that it had control over more than 236,000 devices before the breach occurred.

The database also contained information indicating that the spyware was developed by a Krakow-based tech company called Radeal. However, the chief executive of Radeal, Rafal Lidwin, did not respond to requests for comment.

LetMeSpy is the latest spyware operation to close down due to a security incident that not only exposed victims’ data but also revealed the identities of its real-world operators. In the past year, Spytrac, another spyware operation with over a million user records, was found to be operated by Support King, a tech company that had been banned from the surveillance industry by federal regulators in 2021 due to its failure to secure stolen data from its previous flagship spyware app, SpyFone.

Google Introduces “Results About You” Privacy Update

In a recent blog post, Google has unveiled new updates to its privacy tools, making it easier for users to control the information that appears in their search results. The search giant has introduced additional features to the “results about you” tool, which allows users to remove search results containing personal information such as phone numbers, home addresses, or email addresses, thereby adding an extra layer of online privacy protection.

Results About You Tool: A Closer Look

The “results about you” tool, initially launched last year, has now been upgraded with a user-friendly dashboard that promptly alerts individuals whenever search results containing their personal information are detected. With just a few taps, users can swiftly request Google to remove these results, thereby safeguarding their privacy effectively.

This update is reminiscent of a feature introduced by Google One earlier in the year. The feature involved scanning the broader web to identify instances where user information might have been compromised in data breaches. On the other hand, the “results about you” tool takes a proactive approach by searching for and eliminating personal information from search results, providing an added layer of privacy protection.

To access the tool, users can tap their profile photo within the Google app and select “results about you.” Alternatively, Google has also created a dedicated webpage for this purpose. As of now, the tool is available in English for users in the United States, but Google has plans to expand its availability to other languages and regions in the near future.

In another important update, Google has revised its policy on removing explicit photos of individuals from search results. While it has long offered the option to remove non-consensual explicit images, the policy has been extended to encompass consensual imagery as well. For instance, if someone has previously uploaded explicit content of themselves to a website but subsequently decided to delete it, they can now request Google to remove it from search results if it has been reuploaded elsewhere without their consent. Notably, this policy does not apply to content that is still being sold or monetized.

It’s important to understand that removing explicit content from Google Search does not erase it entirely from the web. However, the removal process can make it significantly more challenging for people to stumble upon such content. For detailed instructions on how to use this feature, users can search for “request removals” in the Google help center.

Updates to SafeSearch and Parental Controls

Google is rolling out updates to its parental controls and SafeSearch feature. From this month onward, explicit imagery, such as adult or graphic violent content, will be automatically blurred in search results, following an earlier announcement. Users can disable SafeSearch blurring in their settings, unless it has been locked by a school network admin or guardian on their account.

Lastly, Google is enhancing access to parental controls from the Search interface. By typing queries like “Google parental controls” or “Google family link,” users will see an information box explaining how to adjust their account settings or their child’s account settings more conveniently.

With these recent updates, Google is striving to empower users with greater control over their personal information and content visibility while reinforcing its commitment to online privacy and safety.

SentinelOne Unveils Cloud Data Security Products

SentinelOne, the autonomous cybersecurity company, has recently introduced its cloud data security product line, unveiling two specialized solutions: threat detection for Amazon S3 and threat detection for NetApp.

These cutting-edge “high-speed malware detection” products are specifically designed to safeguard organizations that rely on Amazon S3 object storage and NetApp file storage against evolving malware threats in their cloud environments and enterprise networks.

With these new offerings, SentinelOne aims to bolster its Singularity Cloud product family, complementing the existing cloud workload security product line. The expansion is geared towards empowering customers to detect, investigate, and proactively mitigate threats across various cloud environments, including public, private, and hybrid clouds.

As businesses increasingly adopt cloud-based solutions, they also become more vulnerable to sophisticated malware attacks. To address this pressing challenge, SentinelOne is intensifying its focus on cloud capabilities and adopting a modern approach to protect cloud storage and workloads from malware.

The newly launched threat detection solutions for NetApp and Amazon S3 automatically scan every file added to these storage platforms for file-borne and zero-day malware. They swiftly detect and quarantine malicious files in real-time, enabling businesses to counter adversaries who use generative AI to launch sophisticated malware attacks, often delivered through cloud storage channels.

Unlike many cloud data protection solutions that rely solely on signature-based methods, SentinelOne takes a hybrid approach. It utilizes both signature and non-signature-based methods, powered by its proprietary AI detection engines. A unique feature of the platform is the “protect mode,” allowing customers to configure automatic quarantine for malicious files and objects, a capability not found in competitors’ products that only offer a detect mode.

SentinelOne’s new security products rely on its proprietary Static AI engine, which doesn’t depend on signatures for malware detection. This AI engine has been extensively trained on hundreds of millions of malware samples, enabling it to adeptly detect unknown malware, including zero-day exploits.

The company aims to unify threat management, including cloud and data-related threats, into a single, consolidated process. To achieve this, SentinelOne collaborated closely with NetApp and Amazon Web Services to ensure seamless integration of their offerings with the storage solutions. This results in an optimal combination of security and performance for shared customers.

Looking ahead, SentinelOne sees AI as the cornerstone of its mission to help customers prevent future attacks. The company plans to leverage AI further to deliver additional cloud workload security and cloud data security products. These solutions will empower organizations to detect and prevent malware spread across their cloud environments and enterprise networks with machine-speed efficiency.

Enhancing User Safety: Google Rolls Out ‘Unknown Tracker Alerts’ for Android Users

Google is taking a significant step to enhance user safety by introducing a new safety feature known as “Unknown Tracker Alerts” for Android users. The feature, which was initially announced at the Google I/O developer event, is aimed at detecting potential stalkers who might be using Bluetooth tracking devices like Apple AirTags to track unsuspecting individuals.

Starting today, Android users will receive automatic alerts if an unknown Bluetooth device is detected traveling with them. This could indicate that someone is attempting to stalk them using a tracking device. To bolster security, users will also have the option to manually scan their surroundings for potential trackers using their Android device. If a tracking device is found, the user will be guided on the next steps to take.

The need for this safety feature arose due to the misuse of Bluetooth tracking, with reports of people employing AirTags for stalking and illegal activities, such as tracking vehicles for potential theft. In response to these concerns, Apple had taken measures to address privacy issues with AirTags, but these changes did not directly benefit Android users.

However, in May, Apple and Google jointly announced their plan to develop an industry-wide specification to alert users about unwanted tracking from Bluetooth devices. The finalized specification is expected to be ready by the end of the year.

Taking proactive steps to protect Android users, Google introduced improvements to its Find My Device network and initiated alerts regarding potential trackers traveling with them. This custom implementation seeks to safeguard Android users ahead of the official joint specification. Apple, on the other hand, has opted to wait for the joint spec’s implementation rather than rolling out its own custom version in the meantime.

The new Unknown Tracker Alerts feature will send notifications to Android users if an unknown tracker is detected in their vicinity. Users can then view a map of where the tracker was last seen and even play a sound to help locate the device. Additionally, if the device is found, users can obtain more information about the owner by bringing the tracker near the back of their phone.

The safety feature also provides guidance on how to disable the Bluetooth device entirely, ensuring the owner can no longer track the user or receive future updates from the tracker.

For added control, users can manually scan their surroundings for potential Bluetooth trackers by accessing the “Unknown Tracker Alerts” option under “Safety & Emergency” in Android’s Settings. This manual scan takes around 10 seconds to complete and offers tips on what to do if a tracker is found, eliminating the need to wait for automatic alerts.

Furthermore, Google had previously announced plans to update its Find My Device network to help users locate other missing items, such as headphones, phones, luggage, and keys, through third-party Bluetooth tracker tags. This feature would also support popular tracker brands like Tile, Chipolo, and Pebblebee, as well as audio devices like Pixel Buds and headphones from Sony and JBL. However, this update has been put on hold as Google collaborates with Apple to finalize the joint unwanted tracker alert specification.

Google has decided to delay the rollout of the Find My Device network until Apple implements the necessary protections for iOS, reflecting the companies’ commitment to addressing user safety and security concerns jointly.

US and Australian Cybersecurity Agencies Issue Warning on IDOR Vulnerabilities

US and Australian cybersecurity agencies have issued a joint advisory raising an alarm about common and easily exploitable security vulnerabilities in websites and web applications. These vulnerabilities, known as Insecure Direct Object References (IDORs), have the potential to lead to large-scale data breaches, posing a significant threat to organizations’ sensitive data.

Understanding Insecure Direct Object References (IDORs)

IDOR vulnerabilities act as a gateway for malicious hackers to gain unauthorized access or manipulate sensitive data stored on an organization’s servers. The root cause of these vulnerabilities lies in the lack of proper security checks, which can be compared to having a master key that opens not just one mailbox but every mailbox on the street. This flaw enables bad actors to exploit IDORs sequentially, accessing data that they should not be authorized to view or modify.

Automated Exploitation and Scale

One of the key concerns with IDOR vulnerabilities is that they can be exploited at scale through automated tools. This means that attackers can exploit numerous instances of the same vulnerability quickly and efficiently, making the impact even more severe.

The First Major Advisory on IDOR Vulnerabilities

According to James Stanley, CISA Product Development Section Chief, the recent joint advisory marks a significant step in raising awareness about IDOR vulnerabilities. It brings attention to a major flaw that has not received adequate recognition or understanding within the cybersecurity community. The primary goal of the advisory is to assist organizations in safeguarding their sensitive data and to encourage software vendors to address and reduce the prevalence of IDOR vulnerabilities in their products.

Past Data Breaches Linked to IDOR Vulnerabilities

Over the years, IDOR vulnerabilities have been at the center of numerous data breaches, both in the United States and overseas. Some notable incidents include:

Exposure of thousands of medical documents by a U.S. laboratory giant.
Spillage of thousands of taxpayers’ personal information on a state government website.
Leaking of COVID-19 vaccination status via a college contact-tracing app.
Unauthorized access to other people’s vaccination data through a state-backed health app.
Mass data spill of hundreds of millions of U.S. mortgage documents.
Exposing real-time location data of more than a million vehicles due to a flawed GPS tracker.
Leak of hundreds of thousands of private phone data stolen by a global stalkerware network.

Ensuring Secure Web Applications

The joint advisory emphasizes that developers play a critical role in mitigating IDOR vulnerabilities. It calls for web applications to incorporate robust authentication and authorization checks to reduce the risk of exploitation. Additionally, the concept of “secure-by-design” is advocated, urging software makers to prioritize security throughout the entire software development process.

Impact and Urgency

The Australian Cyber Security Centre highlights the potential national impact of even a single breach involving IDOR vulnerabilities. Such incidents could have severe repercussions on critical infrastructure, businesses, government entities, and individuals alike.

In conclusion, IDOR vulnerabilities represent a serious threat to data security and require immediate attention and action from organizations, developers, and software vendors. Implementing robust security measures and adopting secure-by-design principles are crucial steps in safeguarding sensitive data and protecting against large-scale data breaches.

Chinese Hackers Exploit Microsoft Cloud Email Flaw, Breaching U.S. Government Email Accounts

In a confirmation by Microsoft, it has been revealed that Chinese hackers exploited a vulnerability in Microsoft’s cloud email service, resulting in unauthorized access to the email accounts of U.S. government employees. The hacking group, known as Storm-0558, successfully compromised around 25 email accounts, including those belonging to government agencies and individuals associated with these organizations.

Microsoft, using the codename “Storm” to track emerging or developing hacking groups, has not disclosed the specific government agencies targeted by Storm-0558. However, Adam Hodge, a spokesperson for the White House’s National Security Council, has confirmed that U.S. government agencies were indeed affected by the breach.

The State Department was identified as one of the federal agencies compromised in the attack. The breach was initially alerted to Microsoft by State Department officials. Upon investigation, Microsoft determined that Storm-0558, a well-resourced Chinese hacking group, gained unauthorized access to email accounts by exploiting Outlook Web Access in Exchange Online (OWA) and Outlook.com. The hackers utilized acquired Microsoft consumer signing keys to forge authentication tokens, allowing them to impersonate Azure AD users and gain entry to enterprise email accounts.

The malicious activity of Storm-0558 went undetected for approximately a month until Microsoft received reports from customers about abnormal mail behavior. Microsoft promptly mitigated the attack, ensuring that Storm-0558 no longer had access to the compromised accounts. However, it remains unclear whether any sensitive data was exfiltrated during the period when the attackers had control.

Charlie Bell, Microsoft’s top cybersecurity executive, stated that the hacking group appeared to be focused on espionage, specifically targeting email systems for intelligence collection. The motive behind this type of espionage is to abuse credentials and gain access to data residing in sensitive systems.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory, revealing that the attackers had accessed unclassified email data. Additionally, a senior FBI official described the intrusion as a targeted campaign and confirmed that the number of impacted government agencies was in single digits, without disclosing the specific agencies involved.

While the overall impact of the incident remains uncertain, CISA has determined that a government-backed actor, which the U.S. government has not attributed to China yet, exfiltrated a limited amount of Exchange Online data.

CISA and the FBI are urging organizations to report any anomalous activity detected in Microsoft 365 to the respective agencies. The investigation is ongoing, and Microsoft is working to enhance the security of its cloud services to prevent similar attacks in the future.

Fortanix Introduces Confidential Data Search for Secure and Efficient Encrypted Data Analysis

Fortanix, a California-based cybersecurity company, unveiled its latest feature, Confidential Data Search, designed to address the challenge of utilizing sensitive data for business operations while ensuring privacy and compliance. This innovative software tool enables fast and unlimited searches of encrypted data, catering to the needs of highly regulated industries like finance and healthcare.

The official launch of Confidential Data Search took place at the 2023 Confidential Computing Summit in San Francisco, where Fortanix showcased the product’s capabilities. The company plans to make the tool generally available in the latter half of 2023. The timing of this release aligns with the growing demand for robust data protection measures and adherence to stringent privacy regulations.

Richard Searle, VP of confidential computing at Fortanix, emphasized the practicality and real-world benefits of Confidential Data Search. He highlighted how the solution solves significant business challenges faced by banks and organizations today, offering them a viable option for leveraging confidential computing to safeguard data.

Confidential Data Search leverages the concept of confidential computing, a field focused on performing complex operations on encrypted data without the need for decryption. Fortanix employs Trusted Execution Environments (TEE) to host encrypted databases securely. By deploying an image of the encrypted database within the TEE, data can be decrypted and utilized for queries while remaining inaccessible to external systems. Additionally, the queries themselves are encrypted, ensuring the protection of analysts’ identities.

Searle emphasized that Confidential Data Search integrates seamlessly with existing databases and datasets without requiring modifications or data format conversions. He mentioned Fortanix’s Data Security Manager, which facilitates transparent data encryption for popular enterprise databases like PostgreSQL and MySQL. This functionality can be implemented within the confidential computing environment without any alterations. Fortanix has already established numerous integrations with leading organizations such as Snowflake and Databricks and is exploring potential partnerships with major cloud providers.

Looking ahead, Searle discussed the role of Fortanix in shaping the future of confidential computing, particularly in emerging technology areas like artificial intelligence (AI) and machine learning (ML). Fortanix plans to introduce fine-grained policy controls and support for large language models in the near future. Additionally, the company is actively involved in edge AI deployment, aiming to position confidential computing as a crucial strategy not only at the data center level but also at the edge.

According to a market study by Everest Group, the Confidential Computing market is expected to grow significantly, with a projected compound annual growth rate (CAGR) of 90%-95% and an estimated value of $54 billion by 2026. The study attributes this growth to the increasing demand for data security and privacy in regulated sectors such as finance, banking, insurance, healthcare, life sciences, and the public sector.

Fortanix claims that its solution stands out from other encrypted data storage offerings, particularly in terms of performance and scalability. Searle notes that alternative solutions rely on methods like homomorphic encryption, which are impractical for handling complex data sets, or process data in plain text with permission controls, making them vulnerable to breaches.

With over $135.5 million in funding from investors including Goldman Sachs Asset Management, GiantLeap Capital, Foundation Capital, Intel Capital, Neotribe Ventures, and In-Q-Tel, Fortanix has gained traction across various industries, including highly regulated sectors. The company actively contributes to the advancement of the confidential computing ecosystem and is a founding member of the Confidential Computing Consortium, an initiative by the Linux Foundation that aims to accelerate the adoption of confidential computing technologies.

By leveraging confidential computing technology, Fortanix aims to provide organizations with a fast and scalable solution for securely searching and analyzing encrypted data while adhering to global regulations and policies. This unique offering positions Fortanix favorably compared to other players in the market, including Microsoft, IBM, and Google, who are also developing their own confidential computing solutions. Fortanix’s vision of simplifying and democratizing data security takes a significant step forward with the introduction of Confidential Data Search.