Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Cylance Acquires Ridgeway for Web Security, Honeypot Technology

Stealth security startup Cylance has acquired Ridgeway Internet Security, a software company specializing in Web application firewalls and honeypot technology.

Stealth security startup Cylance has acquired Ridgeway Internet Security, a software company specializing in Web application firewalls and honeypot technology.

With the acquisition, Cylance would be able to expand its abilities to pinpoint, prevent, and solve security problems by taking advantage of Ridgeway’s portfolio of attack-blocking products, Cylance said in a statement on Tuesday.

The company says its advanced and high performance ASP filtering technology is capable of blocking known and unknown Web attacks, but that is not all. The same technology is capable of unobtrusively watching Web traffic, so it can pose as a honeypot to collect detailed information about various attacks while they are in progress.

“I have scoured the world looking for truly unique technologies that solve the security problem at its core – the Ridgeway technology delivers on true intelligence and prevention,” said Stuart McClure, CEO and president of Cylance. McClure is the former CTO of McAfee, and left the Intel security subsidiary back in July 212.

Organizations are not taking the Web attack vector seriously enough, which is why the “bad guys” are succeeding in these attacks, McClure said. Ridgeway’s products will give Cylance the tools to address this particular attack vector, according to Cylance.

This is particularly true in recent attacks, whether they are from hacker groups such as Anonymous, or cyber-espionage groups such as the gang behind Operation Night Dragon. Attackers are taking advantage of security weaknesses in a Web application in order to compromise the company and steal data, Cylance said. Ridgeway’s technology prevents attackers from exploting Website vulnerabilities and foils the campaigns before sensitive data can be stolen.

Poorly designed web servers act as a gaping hole into the organization, Derek Soeder, CEO of Ridgeway Internet Security, who will be joining Cylance, said in a statement. No matter how strong the perimeter is, with IDS, firewall, and IPS, all that “can be rendered completely impotent” if the Web site is riddled with flaws, Soeder said. Organizations need a deeper understanding of these attacks in order to be able to protect themselves.

“Security is not a simple Windows or Linux or Apple debate, it is an application problem as well,” said Soeder.

Dallas, Texas-based Ridgeway will be integrated into Cylance’s development team, Cylance said.

Cylance is a security company that helps businesses identify vulnerabilities in its environment and to defend against potential attacks.

Recently, a Cylance researcher discovered a hard-coded password on a type of switch commonly deployed within critical infrastructure industries.

Financial terms of the deal were not disclosed.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.