Resources

News

RSA Conference 2019, San Francisco

In 2019, Detack is participating again at the RSA Conference in San Francisco, USA (March 4th – 8th, 2019). You can find us at the TeleTrusT German Pavillon (Booth No. 5671-4). The RSAC is the world’s leading IT Security event with international participation. Find out more about RSAC: https://www.rsaconference.com/events/us19 and about the German Pavilion: https://www.teletrust.de/startseite/pressemeldung/?tx_ttnews[tt_news]=1184&cHash=304032644a87da830390e6bcf7e72097

"Bitkom Security Insights" Webinar, February 2019

John Waters, director of sales at Detack, was invited to hold a presentation on the paradigm shift in password security for the webinar series "Bitkom Security Insights". The recording of the webinar can be found at the following link: https://www.youtube.com/watch?v=a8_kix0vfVs&t=1214s

Europe’s Cyber Future, Brussels, January 2019

Detack took part at the High-Level Roundtable on Europe’s Cyber Future organised by European Cyber Security Organisation (ECSO). The aim of the roundtable was to bring together key decision-makers from the European Union (EU) institutions, Member States and the private sector and help them to engage in a dialogue on how the European cyber security environment can be further settled. Find out more at: https://ecs-org.eu/press-releases/ecso-convened-its-first-high-level-roundtable-on-europes-cyber-futures

SIGS Special Event: December 5th, 2018, Zurich, Switzerland

Detack GmbH and Security Interest Group Switzerland (SIGS) celebrated the start of their partnership through a conference in Zurich with the focus on “Improving Password Security through Analytics and Quality Assurance.” Mr. Max Meier, Senior Technical Security Architect at AXA Switzerland and Mr. Bert Brüderlein, Information Security Officer at LBBW Asset Management were the keynote speakers of this conference. For further information please see the following link: https://www.sig-switzerland.ch/zuerich-december/

PITS 2018: SEPTEMBER 10TH – 11TH, 2018, BERLIN

At this year’s PITS (Public-IT-Security) event, Detack will participate as an exhibitor as well as with a presentation in the expert round "Secure Access Rights". Visit us on site!
Find out more

IT SECURITY IN SMES: MAY 9TH, 2018, STUTTGART

Detack GmbH will give a presentation on the topic of password security at the IHK (Chamber of Industry and Commerce) event "IT Security in SMEs #6" between 07.30 pm and 08.30 pm on May, 09th, 2018 in Stuttgart.

RSA Conference 2018, San Francisco

Like in the past two years Detack will again be participating as part of the TeleTrusT German Pavillon at the RSA Conference in San Francisco (April 16th – 20th, 2018). The RSAC is the world’s leading IT Security event with international participation.
Find out more

TELETRUST REGIONAL OFFICE STUTTGART: MARCH 21ST, 2018, LUDWIGSBURG

TeleTrusT and Detack GmbH (TeleTrusT-Regional Office Stuttgart) are organizing an information and discussion meeting on the topic "state of the art according to the EU data protection basic regulation" in the “Residenzschloss” (residential castle) in Ludwigsburg on March 21st. The press release can be downloaded below:

DOWNLOAD

Intersec 2018, Dubai

For the first time Detack is exhibiting at the Intersec in Dubai at the German Pavillon. The Intersec will take place on 3 days from January 21st to January 23rd, 2018. Intersec is a trade fair for safety and security worldwide and a successful communication platform for the protection and security industry.
Find out more

IT-SA 2017, NÜRNBERG

it-sa 2017 (taking place 10. – 12.10.2017) is the only IT security exhibition in the German-speaking region. Detack will be exhibiting at booth 9-210 at the joint stand of BITKOM. Do not hesitate to contact us regarding an appointment or just come by!
Find out more

The Future of Finance Summit: 8th – 9th June 2017, Singapore

For the first time Detack will be present, together with its Malaysian partner, SecureMetric, at the Future of Finance Summit from 8th – 9th June 2017 in Singapore: an exciting, all-inclusive annual gathering that will bring together a wide range of players - banks, fintech players, insurance companies, asset managers, investors and customers - who are shaping the future of finance. The Future of Finance will be a dialogue between the institutions and the customer so that they can experience and communicate their expectations of the industry.
Find out more

RHT / EPAS Breakfast Session: 7th June, 2017, Singapore

Detack in cooperation with its partner RHT, is organizing a breakfast and a presentation on June 7th, 2017 in Singapore of how modern technology can be employed to prevent becoming victim of an IT security attack. We will discuss password-related IT security risks, meeting regulatory requirements without switching from passwords to alternative technologies, and we will show you how the solution proposed by RHT and Detack, EPAS, has helped enterprises in over 30 countries.

MEET SWISS INFOSEC! 2017, Zurich

On January 23rd 2017 the event MEET SWISS INFOSEC! will again take place in Zurich, Switzerland. It is the leading event for IT Security in Switzerland, attracting both national and international IT Security experts and interested parties. Detack will again be talking about the topic of authentication with the presentation “Authentication 4.0 – Who am I?”
Find out more

Publications

Guidelines Concerning "State of the Art in IT Security"

The term "state of the art" is everywhere - companies are urged to adapt their IT security to it. However, the expression is not further defined or explained. For this reason, the Bundesverband IT-Sicherheit e.V. (The German Association for IT Security) (TeleTrusT) has set up a special working group to draw up guidelines on the state of the art. As a member of this task force, Detack GmbH was actively involved in creating these guidelines. The English version of them was published in cooperation with the European Union Agency for Network and Information Security (ENISA). The original publication is found at: https://www.enisa.europa.eu/news/enisa-news/what-is-state-of-the-art-in-it-security

DOWNLOAD

EPAS INTEGRATED WITH CYBERARK APPLICATION IDENTITY MANAGER

Ludwigsburg, March 13th, 2018. Detack’s Enterprise Password Assessment Solution (EPAS) in now integrated with CyberArk Application Identity Manager and provides state of the art password security assessment and enforcement on CyberArk protected systems. Please find further information about the integration in the download below.

DOWNLOAD

EUROPEAN PATENT GRANTED FOR EPAS

Ludwigsburg, March 8th, 2018. Detack GmbH and its partner Praetors AG are proud to announce that the European Patent Office (EPO) has granted the patent no. EP2767922 for technology employed by its Enterprise Password Assessment Solution EPAS. Designated contracting states/countries: AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LI, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR.

DOWNLOAD

U.S. PATENT GRANTED FOR EPAS

Ludwigsburg, June 9th, 2016. Detack GmbH and its partner Praetors AG are proud to announce that the United States Patent and Trademark Office (USPTO) has granted the U.S. patent no. 9,292,681 B2 for technology employed by its Enterprise Password Assessment Solution EPAS.

DOWNLOAD

 

LAUNCH OF EPAS IN NORTH AMERICA

Ludwigsburg/Germany, February 25th, 2016 - Detack GmbH will be part of this year´s RSA conference to introduce its unique Enterprise Password Assessment Solution EPAS to the North American market. As an independent supplier of high quality IT security audits and in-house developed IT security products, Detack will be present in San Francisco from February 29 – March 3 as part of the German pavilion, North Expo Booth N4020/03.

DOWNLOAD

 

Launch of the EPAS Password Quality Enforcer

EPAS Enforcer is a password quality enforcement component, provided as a licensed feature of EPAS. EPAS Enforcer for A/D integrates as an LSA filter on the Windows Active Directory domain controllers and ensures that passwords meet defined security requirements when set or changed, in line with a centralized policy mandated by the risk category of the information they protect. The new password is tested against the EPAS evaluation criteria and is accepted or rejected, depending on the defined security requirements. This means that formerly permitted passwords like “Password123” or “Secret!” are not accepted any longer by the computer. 

DOWNLOAD

 

 

 

advisories

Recent Security Advisories published by Detack

CVE-2019-9005

The JIRA addon Power Scripts by cPrime was affected by improper authorizations, allowing any JIRA user to probe for and read arbitrary files from the underlaying server file system. The vendor provides patched versions of the addon. Read more...

CVE-2019-1690

A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. Read more... (cisco.com)

CVE-2019-1585

A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. Read more... (cisco.com)

CVE-2019-6266

The Cordware bestinformed Windows Client was affected by an insecure implementation of network level encryption, allowing an attacker to issue arbitrary commands to the client. The vendor provides patched versions of the client which should be installed immediately. Read more...

CVE-2019-6265

The Cordware bestinformed Windows Client was affected by vulnerabilities which allowed for remote code execution and local privilege escalation. The vendor provides patched versions of the client which should be installed immediately. Read more...