In 2019, Detack is participating again at the RSA Conference in San Francisco, USA (March 4th – 8th, 2019). You can find us at the TeleTrusT German Pavillon (Booth No. 5671-4). The RSAC is the world’s leading IT Security event with international participation. Find out more about RSAC: https://www.rsaconference.com/events/us19 and about the German Pavilion: https://www.teletrust.de/startseite/pressemeldung/?tx_ttnews[tt_news]=1184&cHash=304032644a87da830390e6bcf7e72097
John Waters, director of sales at Detack, was invited to hold a presentation on the paradigm shift in password security for the webinar series "Bitkom Security Insights". The recording of the webinar can be found at the following link: https://www.youtube.com/watch?v=a8_kix0vfVs&t=1214s
Detack took part at the High-Level Roundtable on Europe’s Cyber Future organised by European Cyber Security Organisation (ECSO). The aim of the roundtable was to bring together key decision-makers from the European Union (EU) institutions, Member States and the private sector and help them to engage in a dialogue on how the European cyber security environment can be further settled. Find out more at: https://ecs-org.eu/press-releases/ecso-convened-its-first-high-level-roundtable-on-europes-cyber-futures
Detack GmbH and Security Interest Group Switzerland (SIGS) celebrated the start of their partnership through a conference in Zurich with the focus on “Improving Password Security through Analytics and Quality Assurance.” Mr. Max Meier, Senior Technical Security Architect at AXA Switzerland and Mr. Bert Brüderlein, Information Security Officer at LBBW Asset Management were the keynote speakers of this conference. For further information please see the following link: https://www.sig-switzerland.ch/zuerich-december/
At this year’s PITS (Public-IT-Security) event, Detack will participate as an exhibitor as well as with a presentation in the expert round "Secure Access Rights". Visit us on site!
Find out more
Detack GmbH will give a presentation on the topic of password security at the IHK (Chamber of Industry and Commerce) event "IT Security in SMEs #6" between 07.30 pm and 08.30 pm on May, 09th, 2018 in Stuttgart.
Like in the past two years Detack will again be participating as part of the TeleTrusT German Pavillon at the RSA Conference in San Francisco (April 16th – 20th, 2018). The RSAC is the world’s leading IT Security event with international participation.
Find out more
TeleTrusT and Detack GmbH (TeleTrusT-Regional Office Stuttgart) are organizing an information and discussion meeting on the topic "state of the art according to the EU data protection basic regulation" in the “Residenzschloss” (residential castle) in Ludwigsburg on March 21st. The press release can be downloaded below:
For the first time Detack is exhibiting at the Intersec in Dubai at the German Pavillon. The Intersec will take place on 3 days from January 21st to January 23rd, 2018. Intersec is a trade fair for safety and security worldwide and a successful communication platform for the protection and security industry.
Find out more
it-sa 2017 (taking place 10. – 12.10.2017) is the only IT security exhibition in the German-speaking region. Detack will be exhibiting at booth 9-210 at the joint stand of BITKOM. Do not hesitate to contact us regarding an appointment or just come by!
Find out more
For the first time Detack will be present, together with its Malaysian partner, SecureMetric, at the Future of Finance Summit from 8th – 9th June 2017 in Singapore: an exciting, all-inclusive annual gathering that will bring together a wide range of players - banks, fintech players, insurance companies, asset managers, investors and customers - who are shaping the future of finance. The Future of Finance will be a dialogue between the institutions and the customer so that they can experience and communicate their expectations of the industry.
Find out more
Detack in cooperation with its partner RHT, is organizing a breakfast and a presentation on June 7th, 2017 in Singapore of how modern technology can be employed to prevent becoming victim of an IT security attack. We will discuss password-related IT security risks, meeting regulatory requirements without switching from passwords to alternative technologies, and we will show you how the solution proposed by RHT and Detack, EPAS, has helped enterprises in over 30 countries.
On January 23rd 2017 the event MEET SWISS INFOSEC! will again take place in Zurich, Switzerland. It is the leading event for IT Security in Switzerland, attracting both national and international IT Security experts and interested parties. Detack will again be talking about the topic of authentication with the presentation “Authentication 4.0 – Who am I?”
Find out more
The term "state of the art" is everywhere - companies are urged to adapt their IT security to it. However, the expression is not further defined or explained. For this reason, the Bundesverband IT-Sicherheit e.V. (The German Association for IT Security) (TeleTrusT) has set up a special working group to draw up guidelines on the state of the art. As a member of this task force, Detack GmbH was actively involved in creating these guidelines. The English version of them was published in cooperation with the European Union Agency for Network and Information Security (ENISA). The original publication is found at: https://www.enisa.europa.eu/news/enisa-news/what-is-state-of-the-art-in-it-security
Ludwigsburg, March 13th, 2018. Detack’s Enterprise Password Assessment Solution (EPAS) in now integrated with CyberArk Application Identity Manager and provides state of the art password security assessment and enforcement on CyberArk protected systems. Please find further information about the integration in the download below.
Ludwigsburg, March 8th, 2018. Detack GmbH and its partner Praetors AG are proud to announce that the European Patent Office (EPO) has granted the patent no. EP2767922 for technology employed by its Enterprise Password Assessment Solution EPAS. Designated contracting states/countries: AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LI, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR.
Ludwigsburg, June 9th, 2016. Detack GmbH and its partner Praetors AG are proud to announce that the United States Patent and Trademark Office (USPTO) has granted the U.S. patent no. 9,292,681 B2 for technology employed by its Enterprise Password Assessment Solution EPAS.
Ludwigsburg/Germany, February 25th, 2016 - Detack GmbH will be part of this year´s RSA conference to introduce its unique Enterprise Password Assessment Solution EPAS to the North American market. As an independent supplier of high quality IT security audits and in-house developed IT security products, Detack will be present in San Francisco from February 29 – March 3 as part of the German pavilion, North Expo Booth N4020/03.
EPAS Enforcer is a password quality enforcement component, provided as a licensed feature of EPAS. EPAS Enforcer for A/D integrates as an LSA filter on the Windows Active Directory domain controllers and ensures that passwords meet defined security requirements when set or changed, in line with a centralized policy mandated by the risk category of the information they protect. The new password is tested against the EPAS evaluation criteria and is accepted or rejected, depending on the defined security requirements. This means that formerly permitted passwords like “Password123” or “Secret!” are not accepted any longer by the computer.
BlackBerry UEM is missing security features which allow it to verify the integrity and authenticity of a work application, allowing attackers with operating system access on the Android and Apple iOS platforms to spoof the work application(s), and therefore access protected enterprise resources. Read more...
A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0. Read more... (netiq.com)
The screen sharing software Mikogo by Snapview is affected by a privilege escalation vulnerability, allowing arbitrary users with access to a workstation provided with Mikogo to escalate their privileges and issue arbitrary commands in the context of the SYSTEM user. The vendor provides patched versions of the software which should be installed immediately. Read more...
A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, remote attacker to access sensitive system usage information. Read more... (cisco.com)
A vulnerability in the FUSE filesystem functionality for Cisco Application Policy Infrastructure Controller (APIC) software could allow an authenticated, local attacker to escalate privileges to root on an affected device. Read more... (cisco.com)
A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. Read more... (cisco.com)
A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device. Read more... (cisco.com)
A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. Read more... (cisco.com)
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. Read more... (cisco.com)
A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, local attacker with physical access to obtain sensitive information from an affected device. Read more... (cisco.com)
The JIRA addon Power Scripts by cPrime was affected by improper authorizations, allowing any JIRA user to probe for and read arbitrary files from the underlaying server file system. The vendor provides patched versions of the addon. Read more...
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. Read more... (cisco.com)
A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. Read more... (cisco.com)
The Cordware bestinformed Windows Client was affected by an insecure implementation of network level encryption, allowing an attacker to issue arbitrary commands to the client. The vendor provides patched versions of the client which should be installed immediately. Read more...
The Cordaware bestinformed Windows Client was affected by vulnerabilities which allowed for remote code execution and local privilege escalation. The vendor provides patched versions of the client which should be installed immediately. Read more...