SECURITY

Intelligent Waves LLC Names Tony Crescenzo as Chief Executive Officer

Intelligent Waves LLC | January 20, 2022

Intelligent Waves LLC, a leading-edge trusted IT systems integrator that delivers high-impact transformational IT solutions to Government’s most mission-critical challenges, is pleased to announce that Tony Crescenzo, IW’s President, has been promoted to the position of Chief Executive Officer. In addition, Jared Shepard, IW’s founder, and the owner will continue to lead IW in the role of Chairman of the Board.

Under Crescenzo's leadership, the company has experienced two consecutive years of aggressive growth and profitability. "Intelligent Waves has grown and matured into a respected market leader,” stated Jared Shepard. “By initially hiring Tony Crescenzo as President in 2020, I set a strategic goal of elevating IW's growth trajectory and scalability to the next level. It has been awesome to see how Tony Crescenzo's leadership has materialized my vision for the company. Tony's high-energy leadership style and ability to recruit top management talent has enabled us to maximize the value and impact of our company."

Intelligent Waves has recently successfully launched several innovative and disruptive cybersecurity solutions that serve the Defense and Intelligence Community, including GRAYPATH, an ultra-secure next-generation VPN, and Phantom, an award-winning cyber defense solution for the most demanding and secure communications.

It is a tremendous honor to take the reins as the CEO of Intelligent Waves, and I look forward to helping the company fulfill its full potential through innovation in the Government’s most demanding and critical areas. Intelligent Waves is at the forefront of innovation in support of real-world mission outcomes, and I am proud to lead such an exceptional organization.”

Tony Crescenzo, IW’s CEO

Intelligent Waves was founded in 2006 by Jared Shepard. Under his leadership, Intelligent Waves has grown from a two-person team to a thriving, award-winning business with over two hundred employees. Intelligent Waves has received numerous accolades and awards, including ranking as one of Washington Business Journal's 100 largest veteran-owned companies for 2020, ranking as a top company on Inc.'s VET100 List, and ranking among Monster.com and Military.com Rated top 10 Best Company for Veterans Nationwide in 2017, 2018, 2019, and 2020.

In addition to serving IW as Chairman of the Board, Jared Shepard spun out his second company in 2021, Hypori Inc. where he serves as the company's President and CEO. Hypori is an award-winning SaaS company providing secure mobility for government and commercial customers. Its innovative solution puts the power and speed of the cloud on any mobile or edge device, enabling remote users to access critical data and apps through a separate, secure workspace.

About Intelligent Waves LLC
Intelligent Waves LLC is a service-disabled, veteran-owned small business. The firm provides enterprise systems engineering, cloud computing and managed services, cyber and security architecture, mobility, operations, and intelligence analytics.

Spotlight

Traditional Tour Operators and OTAs may merge to become the ultimate travel seller. From handling complex trips to servicing with new generation travel stores, Digital Tour Operators could provide a great mix of digital and human interaction to create a truly, personalised travel experience.


Other News
VPN

A2i Selects BlastWave's BlastShield Passwordless Software-Defined Perimeter Solution

BlastWave | December 17, 2021

BlastWave, a developer of software-defined perimeter (SDP) solutions that protect networks from inadvertent and intentional threats, announced that A2i systems selected its BlastShield solution to protect A2i's internal network and remote customer access. BlastShield is the first all-in-one SDP patented solution that combines infrastructure cloaking and passwordless multi-factor authentication (MFA) for identity-based secure remote network access for organizations that've adopted a zero-trust security model. BlastShield enables organizations to hide on-premise and cloud workloads from outsiders and insider threats, concealing an organization's infrastructure from cyberattacks through software-defined microsegmentation without modifications to existing network fabric and hardware. BlastWave's novel approach solves the three most critical steps in the cyber kill chain for an attacker: (1) account takeover; (2) lateral movement; and (3) remote access compromise. In addition, BlastShield helps prevent and isolate attacks mitigating the spread of malware, reducing the blast radius. BlastShield also enables cloud-native app development by securing microservices, containers and Kubernetes clusters. A2i Systems provides the first secure pricing optimization solution in the retail fuel industry through their flagship product, PriceCast Fuel. A2i Systems utilizes customer-centric AI by detecting behavioral patterns in Big Data and dynamically mapping customer and competitor behaviors to identify the optimal price for consumers throughout the day. As a result, A2i can now help customers price strategically instead of tactically through their cloud-hosted services that move them on to the most advanced fuel price management system currently available. In the wake of recent supply chain attacks, we recognized that VPN-based solutions simply cannot provide the level of protection we require for our critical data and remote access. The security of our data and our customers' data is our highest priority and we needed a secure platform to provide access to our hybrid data services, hosted both in the cloud and on-premise. BlastShield filled both these needs for us with their patented solution." Emil Erlandsson, Vice President of Professional Services at A2i After a comprehensive proof of concept (PoC) using BlastShield's Free Starter Package solution, A2i selected BlastShield and began deploying BlastShield's Invisible peer-to-peer software-defined perimeter solution for initially for internal use for secure remote access. "We're excited to partner with A2i systems on this project," says Tom Sego, CEO BlastWave. "By combining A2i's revolutionary AI-based fuel pricing solution with BlastWave's patented invisible SDP, A2i customers will enjoy the benefits of state-of-the-art pricing optimization while mitigating the risk of supply chain attacks." About BlastWave Founded by former executives and technologists from Apple and Cisco, BlastWave is taking a fundamentally different approach to security aimed at protecting privacy and connected devices from cyberattacks. BlastWave's patented product, BlastShield, is an all-in-one-zero trust stack that combines state-of-the-art passwordless multi-factor authentication with high-performance, resilient encrypted connectivity and built-in microsegmentation. In addition to protecting servers and IoT devices, BlastShield also secures containers that are orchestrated with Kubernetes, enabling more agile and efficient cloud-native application development. BlastWave is backed by Rocket Strategies, Lucas Venture Group, and Millennium Investments. The company is headquartered in Palo Alto, California. About A2i Headquartered in Copenhagen, Denmark, A2i uses ground-breaking Artificial Intelligence (AI) technology to make advancements in ways to interact with your customers at the forecourt. We are giving you the opportunity to transform your business and be ready for the next phase of Fuel Retail. Our product, PriceCast Fuel (PCF) is the world's first industry-specific retail fuel pricing, management and optimization solution developed by A2i. By combining state-of-the-art AI and Machine Learning with Big Data, PCF brings dynamic, predictive consumer-behavior-based pricing to the retail fuel industry providing a fully automated pricing decision system capable of achieving location-specific objectives optimally within any given corporate constraints. By applying self-learning capabilities, PCF continuously assures the highest accuracy prediction in an ever-changing market.

Read More

VMWARE

Anthony Keller of Liquidware Receives Coveted 2022 CRN Channel Chief Recognition

Liquidware | February 08, 2022

Liquidware, the leader in digital workspace management, announced that CRN, a brand of The Channel Company, has named Anthony Keller, Director, US Channels, Liquidware, to its 2022 Channel Chiefs list. CRN's annual Channel Chiefs project identifies top IT channel vendor executives who continually demonstrate expertise, influence and innovation in channel leadership. A panel of CRN editors selected the honorees for their channel dedication, industry stature and accomplishments as channel advocates. The 2022 Channel Chiefs are influential leaders who continue to shape the IT channel with innovative strategies, programs and partnerships. Having been a previous recipient of this accolade, I am delighted that Anthony's efforts in reinvigorating our channel and his leadership have been recognized. For 2022, we will accelerate our 'channel first' strategy to help further expand our existing Enterprise focus. This recognition for Anthony signals Liquidware's enhanced focus on deep relationships with leading "trusted advisor" channel organizations." Chris Akerberg, President and COO, Liquidware During 2021, Anthony and his channel team achieved the following results: Increased active channel partners by 30% Average deal size through the channel grew by 70% Registered deal pipeline grew by 18% License sales through the channel increased 28% year-on-year Anthony holds an MBA from St. John's University, graduating in the top 10 percent of his class. Starting his career at AppSense, Anthony moved to VMware to build and scale the newly created VMware Cloud Provider Program working closes with MSPs. During his six years at VMware he was part of a team that grew the SaaS business 30%+ year-on-year. Being focused on the EUC space throughout his career, joining Liquidware to build and scale their channel program was a natural career progression. XenTegra is a Liquidware Center of Excellence and Acceler8 partner, their CEO Andy Whiteside commented, "Partnering with Liquidware is a pleasure for the team at XenTegra. Their solutions solve problems that our Digital Workspace focused company needs to help our customers. They understand how VARs work and communicate with us weekly to drive solution oriented outcomes for the customers we both serve." "CRN's 2022 Channel Chiefs recognition is given exclusively to the foremost channel executives who consistently design, promote, and execute effective partner programs and strategies," said Blaine Raddon, CEO of The Channel Company. "We're thrilled to recognize the tireless work and unwavering commitment these honorees put into fostering outstanding business innovation and building strong partner programs to drive channel engagement and success." About Liquidware Liquidware is a leader in digital workspace management solutions for Windows workspaces. The company's products encompass all facets of management to ensure the ultimate user experience across all workspaces – physical, virtual, DaaS or in the cloud. Enterprises across the globe utilize Liquidware solutions to dramatically decrease time spent managing workspaces, while delivering increased security, flexibility and scalability. Supported platforms include Microsoft physical, Azure Virtual Desktop (AVD), and RDS desktops, Citrix Virtual Apps and Desktops, VMware Horizon, Amazon WorkSpaces, and Nutanix Frame. Liquidware products are available through a global network of partners. About The Channel Company The Channel Company enables breakthrough IT channel performance with our dominant media, engaging events, expert consulting and education, and innovative marketing services and platforms. As the channel catalyst, we connect and empower technology suppliers, solution providers, and end users. Backed by more than 30 years of unequaled channel experience, we draw from our deep knowledge to envision innovative new solutions for ever-evolving challenges in the technology marketplace.

Read More

VIRTUAL DESKTOP TOOLS

GoodAccess Offers Protection Against Online Threats With its Built-in Threat Blocker Feature

GoodAccess | March 09, 2022

GoodAccess, an anytime-anywhere zero-trust remote access company, has added the Threat Blocker feature to its platform. Threat Blocker enables businesses to provide network security on the public internet and protect remote employees from dangerous domains, phishing attempts, malware and network attacks. Threat Blocker is a native feature of the GoodAccess platform and is automatically enabled for all customers with no additional setup required. It uses several threat intelligence feeds to identify and block connections with malicious domains in real-time (so-called DNS filtering). The feeds are constantly updated with the latest information on malicious domains, so businesses can be confident that their employees are protected from the newest threats. Threat Blocker is an important addition to the security features of our platform. When phishing, ransomware, and other online adversary techniques are still at large, GoodAccess Threat Blocker will help businesses to elevate their security posture against them and reduce the attack surface introduced by remote work." Artur Kane, CMO at GoodAccess For monitoring and compliance reasons, employees' access to harmful websites and content is tracked and logged. Also, GoodAccess users can define their custom domain blacklists (denylists) to strengthen their security controls. The new feature helps businesses to: prevent employees from accessing malicious websites and keep their data safe and secure, block malware before infiltrating business network and launching larger attacks (advanced persistent threats, APT), detect and block connections with C&C botnet networks, prevent ransomware attacks to keep data safe and systems up and running, prevent unauthorized access to the business network as a result of successful phishing and identity theft, reduce the risk of sensitive business data exposure. GoodAcces cloud VPN with zero-trust network access controls streamlines the way organizations handle remote networking and mitigates security risks introduced by distributed workforce, constant mobility and decentralized IT. Since 2020, GoodAccess has earned the trust of more than 1000 business customers from 120 countries worldwide.

Read More

VMWARE

CISA recommends VMware, F5 patches. Liquidity mining fraud. Strapi issues patched. TDI clarifies data incident.

CISA | May 20, 2022

VMware yesterday addressed issues in several of its products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, and vRealize Suite Lifecycle Manager. That these are more significant than the ordinary run of patches may be seen by the way the US Cybersecurity and Infrastructure Security Agency (CISA) has discussed them. Alert (AA22-138B), "Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control" warns that "malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and CVE-2022-22960 separately and in combination." The Alert adds, "CISA expects malicious cyber actors to quickly develop a capability to exploit newly released vulnerabilities CVE-2022-22972 and CVE-2022-22973 in the same impacted VMware products. In response, CISA has released, Emergency Directive (ED) 22-03 Mitigate VMware Vulnerabilities, which requires emergency action from Federal Civilian Executive Branch agencies to either immediately implement the updates in VMware Security Advisory VMSA-2022-0014 or remove the affected software from their network until the updates can be applied." US Federal civilian agencies have until next Monday to identify and remediate the issues, and they're required to report completion no later than Tuesday. Fraudulent liquidity mining. Sophos describes the way the threat of fraudulent liquidity mining is shaping up in decentralized finance systems. "Legitimate liquidity mining exists to make it possible for decentralized finance (DeFi) networks to automatically process digital currency trades," Sophos explains, and criminals are using social engineering to abuse such systems to defraud cryptocurrency investors of their holdings. More loosely regulated than conventional cryptocurrency exchanges, which use market makers and seek to ensure that sufficient reserves are on hand to back trades, DeFi exchanges use Automated Market Makers (AMMs). Sophos explains that "Smart contracts built into the DeFi network have to rapidly determine the relative value of the currencies being exchanged and execute the trade. Since there is no centralized pool of crypto for these distributed exchanges to pull from to complete trades, they rely on crowdsourcing to provide the pool of cryptocurrency capital required to complete a trade—a liquidity pool." Liquidity pool tokens, ("LP tokens") are used to represent the portion of the liquidity pool an investor contributed. But unethical DeFi operators can cancel the tokens (or simply not create a pool to back them in the first place), and this, Sophos observes, offers "ample opportunity for digital Ponzi schemes, fraudulent tokens, and flat-out theft." CMS vulnerabilities disclosed and patched. The Synopsys Cybersecurity Research Center (CyRC) has identified two vulnerabilities in Strapi. Strapi is an open-source headless content management system (CMS) Javascript software that enables developers to quickly design and build content-rich APIs. Both vulnerabilities involve authenticated users with access to the Strapi admin panel having access to private and sensitive data, such as email and password reset tokens. The first vulnerability allows for the authenticated user to view private and sensitive data for other admin panel users that have a relationship with content accessible to the authenticated user. The second vulnerability allows for the authenticated user to view private and sensitive data for API users if content types accessible to the authenticated user contains relationships to API users. The vulnerabilities are fixed in newer, updated versions of Strapi, and Synopsys has commended Strapi for its quick response to the discovery. Texas Department of Insurance clarifies facts surrounding its data incident. The Texas Department of Insurance (TDI) has sent around a fact sheet that clarifies a data incident the agency sustained earlier this year: "In January 2022, TDI found the issue was due to a programming code error that allowed internet access to a protected area of the application. TDI promptly disconnected the web application from the internet. After correcting the programming code, TDI placed the web application back online. The forensic investigation could not conclusively rule out that certain information on the web application was accessed outside of TDI. This does not mean all the information was viewed by people outside TDI. Because we couldn't rule out access, we took steps to notify those who may have been affected." While data could have been accessed by unauthorized personnel, TDI has investigated and found that, "There is no evidence to date that there was a misuse of information."

Read More

Spotlight

Traditional Tour Operators and OTAs may merge to become the ultimate travel seller. From handling complex trips to servicing with new generation travel stores, Digital Tour Operators could provide a great mix of digital and human interaction to create a truly, personalised travel experience.

Resources