VeriClouds CredVerify™ Uses Intel SGX to Prevent Reusing Leaked Credentials


“Through our partnership with Intel, we are pleased to be able to deliver one of the safest and most secure credential verification services available on the market, designed with privacy and scalability required by today’s global organizations.

VeriClouds has announced that it has launched a new version of its flagship product CredVerify. This latest version of CredVerify runs on a specially designed hardware appliance which uses Intel® Software Guard Extensions (Intel® SGX), providing economical and effective controls that prevent tampering and abuse of compromised credentials. VeriClouds CredVerify™ uses Intel® SGX to protect the sensitive credential verification process with hardware-based crypto built inside the CPU.

The number of stolen passwords readily available to cyber criminals and nation-state attackers on the dark web now numbers in the billions, and grows daily. A solution that can detect if a user’s credentials are among these stolen records is essential for enterprise security and regulatory compliance. According to the Verizon 2017 Data Breach Investigations Report, 81% of hacking-related breaches leverage stolen and/or weak passwords.1

Minimizing the Threat of Data Breaches from Stolen Credentials

The CredVerify API service runs its credential verification process inside an SGX enclave. Compromised credentials stored in VeriClouds database are encrypted with military grade (i.e., AES 256-bit) encryption and can only be decrypted for comparison against the credentials from the clients within the enclave. This design helps defend against both internal and external attackers, including malware running on the host machine and rogue employees. The VeriClouds solution can be deployed to the…

Article Source…

Leave a Reply

Your email address will not be published. Required fields are marked *