RedSeal Shows How To Build Digital Resilience Against Recent Vulnerabilities Identified In Juniper NetScreen Firewall Devices

RedSeal cybersecurity analytics platform helps organizations quickly understand and improve their security posture through network segmentation

SUNNYVALE, Calif.- DECEMBER 30, 2015—RedSeal (, the cybersecurity analytics company, today announced how organizations can use the RedSeal analytics platform to respond quickly and build digital resilience into network infrastructures affected by vulnerabilities identified in Juniper NetScreen Firewalls. The process, explained in a simple to follow video, shows how to quickly drill into a network topology with RedSeal analytics and create a detailed visual path of where and how many Juniper NetScreen devices are exposed to the internet, making them vulnerable to attack from untrusted sources. It also shows how to build and publish an inventory of devices at risk to the vulnerabilities from Juniper ScreenOS.

By calculating all of the access paths across a network, RedSeal can quickly show where affected devices are exposed to the internet. By visually illustrating network paths, RedSeal analytics enables the critical but difficult to implement process of network segmentation. RedSeal defines the steps to bring exposed devices into a secure network management zone – the only place within a network where anything should be allowed to talk to a firewall – thus rendering any unauthorized access code in a Juniper NetScreen device useless. Once this code is rendered useless through fully secure network segmentation, organizations can quickly prioritize and deploy the system upgrades and patches issued by Juniper.

“Juniper NetScreen Firewalls have a large and widespread penetration in US organizations. The ability to find device connections and paths to untrusted sources in minutes rather than weeks, or ever, is critical,” said Ray Rothrock, Chairman and CEO of RedSeal. “This is a classic example of how once trusted devices suddenly become a risk to the enterprise. Because one never knows when these sorts of vulnerabilities reveal themselves, having a resilient network is imperative to staying in business. RedSeal’s ability to ascertain the network, the security of the devices on the network and how it’s all architected is essential to anyone who runs a modern organization.”

About RedSeal (
RedSeal provides a cybersecurity analytics platform to Global 2000 organizations that helps maximize digital resilience against cyber events. RedSeal’s advanced analytics engine creates functioning network modelstests networks to identify security risks, prioritizes needed actions, and provides critical information to quickly remediate issues. The result: measurable reduced cybersecurity risk and lower incident response and maintenance costs. With operations in North America, Europe, and Asia, RedSeal customers include leaders in finance, retail, technology, utilities, service providers, and government, all served by RedSeal’s channel partner network.

Visit or call 1-888.845.8169 for more information.

– end –

RedSeal and the RedSeal logo are trademarks of RedSeal, Inc. All other names and trademarks are the property of their respective owners.

Press Inquiries:
Michelle Sieling
Finn Partners/Horn Group
+1 (415) 905-4013

CEO Ray Rothrock on The Cybersecurity Domino Effect

Infosecurity Magazine | Dec 30, 2015

Almost 400 years ago, the English cleric and poet John Donne penned these immortal words: “No man is an island, entire of itself; every man is a piece of the continent, a part of the main.”

Sublime as that sentiment certainly is, it also describes the cold reality of today’s business environment—our large, dynamic and complex networks are all interconnected, and all interdependent.

This is why we now see numerous high-profile stories about a breach of one company’s network causing serious problems for others in its supply chain. Strap yourselves in: unless we work hard to make things much better, they’re going to get much worse.

RedSeal 2016 Predictions: What 2016 Holds for Cybersecurity

VMBlog | Dec 23, 2015

2015 could have been just another year of data breaches and flawed cyberdefense, but it’s also been a year when cybersecurity conversations have become more prevalent in the boardroom. Business leaders are getting a better understanding of the significance cybersecurity has to the overall wellbeing of their organizations. A lot of work is yet to be done to bridge the cybersecurity awareness gap between IT pros and the C-suite, but after reflecting on what we’ve learned this past year, here are some things we expect to see in 2016:

2015 Alamo AFCEA Chapter Event (ACE) Speakers Focus on Solving Root Causes of Cybersecurity

For the third time in a row, I flew down to Texas at the end of the year.

The reason? To attend the important Alamo ACE event presented by the local San Antonio AFCEA chapter. With multiple sessions over three days covering primarily cybersecurity and ISR, the event draws 1500 military and industry leaders.

My takeaway? RedSeal’s cybersecurity analytics platform and approach to proactive digital resilience was validated by a series of senior leaders on the front lines of protecting our nation’s most high value assets. Each of them is shifting focus to solving the root causes of cyber insecurity, rather than deploying a patchwork of tools. They realize that:

  • End users can’t manage their own security
  • A global black market has resulted in low prices for hacking toolsets
  • Commercial IT has a multitude of defects that create cyber risk

These military leaders equate mission assurance with security. This means:

  • The network must be survivable against all attacks and available 24×7
  • Users can have different authorizations for data access.
  • The DoD’s cyber supply chain interdependencies must be equally protected or the entire mission is at risk.

The first session I attended featured Steve Brown, the Vice President of Operations and Cyber Intelligence Center in the Global Cyber Security organization at Hewlett Packard. A former Navy and Wells Fargo senior security leader, Steve saw three big similarities across military and commercial organizations:

  1. The same critical data targets across DoD and commercial
  2. The same end user issues
  3. The same need to balance reward with risk

What keeps Steve up at night? Globally, 30 billion cyber events per day and 1.4M on his networks! Steve works to make cyber investments about risk and reward. For example, to shorten time lag between attack and response he split up his Red Team and created a Cyber Hunting team. Gathering and sharing intel wherever he can to see risk earlier and proactively take action.

On the same panel was Lt. Gen. (retired) Michael J. Basla now Senior Vice President of Advanced Solutions for L-3 National Security Solutions (L-3 NSS) and former CIO of the US Air Force. According to him, the key challenges for US cybersecurity are:

  • No matter how well secured we are, they will get to us. Plan for it.
  • Focus on access rather than security
  • We must find successful hacks faster
  • We need to not only have a map of our digital infrastructure, but also know the terrain — including sections in the Cloud.

Later on, I sat in on a session featuring Maj. Gen. Burke E. “Ed” Wilson. He is the Commander, 24th Air Force and Commander, Air Forces Cyber, Joint Base San Antonio-Lackland, Texas.

Gen. Wilson gave a quick overview of the US Air Force’s cyber terrain, including an emphasis on securing their network, base infrastructure and weapons systems. This is a change from the past when the USAF was focused primarily on network defense. Now they also focus on base infrastructure and weapons systems. They struggle with how to provide mission assurance from cyber risk.

On the flight home, reflecting on this conference, I realized the DOD cyber security conversation has changed dramatically. The past focus on audit and inspections has given way to a realization that networks are critical to national security. They deliver the mission. Our military leaders understand the cyber threat to their missions and are now putting their focus behind creating the strongest possible defense.

Our Cybersecurity Problem Is A Lack Of Working Safe Harbor Rules

Forbes | Dec 21, 2015

Contributed byline by RedSeal CEO, Ray Rothrock

Women in Business Q&A: Roberta Gray, VP Product Marketing, RedSeal

Huffington Post | Dec 19, 2015

Question & answer with Roberta Gray, VP Product Marketing at RedSeal

2015 Security Predictions

TechZone360 | Dec 17, 2014

2014: The year of the data breach. Although technically the trend started with the massive credit card heist at Target last holiday season, 2014 really saw the perfection of the art, with big hits at Home Depot, Sally Beauty, Michael’s, and yes, the celebrity iCloud photo leak. As bad as it’s been, 2015 will see no slowdown in incidents.

“The subtlety and length of the breaches that are publicly disclosed indicate the underlying goals to be moving away from the ‘smash and grab’ of credit card number thefts towards more systemic damage possible by simply waiting for information and continuing to probe for more content,” said Steve Hultquist.

Cyber Concerns Dominate 2015 AFCEA TechNet Asia Pacific

by Derek Heese, RedSeal’s director, Department of Defense RedSeal

I recently returned from Hawaii where I attended the AFCEA TechNet Asia Pacific trade show for the fifth time in a row. It’s always a good opportunity to hit a couple of birds with one stone: meet with some customers, develop relationships with new prospects and hear which issues and initiatives are getting the highest attention.

It wasn’t a surprise given the events of the past few years, but I was pleased to hear the deputy commander of the Pacific fleet, Rear Admiral Phillip G. Sawyer say, “If you’re not resilient in communications, you’re not relevant.” Of course, this applies to the traditional communications infrastructure as well as to cyber security.

As another speaker, Maj. Gen. Dave Bryan, USA (Ret.), pointed out, “We’re at war in cyberspace, and this has been a hard lesson to learn.” He added that the threat lies not to network access or to the network itself, but to the data. “It’s the database, stupid,” he said. “Look for the technologies coming out that protect the database.”

Adm. Dick Macke, USN (Ret.), former commander, U.S. Pacific Command, offered deductive reasoning to set a high priority for cyberspace. “Cyber equals C2 [command and control], C2 equals victory. Therefore, victory needs cyber,” he stated. Adm. Macke called for the ability to beat the enemy at its own game. “We’re going to be attacked, and we are going to lose some part of our C2,” he warned. “I’m a warfighter, and I want rules of engagement that allow me to attack [cyber] before I have to defend.”

Needless to say, we had a steady stream of visitors drop by our booth, mostly new prospects, asking how RedSeal could provide solutions to their various problems. Network mapping. Vulnerability identification.  Automating security controls. As one Navy officer said, “If you have to do it more than twice, automate it.”

I agreed. And we scheduled a demo of RedSeal for his team this week.