Click here to close now.


News Feed Item

Forum Systems Achieves Industry-First International Security Certification

-- Setting a New Bar in Cloud Security, Forum Sentry is the Only API Gateway to Attain Network Device Protection Profile Compliance

BOSTON, Aug. 13, 2014 /PRNewswire/ -- Forum Systems Inc. today announced that Forum Sentry is the world's first API Gateway to achieve Network Device Protection Profile (NDPP) compliance.

In order to facilitate NDPP conformance, Forum Systems pursued a rigorous certification program with Corsec Security, Inc., the largest independent validation consultant in the security industry. The NDPP compliant designation builds on Forum Sentry's FIPS 140-2 certification foundation, reaffirming Forum Systems' commitment to delivering industry-leading API and cloud security gateway technology for protecting XML-, JSON-, SOAP- and HTML-traversing cloud, mobile and enterprise infrastructure traffic.

Although Common Criteria Evaluation Assurance Level 4 (EAL 4) has become the de facto standard for evaluation, the generic EAL 4 requirements may not be relevant, achievable and repeatable in all cases. The creation of technology-specific Protection Profiles with their own set of security assurance requirements can offer more targeted assurance with achievable, repeatable and testable requirements. Protection Profile compliance can require assurances and testing more rigorous than standardized EALs. In cooperation with other countries, the United States has initiated an evaluation paradigm where achieving success for certain IT products requires a transition to Protection Profile compliance and a move away from EALs.

Now "PP Compliant," Forum Sentry is the industry's only FIPS 140-2 NDPP-certified API Gateway for enabling secure connectivity between users, applications and the cloud. The first Layer 4-7 device to achieve NDPP security certification, it holds the industry's only patent for cryptographic acceleration of security processing.

"Improving cloud security is a massive challenge – but also represents a multibillion-dollar global opportunity for companies dedicated to delivering new, powerful and innovative solutions. Last summer, the Information Technology & Innovation Foundation forecasted that U.S. cloud computing providers could lose up to $35 billion in sales through 2016 based on escalating customer privacy and security concerns," said Mamoon Yunus, CEO of Forum Systems. "Entropy for random number generation is the cornerstone of strong cryptography. And Forum Sentry offers the highest level entropy coupled with hardened key protection to provide security assurance to those enterprise organizations hesitant to migrate to the cloud. We are excited to partner with Corsec to showcase Forum Sentry – the most hardened platform that delivers the industry's strongest cryptography."

"We have worked with Forum Systems for more than 10 years, making the rigorous security validation process easier, faster and more efficient so that Forum could focus on its core business objective – continuing to deliver strategic solutions to its customers," said Matthew Appler, CEO of Corsec. "We are pleased to team with Forum Systems to help this innovative company achieve NDPP certification and validate Forum Sentry's cryptographic capabilities in an evaluation that focused on technology-specific, tailored assurance requirements."

Processing and securing more than 10 billion transactions per day worldwide, Forum Sentry significantly reduces the cost and complexity of centralizing security, identity and governance for hundreds of global organizations, including some of the world's largest federal agencies. With the industry's most comprehensive built-in support for data formats and communication protocols, Forum Sentry enables companies to rapidly integrate internal SOA and external RESTful systems.

Last fall, Forum Systems significantly enhanced Forum Sentry with features including intelligent edge caching for network optimization, Amazon S3 integration for secure enterprise-to-cloud storage and expanded OAuth 2.0 support to simplify mobile SSO. Forum Sentry remains the industry's only FIPS 140-2 secured edge caching solution that provides tight integration with all enterprise-class identity stores to satisfy mobile users' demand for anytime, anywhere access while ensuring the highest levels of network security.

Additional Resources

About Corsec
Corsec is the world's leading certification solution. Corsec's 15-year track record includes more than one million hours of validation services delivered, more than 350 completed certifications, and hundreds of clients on five continents. For more information, visit

About Forum Systems
Forum Systems, a wholly owned subsidiary of Crosscheck Networks, Inc., is the innovation leader in API and cloud gateway technology. The industry's most comprehensive solution for centralized security, identity and governance for SOA, REST and mobile communications, Forum Sentry enables comprehensive threat mitigation and trust enablement, providing enterprises and government organizations worldwide with the foundation for achieving Secure Service Mediation. Processing more than 10 billion transactions per day worldwide, the NDPP-, FIPS- and DoD-certified Forum Sentry API Security Gateway delivers unparalleled protection against HTML-, XML-, SOAP- and REST-based vulnerabilities. Notably, Forum Systems products provide simplified integration and task processing with over 100 built-in, standards-based processing tasks. For more information, please visit

All product and company names herein may be trademarks of their respective owners.

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
In his General Session at DevOps Summit, Asaf Yigal, Co-Founder & VP of Product at, explored the value of Kibana 4 for log analysis and provided a hands-on tutorial on how to set up Kibana 4 and get the most out of Apache log files. He examined three use cases: IT operations, business intelligence, and security and compliance. Asaf Yigal is co-founder and VP of Product at log analytics software company In the past, he was co-founder of social-trading platform Currensee, which...
PubNub has announced the release of BLOCKS, a set of customizable microservices that give developers a simple way to add code and deploy features for realtime apps.PubNub BLOCKS executes business logic directly on the data streaming through PubNub’s network without splitting it off to an intermediary server controlled by the customer. This revolutionary approach streamlines app development, reduces endpoint-to-endpoint latency, and allows apps to better leverage the enormous scalability of PubNu...
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Day 2 Keynote at 17th Cloud Expo, San...
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true ...
Microservices are a very exciting architectural approach that many organizations are looking to as a way to accelerate innovation. Microservices promise to allow teams to move away from monolithic "ball of mud" systems, but the reality is that, in the vast majority of organizations, different projects and technologies will continue to be developed at different speeds. How to handle the dependencies between these disparate systems with different iteration cycles? Consider the "canoncial problem"...
Culture is the most important ingredient of DevOps. The challenge for most organizations is defining and communicating a vision of beneficial DevOps culture for their organizations, and then facilitating the changes needed to achieve that. Often this comes down to an ability to provide true leadership. As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership ab...
I recently attended and was a speaker at the 4th International Internet of @ThingsExpo at the Santa Clara Convention Center. I also had the opportunity to attend this event last year and I wrote a blog from that show talking about how the “Enterprise Impact of IoT” was a key theme of last year’s show. I was curious to see if the same theme would still resonate 365 days later and what, if any, changes I would see in the content presented.
Apps and devices shouldn't stop working when there's limited or no network connectivity. Learn how to bring data stored in a cloud database to the edge of the network (and back again) whenever an Internet connection is available. In his session at 17th Cloud Expo, Ben Perlmutter, a Sales Engineer with IBM Cloudant, demonstrated techniques for replicating cloud databases with devices in order to build offline-first mobile or Internet of Things (IoT) apps that can provide a better, faster user e...
Container technology is shaping the future of DevOps and it’s also changing the way organizations think about application development. With the rise of mobile applications in the enterprise, businesses are abandoning year-long development cycles and embracing technologies that enable rapid development and continuous deployment of apps. In his session at DevOps Summit, Kurt Collins, Developer Evangelist at, examined how Docker has evolved into a highly effective tool for application del...
In recent years, at least 40% of companies using cloud applications have experienced data loss. One of the best prevention against cloud data loss is backing up your cloud data. In his General Session at 17th Cloud Expo, Sam McIntyre, Partner Enablement Specialist at eFolder, presented how organizations can use eFolder Cloudfinder to automate backups of cloud application data. He also demonstrated how easy it is to search and restore cloud application data using Cloudfinder.
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York and Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty ...
Internet of @ThingsExpo, taking place June 7-9, 2016 at Javits Center, New York City and Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 18th International @CloudExpo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo New York Call for Papers is now open.
The cloud. Like a comic book superhero, there seems to be no problem it can’t fix or cost it can’t slash. Yet making the transition is not always easy and production environments are still largely on premise. Taking some practical and sensible steps to reduce risk can also help provide a basis for a successful cloud transition. A plethora of surveys from the likes of IDG and Gartner show that more than 70 percent of enterprises have deployed at least one or more cloud application or workload. Y...
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical...
As organizations shift towards IT-as-a-service models, the need for managing & protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection & E-Discovery of your data - whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise.