SSH has something new for you: CryptoAuditor

The newest way to protect and to maintain your environment from the people who brought you SSH: Crypto Auditor.
Written by Ken Hess, Contributor

Secure Shell (SSH) is the TCP/IP protocol. SSH Communications Security (SSHCS) is the company that brought it to you. And, Black Hat USA 2012 you can learn more. But, I'll give you a teaser for it here just in case you can't make it to Black Hat 2012 in Las Vegas this year. As SSHCS succinctly puts it, "CryptoAuditor prevents data loss with inline, on-the-fly and invisible DLP and audit capabilities for encrypted secure shell traffic."

A little background on SSHCS:

  • They invented the SSH protocol.
  • They have more than 3,000 customers worldwide
  • 7 of the Fortune 10 are their customers
  • They deliver a platform-based approach to SSH deployment
  • They provide a centralized management platform for SSH


The Press Release issued at Black Hat USA 2012 today:

LAS VEGAS, NV– (Black Hat 2012 Booth #536) – July 25, 2012 –SSH Communications Security, known the world over as the inventor of the SSH protocol, today announced the launch of its CryptoAuditor™ solution at the Black Hat USA 2012 conference. The new offering helps prevents data loss across encrypted secure shell, RDP and SFTP traffic with inline, real-time and transparent audit capabilities for financial service providers, retailers and other enterprises transmitting sensitive information. CryptoAuditor is the second module released this year as part of the company’s Information Assurance Platform.

“We launched the Universal SSH Key Manager module earlier this year at RSA and we have received an excellent response from our customers since then,” said Matthew McKenna, SSH vice president of sales and marketing. “With the launch of CryptoAuditor, SSH provides the next logical extension to our platform, a fully transparent, centralized privileged access auditing solution, delivering strong data-in-transit security that requires no changes to existing network architecture.”

The Universal SSH Key Manager module and the CryptoAuditor module integrate smoothly into existing enterprise security solutions – including DLP and SIEM – providing deeper audit and forensics capabilities into encrypted traffic.

Both modules employ sophisticated key management capabilities, including group-based access controls and automatic key discovery, deployment and removal. This critical link between the two modules allows for fully transparent inline deployments, providing strong security, minimal system latency, operating cost reduction and the ability to deploy a single-sign-on effect throughout the entire enterprise.

“Our platform’s key management capabilities provide controls over who can gain access to what information in your secure shell environment,” said Jason Thompson, SSH director of global marketing. “By combining our key management capabilities with CryptoAuditor, organizations will see immediate ROI by solving issues surrounding auditing, control and key management.”

CryptoAuditor Key Facts:

• Inline deployment capabilities eliminate costly and time-consuming workarounds and processes required by first-generation solutions
• Reduces the risk from advanced external threats by controlling and monitoring information as it moves across the environment, preventing data loss with an internal policy engine and DLP/SIEM integration capabilities
• Delivers immediate control and accountability over privileged access users, closing a significant security gaps in information security architecture
• A minimally invasive approach that captures a broad array of traffic across all needed audit points while remaining transparent to administrators
• Designed to easily deploy across distributed architecture, making management easy through a one-console approach

SSHCS is the leader in secure communications and management of those secure communications. CryptoAuditor is just another feature in a very long list of features and essential utilities from the people who brought you the best open source software* since the Linux kernel.

Could you live without SSH or its associated utilities? How would you secure your point-to-point communications without it? Talk back and let me know.

*The original SSH programmed by Tatu Ylönen was free and was used by the OpenSSH project.

See Also:

SSH Key Management for Businesses

The Linux shell will always be with us

Editorial standards