Supports sales and marketing expansion of the Company’s proven cybersecurity solutions

May 19, 2021 – Chantilly, VA.  Blue Ridge Networks, Inc., today announced that it closed an investment round with funding from a US private venture fund with additional investment support from the Company’s existing investors including USVC-1, a single purpose investment facility capitalized by prominent cybersecurity, industry, and former government leaders.  Proceeds from the transaction will be used primarily to expand sales and marketing of the company’s proven cybersecurity products and services.

“Blue Ridge’s solutions deliver zero-trust cybersecurity protection designed to prevent breaches from occurring in the first place,” stated John Higginbotham, Chairman & CEO.  “The imperative to harden networks and systems has never been more obvious given the rash of egregious breaches of critical energy sector infrastructure and other sensitive networks, resulting in massive economic losses, eroding national security, and diminishing public safety. With this investment, the Company can expand its global sales and marketing initiatives to serve the urgent need in the marketplace for more effective cybersecurity protection.”

The company is a recognized innovator of isolation and containment cybersecurity solutions for network segmentation (LinkGuard), secure distributed access (EdgeGuard), and endpoint breach prevention (AppGuard).  These solutions have proven to deliver resilient, high value protection for government and commercial customers, particularly for critical infrastructure networks, distributed operations, and enterprise systems.

Blue Ridge currently distributes its solutions globally through relationships with prominent global industrial control systems providers, large system integrators, and regional value-added resellers.  Blue Ridge will expand its network of qualified channel partners and resellers for multiple market verticals with this investment.  “Our product and service suites eliminate vulnerabilities to exploit,” stated Srini Mirmira, the company’s President.  “Blue Ridge’s solutions can be easily deployed with minimal integration complexity and overhead to efficiently deliver resilient breach prevention for critical operations that cannot afford disruptions from cybersecurity compromises.”

ABOUT BLUE RIDGE NETWORKS, INC. (trivision.blueridgenetworks.com)
Blue Ridge Networks is a proven isolation and containment breach prevention cybersecurity innovator delivering solutions designed to harden network interoperability and systems.  The company’s solutions eliminate vulnerabilities to external threats and prevent exfiltration of mission critical data. The company has successfully provided resilient, scalable, and affordable cybersecurity systems, software, and managed services for over 20 years, protecting critical operations of its government and enterprise customers with no reported breaches of its solutions – ever.

Last month on the blog we discussed how the Blue Ridge Networks’ LinkGuard solution could protect your organization against potentially devastating events like the recent Sunburst (SolarWinds) cyberattack – this week we’re looking at alternative strategies for preventing similar attacks.

In a supply chain attack the malicious party undermines the methodologies used by most endpoint tools to determine attacks and risks. Hackers infiltrate the network through a previously trusted compromised third-party provider with access to systems and data. At that point there is no longer an effective perimeter to prevent zero-day malware attacks – so what then?

Time and again scanning and whitelisting-based systems have proven ineffective against sophisticated attack vectors at this stage, demonstrating the critical importance of a Zero Trust solution for endpoint and server security. AppGuard from Blue Ridge Networks is designed to prevent zero-day malware and sophisticated supply chain attacks, like the SunBurst attack, from successfully executing. Here’s how.

AppGuard

AppGuard’s default policies, plus patented isolation and containment methods make it the ideal resource for defending against supply chain attacks. Since the solution doesn’t rely on whitelisting or scanning for known signatures or patterns to differentiate between good and bad files, it doesn’t require constant, cumbersome updates to ensure your network remains safe from the latest threat vectors.

The key is the lightweight agent which sits at the base of the network and blocks unacceptable actions like code injection, or writing to the registry at the process level. From there, our advanced policy enforcement engine proactively prevents viruses, fileless malware, botnets, polymorphic malware, weaponized documents, targeted attacks, in-memory attacks, ransomware, phishing, watering-holes, drive-by-downloads, and other undetectable advanced threats.

When compromised software is present, AppGuard ensures it can’t carry out any unauthorized action to harm your device or network. The origin-agnostic offering protects against persistent threats and targeted attacks by blocking execution of malware emanating from a ‘trusted’ source. The solution also establishes patented controls that empower organizations to be more agile, and adopt zero trust policies faster than any competitive offering.

To ensure that the integrity of this layer in the security stack remains effective, we regularly review and evaluate AppGuard’s configuration. In fact, the recommended settings we updated and published in 2019 would have provided an enhanced layer of security capable of stopping the SolarWinds attack in its tracks. AppGuard’s autonomous policy engine would have allowed users to continue utilizing SolarWinds functions, while protecting themselves from the dangerous processes spawned by the malicious code.

In short, a security infrastructure including AppGuard would have inherently ignored the fact that SolarWinds is a “trusted” application, recognized that SolarWinds monitors infrastructure, and resolved that it had no legitimate business carrying out the actions prescribed by the malware.

Interested in discussing how AppGuard could benefit your agency or organization? We’d love to chat about it. Reach out to our team of experts with any questions.

The widespread Sunburst attack on US government agencies and corporations is widely regarded as one of the most consequential cyberattack against the U.S. to date. In our last post, we dove into the strategies and cybersecurity methodologies necessary to protect your organization against becoming the next victim of this kind of massive attack. Now, we’ll dive a little further into exactly how Blue Ridge Networks can help.

Even before the COVID-19 pandemic forced a massive shift towards remote operations, organizations across the board had an intrinsic dependence on critical systems within the IT infrastructure.  The definition of “critical systems” is highly variable and often carries different meanings for different organizations, but some examples are:

• IT servers and the associated management plane.
• Departmental systems, only accessible to a limited group of personnel. Examples like C-suite, legal, HR, Finance, medical professionals, security, and IT operations.
• Operational technology systems like building management systems, physical security, factory operations, the electric power generation and distribution systems, transportation systems, and many others.

Each of these systems depends upon external networks, such as time clock synchronization, the world-wide DNS infrastructure, and update servers from third party vendors. Some of these operate automatically and there’s evidence some have been subverted to attack dependent systems. The recent Sunburst attack was not the first and will not be the last to exploit vulnerabilities in external networks.

That’s where we come in. Blue Ridge Networks has evolved LinkGuard over many years to provide the best protection against the most aggressive threat vectors. It is trusted by commercial, defense and public sector customers, and has never been known to be compromised.

Within a LinkGuard enclave, protected systems can operate without risk. Because the system has no external dependencies, a hardware root of trust, and its own cryptographic credentialing system, the solution provides a high caliber of security. The enclave can be extended over virtually any communications media including public, private, wired, and wireless networks to provide remote access without introducing a firewall or VPN that could be compromised.

The Sunburst attack was so pervasive that cloud credentials for all major providers were probably stolen, but establishing access via LinkGuard could have prevented the credential theft.  By definition, the enclave does not extend into the cloud. In fact, many of our customers have established specific points of egress from their LinkGuard enclave to a direct cloud access system. This highly secure system only allows for communications between the customer’s cloud assets and the enclave, and only allows administrative access from within the LinkGuard enclave. As a result, it would not be subject to an attack that could potentially repeat the credential theft.

Perhaps most importantly, this level of enhanced security can be achieved rapidly, at low cost, and without augmentation of the existing system structure. LinkGuard offers a practical, preventative and realistic solution that could save your organization from becoming the next victim. If you have any questions about LinkGuard or your own security infrastructure, please feel free to reach out to our team of experts.

As April is National Supply Chain Integrity Month, it seems only fitting to explore one of the most sophisticated and destructive supply chain attacks in our recent history. If you don’t know what we’re talking about, here’s a brief recap:

The 2020 “Sunburst attack” targeted US government agencies and government-affiliated businesses. By establishing a foothold through SolarWinds, Sunburst hackers leveraged a highly sophisticated supply chain attack to infiltrate countless organizations. The attack was able to achieve persistence and evade detection for long enough that malicious actors were able to access and steal an incredible amount of sensitive and confidential information.

The attack was so pervasive that cloud credentials for all major providers were likely stolen. As in the recent Capital One hack, this means attackers were then able to access and possibly modify highly sensitive information that organizations have stored in the cloud.

In the wake of this act of widespread cyber-warfare, government and commercial organizations were left wondering how to move forward. For victims of the attack, though information operations remained intact, the integrity of their security infrastructure should no longer be trusted. The fortunate organizations who haven’t been directly impacted still witnessed the fallout from the scope and high-profile nature of the attack. They now see it as a catalyst for action.

For those who think they may be impacted, it boils down to this – can you definitively answer these questions?

1. Have the attackers left back-door access into the networks?
2. Have the credentials of legitimate users and operational systems been stolen?

If you can’t say “no” to both with 100% confidence, the risk to the integrity of organizational operations is too great. While some experts have suggested that enterprise networks should be rebuilt from the ground up – the time and resources required to make that a reality are unrealistic.

Rather than overhauling your entire infrastructure, we advise all of our customers to adhere to two tenants that have been at the core of our business for more than twenty years – Isolation & Containment. Employing these strategies will minimize risk, prevent lateral movement from unauthorized users, and neutralize the vulnerabilities that leave your organization open to cyberattacks.

Isolation

By isolating your critical infrastructure, core systems and their associated networks are essentially unplugged from external access and invisible to malicious actors. Unlike firewalls and VPNs which can still be breached, absolute segmentation ensures only authorized users have access to sensitive data, greatly reducing the risk of malware, data theft and ransomware extortion.

Containment

Implementing a zero-trust overlay contains and conceals your network, not only preventing hackers from breaching and moving laterally throughout your system, but also stopping nefarious back-door processes from “phoning home” to the attackers. This ensures that stolen credentials to computer servers and the associated network equipment, including firewalls, can no longer be used by the attackers.

A seamless, stealth overlay solution like LinkGuard can bolster your cybersecurity efforts with the kind of preventative protection that keeps you ahead of cybercriminals. Stay tuned for part two of this blog post where we’ll discuss how our patented and proven solution works to protect your organization against whatever big attack is coming next. Until then, feel free to chat with our team of experts to discuss any questions about your cybersecurity infrastructure.

Blue Ridge Networks developed our LinkGuard System to protect critical assets from increasingly destructive and costly cyber-attacks. By layering a Zero Trust Networking stealth at the perimeter and within existing infrastructure LinkGuard verifies identity, authenticates connections, and obfuscates protected systems from unauthorized access.

The LinkGuard System consists of a Management System, at least one BorderGuard® cryptographic device, and any combination of RemoteLink™, LinkGuard Client, and EdgeGuard components. The multi-layered security solution establishes new network segments, extends networks, and enables rapid, self-contained micro-segmentation for data protection.

LinkGuard is highly effective, easy to install, low maintenance, and more affordable than any comparable existing combination of cybersecurity solutions on the market. It also provides an additional layer of protection to existing SDN, VPN, VDI, and other IT tools. The solution has been heavily tested and broadly certified, protecting U.S. national security assets for over 20 years with no security breaches.

LinkGuard Ecosystem

Management System

The Management System creates, manages, and monitors LinkGuard enclaves and implements administrative security policies. This component establishes the management plane connection to deployed BorderGuards for secure policy enforcement and log collection consistent with Management Console policies. By cryptographically separating LinkGuard’s management plane from its data communications plane, the system eliminates vulnerable interdependencies and ensures network operations are highly compliant with increasingly stringent privacy and information assurance regulations.

BorderGuard

As the root of trust and the secure connection controller for all data and management plane communications, the BorderGuard is the backbone of the LinkGuard solution. It can handle multiple LinkGuard Client, RemoteLink, and EdgeGuard connections. BorderGuards act as a secure gateway for a data center or campus and enable peer-to-peer encrypted and multi-point connectivity for systems anywhere in the world. They are available as a 1U rack mount unit (BorderGuard 8500) or as a desktop device (BorderGuard 20). 

RemoteLink

This plug-and-play client device uses crypto-ignition tokens to connect to one or more BorderGuards and create secure network enclaves. This connection can be established over any communication medium. The security of LinkGuard enclaves is further enhanced because RemoteLinks are unresponsive to cyber attacks, reconnaissance or penetration attempts.

EdgeGuard 

EdgeGuard software is packaged to include a virtual RemoteLink component and virtual desktop interfaces (browser and clients) to enable a secure thin client connection to a LinkGuard enclave. The virtual machines are isolated from the underlying machine OS to prevent malware from entering the enclave or data from leaving it. EdgeGuard offers Zero-Trust Access without the risk of credential theft or malware mediated attacks on the network infrastructure.

LinkGuard Client 

This remote access software agent-based solution converts a laptop or desktop computer into a trusted connection to LinkGuard enclaves. The client is also packaged with a virtual RemoteLink component, and it provides contractors and support personnel with secure thick client access without a risk of credential theft.

AppGuard and LinkGuard to fortify cyber protection for Latin American Solution Provider

Feb 15, 2021 – Chantilly, VA – Blue Ridge Networks and GlobalSeis Inc. today announced that the two companies have established an alliance to provide proven endpoint and critical infrastructure cybersecurity solutions for the Latin American enterprise markets.

GlobalSeis offers a best-of-breed approach to complex business challenges for customers in Colombia, Mexico, Peru, Chile and Dallas, Texas. This alliance will allow the company to leverage Blue Ridge Networks’ patented cybersecurity solutions, AppGuard® and LinkGuard™.

Blue Ridge Networks has worked with high profile government agencies and private entities in more than 120 countries to deploy these zero-trust cybersecurity solutions. The introduction of AppGuard® and LinkGuard™ will provide GlobalSeis customers with unprecedented protection against zero-day and persistent directed cyberattacks, as well as the tools necessary for their protection and peace of mind.

“Our zero-trust cyber solutions provide GlobalSeis the ability to deliver its customers the proactive defense businesses require in today’s threat landscape,” said Mark Webber, Vice President of Sales for Blue Ridge Networks. “With GlobalSeis, we have a partner that understands business intelligence and the critical importance of proactive protection. Blue Ridge Networks looks forward to delivering the industry’s best zero-trust network protection and end point defense in the market.”

Mario Morales President and CEO from GlobalSeis said, “At GlobalSeis the core of our customers are in the financial sector and are particularly sensitive to zero day attacks – we offer our clients a true and tested service leveraging AppGuard® and LinkGuard™ as the core technology that empowers our service.”

For more information about Blue Ridge Networks products and solutions, visit the company website, or contact us here.

Patented cybersecurity solutions to provide cybersecurity to organizations in United Kingdom

February 1, 2021 – Chantilly, VA. –Blue Ridge Networks and Athena Cyber Security Ltd today announced that the two companies have established an alliance to provide proven endpoint and critical infrastructure cybersecurity solutions for United Kingdom’s private and public sectors.

Blue Ridge Networks’ solutions are currently deployed by high profile government agencies and private entities in more than 120 countries. As part of this alliance, Blue Ridge Networks will provide Athena Security Ltd. with its core products AppGuard® and LinkGuard™. The introduction of these proven products will offer unprecedented protection against cyberattacks for Athena Security customers in the United Kingdom.

“Our suite of network infrastructure, remote access and endpoint cybersecurity solutions have been trusted to prevent cyberattacks and eliminate vulnerabilities for more than 20 years without experiencing one reported breach,” said Maureen Gray, Chief Operating Officer of Blue Ridge Networks. “We are proud to partner with Athena Cyber Security Ltd. and provide its customers with advanced solutions to protect against the increasing volume and sophistication of cyber threats.”

“Cybersecurity needs are evolving very rapidly, and our alliance with Blue Ridge Networks is a clear indication of our dedication to providing clients with Industry leading, best-in-class cyber security solutions,” Andrew Tyler-Holland (CEO) from Athena. “We are true believers in the AppGuard and LinkGuard ‘Zero Trust’ preventative solutions and we look forward to representing Blue Ridge Networks in the United Kingdom. ACS Ltd. will continue to work with our suppliers and clients to deliver safe, secure and trusted solutions to reinforce our dedicated commitment to their security needs.”

ABOUT BLUE RIDGE NETWORKS, Inc.
Blue Ridge Networks is a proven cybersecurity isolation and containment technology innovator delivering network segmentation, remote access, and endpoint cybersecurity solutions that eliminate vulnerabilities to critical network infrastructure and prevent exfiltration of mission critical data. The company has successfully provided resilient, scalable, and affordable cybersecurity systems, software, and managed services for over 20 years, protecting critical operations of its government and enterprise customers with no reported breaches of its technologies – ever.

ABOUT ATHENA CYBER SECURITY Ltd.

ACS Ltd. has a board and operatives made up of skilled CTO’s, CIO’s and technical engineers from within the NHS and private sector. We are proud of our product partners and their product capabilities. ACS have derived various solutions to cope with the everchanging requirements for a secure cyber posture. We successfully provide solutions, managed services and architecture to many NHS trusts and the private sector verticals. With our core focus within the UK health sector, we very much keep our committed vision of patient care and protection at the heart of everything we do.

Media Contact:
Sally McHugh
sally@helloalloy.com
202-630-2653

A 2020 forecast from Gartner predicted enterprise spending on information security to grow 2.4% this year to reach $123.8 billion this year , even after numerous economic obstacles presented by the COVID-19 pandemic. Unfortunately, this market growth has led to intense crowding in the cybersecurity market and as a result, we’re experiencing a significant cybersecurity efficacy issue which has contributed to the increasing volume of attacks..

Some technologists and industry leaders have proposed establishing an independent and transparent assessment to address these efficacy issues. Customers often don’t have sufficient insight or access to the information they need to effectively evaluate their technology choices. As a result, enterprises often make poor buying decisions and cybersecurity solutions fail.

By addressing the asymmetry of information between vendors and prospective buyers, enterprises can better identify and implement the most effective solutions for their unique circumstances. Implementing an independent assessment methodology would make vendors more accountable for the competence of their solutions and specifically address key characteristics that define cybersecurity efficacy, such as:

• Capability to deliver the security mission (fit-for-purpose)
• Practicality in operations (fit-for-use)
• Quality of security build and architecture
• Provenance of the vendor and supply chain

In addition to altering the way enterprises purchase technology, a long term effect of migrating to an assessment-based approach may be a  change in the way organizations approach their cybersecurity strategies. Increased transparency and access to information could shift the vendor/enterprise paradigm and open the door for a multi-layered cyber strategy made up of targeted solutions working in tandem to establish the most effective security network possible.

Making it Work

This shift in the way enterprises experience and purchase technology would be a massive change for the industry, but there are several hurdles to clear before it could become a reality. All players in the market would need to come to a consensus on critical elements of the new system, from establishing assessment standards to deciding who pays for it all.

We believe a regulated assessment to prove the viability, capability and practicality of our technologies could offer a huge benefit to our customers. However, the regulatory issues and cost-considerations could emerge as prohibitive road blocks.

We’d love to hear  your thoughts on this. Would an independent, regulated assessment help in your cybersecurity purchasing decision ? Let us know.

The US was recently hit by a massive digital attack that compromised both government and private sector networks nationwide and around the world. Though cyber attacks have become all too common, this one is different. It’s a pivotal moment and will serve as the “Pearl Harbor moment” for cybersecurity in the US.

In March, malicious attackers lodged a “supply chain attack” to infiltrate SolarWinds, a software provider with a massive customer base and automatic permission to access secure networks without raising alarm. The malicious code embedded in a software update created a potential back door in SolarWinds’ tens of thousands of customers. Though it has been patched, the malicious actors had ample time to create additional entry points into the networks they deemed important or useful and cover their tracks.

This attack must serve as a wakeup call for government leaders. Today, ‘business-as-usual’ is simply unacceptable. Yet, the challenge in securing critical systems has been identifying and deploying a solution that is both highly secure and still allows users to operate systems, access networks and retrieve critical data. Accommodating those requirements became even more challenging during the COVID-19 pandemic when stay at home orders meant more government employees were working remotely than ever before. Enabling workers to perform their jobs remotely and access secure servers via potentially dangerous endpoints such as personal computers and unprotected WiFi networks has created additional potential security gaps and vulnerabilities.

So, what can we do now?

We believe the answer is network segmentation.

Many government agencies, particularly for the most sensitive data where peoples lives depend on secrecy, use cloaking and isolation of core critical assets. The scale of this recent event makes it abundantly clear that this level of security must be expanded and adopted by all critical departments and agencies.

Government organizations, contractors and the private sector must each take immediate action to put real network segmentation and defense-in-depth strategies in place. Though it’s impossible to claim that any solution is 100% secure, we believe segmentation, cloaking,  and defense in-depth infrastructure should be the table-stakes for critical security.

Blue Ridge has been protecting our customers with “protection vs. detection” strategies for more than 20 years. Our LinkGuard solution seamlessly conceals networks, reduces the attack surface, and prevents malicious actors from accessing your critical information – while still extending communications and connectivity to trusted devices. By segmenting networks and upholding automatic, robust security policies, the lightweight solution has proven effective in neutralizing threats, such as Meltdown and Spectre, before they cause irreparable damage. This level of enhanced security becomes even more feasible for rapid implementation on a budget because of its low cost set-up. LinkGuard doesn’t require augmentation of an existing system structure or endless software updates.

We strongly encourage leaders in both government and private sector to raise the standard for cybersecurity, and recognize this digital Pearl Harbor as a very possible, even likely, repeatable offence. If you have any questions about the status of the ongoing situation, or how LinkGuard can bolster the security in your organization, contact our team.