Whitewood® addresses one of the most fundamental challenges associated with all modern cryptosystems – true random number generation.
Whitewood enables its customers to take control of random number generation across their entire application infrastructure. With solutions that span datacenters, cloud, consumer devices
and embedded systems our customers are able to ensure that critical security applications can always have access to true random numbers. Without true randomness, applications that rely on cryptography suffer from degraded security.
The effectiveness of tools such as encryption depends on generating keys that are impossible to predict. But truly random numbers are hard to generate and in modern virtualized data centers and cloud environments security applications can suffer from a lack entropy; the starting point for all random number generators. Whitewood worked closely with Los Alamos National Laboratory to invent new ways to use quantum mechanics to generate pure entropy. Our award winning technology enables our customers to seamlessly boost the trustworthiness of the standard random number generators built into Linux and Windows operating systems, enhancing the security of custom and commercial applications that rely on them.
Application Security
The application software used by hosting service providers often has third-party products or components, which can give rise to security vulnerabilities. A method to handle this is conducting comprehensive testing of all elements of such products so that the web hosting service provider gains complete knowledge about their architecture and implementation. This, in turn, would let them have full control over all the variables involved in any specific component or product, thus ensuring top-notch security in terms of all application software.
Database Security
In theweb hosting landscape, most cybercrimes today focus on DDoS (Distributed Denial-of-Service) attacks, which are one of the major causes of financial loss. Such attacks can interrupt your email, website, or web applications, thus making you lose a huge chunk of your business and creating havoc with your usual business activities. If you wonder what triggers such attacks, the reasons are varied – from bragging rights, extortion, and making political statements, to destroying or harming competition, etc. Network intrusion and unauthorized network access are other risks that web hosting service providers have to battle with. Implementing a network intrusion detection system, robust firewalls, and DDoS protection systems are some steps that these service providers take to ensure network se
Managed Security Services Provider
Hosting service providers usually use a diverse range of software products – from Operating Systems such as Windows, Linux, BSD, etc. to server software that includes versions and flavors of MySQL, MSSQL, Apache, Resin, IIS, Tomcat, etc. To ensure software security, steps taken may include the following: Running periodic security scans via enterprise-grade security software to find out if there are known vulnerabilities for any servers. Automatic and timely updates for servers to ensure they always have the most recent security patches installed and that new vulnerability, if any, is taken care of at the earliest. Timely application of bug fixes and security patches for server software and operating systems. Beta testing of software upgrades that are perceived to belong to the high-risk
Network Security
Most reputed hosting service providers opt for hardware vendors that boast of an almost impeccable track record of offering products with high-security standards in addition to providing quality support. Implementation of modern tools like host-based intrusion detection systems is also on the rise as they can use host log information and heuristic scanners apart from monitoring system activity to help in spotting changes to the configuration files and system, which may occur due to malicious tampering, accidents, or could be triggered by external intrusions
