sb-eu logo
Story image

Bitglass receives US patent for SAML technology

01 Sep 2020

Bitglass has won a US patent for its SAML relay that helps to provide more transparency and real-time access control of cloud services.

SAML, which stands for security assertion markup language, has become popular in recent years as security vendors as an open standard for authentication and authorisation. 

Bitglass designed its SAML relay to allow a cloud access security broker (CASB) to be inserted into the traffic flow between users and cloud services during the login process, all in a transparent manner. 

Bitglass explains that once a user logs in, the CASB considers the risk profile of the user, and determines the level of access to permit the user. The CASB may permit direct access to the application, proxied and controlled access to the application with data and threat protection enforced, or deny access altogether.

Bitglass CEO Nat Kausik says, “This patent is further recognition that Bitglass is the architect of SAML relay and reverse proxy technology that all CASB vendors have imitated.”

“For organisations that need transparent cloud security, the Bitglass CASB remains the solution of choice. Today, it is a core component of our SASE offering, along with our SmartEdge Secure Web Gateway and our zero trust network access.” 

Bitglass CTO Anurag Kahol adds that the company recognises that organisations need cloud-based solutions that secure application access from both corporate and personal devices.

“Our SAML relay technology has become the standard for enabling secure, ubiquitous access,” says Kahol.

The company recently released a 2020 BYOD report which showed 69% of polled respondents enable employees to use personal devices to do their work. Partners, contractors, customers, and suppliers could also have their own BYOD policies. 

Due in part to the shift to mass adoption of remote working, businesses are embracing BYOD, however many are not taking the proper steps to secure data.

Respondents were most concerned about data leakage, unauthorised access to data and systems, and malware infections. 

However, 51% of respondents say they lacked visibility into file sharing apps 30% had no visibility or control over mobile enterprise messaging tools, and 9% had cloud-based anti-malware solutions in place.

Bitglass notes that organisations generally need physical access to devices to secure them – which is problematic and puts privacy at risk when it comes to personal devices. 

“To remedy this standoff, companies need comprehensive cloud security platforms that are designed to secure any interaction between users, devices, apps, or web destinations,” Kahol concludes.

Story image
Cryptomining trojan malware discovered by ESET researchers
The malware, primarily targeting victims in Czechia and Slovakia, prioritises subterfuge through deployment of multiple techniques to avoid detection, and leans heavily on the Tor network and BitTorrent protocol to achieve its goals.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More
Story image
High-tech heist: why fending off ransomware attacks is more challenging than ever in 2020
The COVID-19 crisis has unleashed a wave of sophisticated and disruptive ransomware attacks, and the onus is on businesses to ramp up their security measures if they’re to avoid falling victim, writes Attivo Networks regional director for A/NZ Jim Cook.More
Story image
Radware issues security alert, warning of global rise of DDoS-for-hire
Efforts from corporations, law enforcement and independent researchers around the world have attempted in the last two years to curb this growth – but the industry keeps growing says Radware information security researcher Daniel Smith.More
Story image
Phishing scam imitates SharePoint & OneNote for nefarious clicks
Sophos researchers say that the attackers take a slightly different approach to the standard ‘fake login’ phishing email.More
Story image
Yubico launches latest YubiKey with NFC & USB-C support
Yubico has released a new hardware authentication key, designed to provide security through both near-field communication (NFC) and USB-C connections and smart card support.More