By Carolyn Mathas
Large, fault-tolerant quantum computers pose a grave threat to existing public-key cryptography, leaving sensitive data and systems vulnerable to attack. However, the move to a new encryption method may take a decade or more to complete. In response, SandboxAQ just launched it SandboxAQ Security Suite, an end-to-end cryptographic agility platform that provides cryptographic vulnerability scanning and fixing. SandboxAQ claims that its Security Suite is the industry’s first all-in-one solution for cryptographic inventory that includes file system, application, and network analysis and inventory.
SandboxAQ Security Suite’s architecture is based on three modules that enable discovery, management, and repair.
- Cryptosense module–a comprehensive suite of analysis tools including a Network Analyzer to capture network traffic and identify cryptography used to protect data in transit. The application analyzer detects and records all calls to the cryptographic library made by the application, identifying vulnerabilities and policy violations. Filesystem Analyzer scans files to find and parse cryptographic objects in data at rest.
- The Cryptoservice module, currently available to select preview partners, enables supervised fixes and enforcement, responding promptly to out-of-policy vulnerabilities and out-of-policy algorithms. Remediation is based on real-time cryptographic algorithms and/or protocol switching. It’s the ability to cross-reference network, application, and file system analysis that makes a complete inventory that much more actionable for improvement.
- The Control Center module provides a comprehensive dashboard view of the existing cryptographic infrastructure including artifacts, libraries, algorithms, and protocols. It also provides a benchmarking tool that monitors cryptographic performance.
Companies and government agencies that have used one or more SandboxAQ Security Suite modules include global banks, Cloudera, Informatica, the US Air Force, and the US Department of Health & Human Services. Strategic alliances are also formed with Deloitte and EY to help enterprise customers identify and remediate encryption vulnerabilities. Small organizations can also benefit from suites by subscribing to a SaaS service and only paying for the modules and usage they need. In comparison, large enterprise customers typically access on-premises or self-hosted solutions in their own cloud.
According to Graham Steel, head of product in SandboxAQ’s Quantum Security division, “Starting now is critical. Adversaries are not waiting for quantum computers to launch their attacks—they are already engaged in Save Now Decrypt Later attacks, acquiring sensitive encrypted data now for future decryption,” Steel further explained that transitioning to quantum-secure encryption and implementing crypto agility can be time-consuming. many organizations with complex IT infrastructures are concerned about whether this can be completed before large-scale quantum computers are available to perform ‘decrypt now’ attacks.“Our Security Suite is designed to accelerate every step of this process,” he adds.
SandboxAQ Security Suite’s cryptographic prowess enables customers to seamlessly exchange cryptographic protocols amid ever-changing regulatory requirements and cyber threats. This concept of crypto agility will become mandatory to protect organizations against both classical and quantum based attacks, while maintaining regulatory compliance.
Additional information about SandboxAQ Security Suite is available in the posted press release Here.
April 19, 2023