Latest news with #CRYSTALS-Kyber
Time Business News
7 days ago
- Business
- Time Business News
Next-Gen Security Protocols for High-Stakes Web Applications
Data breaches aren't just IT problems. They're business risks that can sink brands overnight. High-stakes web applications, whether they handle financial transactions, healthcare records, or mission-critical analytics, have become primary targets for increasingly sophisticated cyber threats. For businesses investing in web application development services, security is no longer an add-on; it's a foundational requirement that shapes architecture, deployment, and ongoing operations. This article examines the next-generation security protocols that are redefining how web applications are built and protected, with a focus on the standards, technologies, and strategies that actually hold up against modern threats. Traditional security models relied on perimeter defenses — firewalls, basic SSL encryption, and signature-based malware detection. These methods are no match for advanced persistent threats (APTs), zero-day exploits, or coordinated botnet attacks that can adapt in real time. Next-generation protocols approach security as a dynamic, embedded process within every layer of a web application. This means: Security is integrated at the development stage, not bolted on after launch. Continuous monitoring and automated response systems reduce detection-to-mitigation times from days to seconds. Authentication and encryption methods adapt to user context, device type, and threat intelligence feeds in real time. The result: an application that can anticipate, detect, and counter threats without sacrificing performance. Zero Trust shifts the mindset from 'keep the bad guys out' to 'never trust, always verify.' In practice, this means: Micro-segmentation: Breaking the application into isolated components so that a breach in one area can't spread laterally. Breaking the application into isolated components so that a breach in one area can't spread laterally. Contextual Access Control: Users and services are granted the minimum privileges needed for their role, and permissions are continually reassessed. Users and services are granted the needed for their role, and permissions are continually reassessed. Continuous Verification: Every request, even from authenticated users, is verified against multiple factors, including behavioral patterns and device health. For high-stakes web apps, ZTA isn't optional; it's the baseline for mitigating insider threats and sophisticated external attacks. While TLS 1.3 is still a must-have for data in transit, modern protocols push encryption deeper: Post-Quantum Cryptography (PQC): With quantum computing on the horizon, algorithms like CRYSTALS-Kyber and Dilithium are being tested to protect against quantum-level decryption. With quantum computing on the horizon, algorithms like CRYSTALS-Kyber and Dilithium are being tested to protect against quantum-level decryption. Encrypted Data at Rest with Key Isolation: Sensitive data is encrypted in storage, and encryption keys are stored in hardware security modules (HSMs) separate from application servers. Sensitive data is encrypted in storage, and encryption keys are stored in hardware security modules (HSMs) separate from application servers. Client-Side Encryption for High-Sensitivity Transactions: Data is encrypted before it leaves the user's device, ensuring that even the server hosting the application never sees it in plain text. Static security rules can't keep up with the fluid tactics of modern attackers. AI-driven systems now monitor traffic patterns, detect anomalies, and initiate responses autonomously. Key advances include: Behavioral Analytics: Detects subtle deviations from normal usage — a sign of credential theft or session hijacking. Detects subtle deviations from normal usage — a sign of credential theft or session hijacking. Automated Containment: AI can isolate suspicious sessions or devices instantly without human intervention. AI can isolate suspicious sessions or devices instantly without human intervention. Adaptive Learning Models: The longer the system runs, the more accurate its threat detection becomes. For enterprises, this translates into fewer false positives and faster mitigation, critical for protecting applications that process millions in transactions daily. Modern web apps are API-driven. This creates both opportunities and vulnerabilities. Unprotected APIs can be entry points for attackers. Next-gen API security focuses on: Strict Authentication: Using mutual TLS or OAuth 2.1 with short-lived tokens. Using mutual TLS or OAuth 2.1 with short-lived tokens. Schema Validation: Rejecting requests that don't match pre-defined formats to prevent injection attacks. Rejecting requests that don't match pre-defined formats to prevent injection attacks. Rate Limiting and Throttling: Preventing abuse through automated request caps. Preventing abuse through automated request caps. Service Mesh Integration: Managing microservice-to-microservice communication with encrypted channels and service identity verification. Stolen credentials remain one of the top causes of breaches. High-stakes web apps now move toward passwordless authentication: Biometric Verification: Face, fingerprint, or voice recognition tied to device-bound credentials. Face, fingerprint, or voice recognition tied to device-bound credentials. FIDO2/WebAuthn Standards: Hardware keys or secure enclave chips store credentials locally, never exposing them online. Hardware keys or secure enclave chips store credentials locally, never exposing them online. Context-Aware MFA: Triggers secondary verification only in high-risk contexts, improving usability without reducing security. Industries like finance and healthcare operate under strict regulatory requirements. Falling out of compliance can mean multimillion-dollar fines. Next-gen compliance strategies use: Automated Policy Enforcement: Embedding regulatory checks into deployment pipelines. Embedding regulatory checks into deployment pipelines. Audit-Ready Logging: Immutable logs stored in blockchain-like structures for transparency. Immutable logs stored in blockchain-like structures for transparency. Real-Time Compliance Dashboards: Immediate visibility into whether the application meets standards like GDPR, HIPAA, or PCI DSS. Reactive fixes are expensive and risky. High-performing teams now test aggressively before vulnerabilities reach production: DevSecOps Integration: Security checks run alongside unit and integration tests. Security checks run alongside unit and integration tests. Dynamic Application Security Testing (DAST): Simulates real-world attacks against running applications. Simulates real-world attacks against running applications. Bug Bounty Programs: Ethical hackers are incentivized to find weaknesses before criminals do. Many of the top web app development companies now offer integrated penetration testing as part of their build process, shortening the gap between development and secure deployment. A leading digital payments platform integrated AI-powered fraud detection into its transaction pipeline. By analyzing 200+ parameters per transaction in under 100 milliseconds, the system reduced fraudulent chargebacks by 74% within the first quarter. A telehealth provider adopted client-side encryption and FIDO2 authentication. Even if backend servers were compromised, patient records remained encrypted and inaccessible without local device keys. A B2B analytics provider implemented strict API schema validation and mutual TLS between microservices. This eliminated 95% of attempted injection attacks within the first month. Technology alone doesn't make a high-stakes app secure. People and processes complete the equation. The most secure web apps share a few cultural traits: Security Training for All Developers: Engineers understand the 'why' behind security protocols, not just the 'how.' Engineers understand the 'why' behind security protocols, not just the 'how.' Cross-Team Collaboration: Dev, security, and operations teams share ownership of security outcomes. Dev, security, and operations teams share ownership of security outcomes. Ongoing Threat Intelligence Updates: The security stack evolves based on real-world attack data, not guesswork. In high-stakes environments, next-gen security protocols aren't just about compliance — they're about competitive advantage. An application that can maintain speed, usability, and airtight protection builds trust with users and investors alike. As technology advances, attackers will get smarter. But by integrating Zero Trust principles, advanced encryption, AI-driven monitoring, and continuous compliance into every stage of development, businesses can stay ahead. Security is no longer the gate at the perimeter. It's the engine running inside the application, from the first line of code to the last user interaction. TIME BUSINESS NEWS
Channel Post MEA
13-06-2025
- Business
- Channel Post MEA
Commvault Introduces New Post-Quantum Cryptography Capabilities
Commvault has announced enhancements to its post-quantum cryptography (PQC) capabilities. These advancements are designed to help customers protect their highly sensitive, long-term data from a new generation of imminent but unknown cyber threats, creating an additional layer of support, when needed. Quantum computing uses quantum mechanics to process data and solve complex problems that could take decades with classical computers. However, these advancements bring unprecedented security challenges, along with the potential for threat actors to use quantum computing to decipher and unlock traditional encryption methods. According to the Information Systems Audit and Control Association's (ISACA) Quantum Computing Pulse Poll, 63% of technology and cybersecurity professionals say quantum will increase or shift cybersecurity risks and 50% believe it will present regulatory and compliance challenges. Now is the time to prepare and take action. Commvault has provided support for quantum-resistant encryption standards, like CRYSTALS-Kyber, CRYSTALS-Dilithium, SPHINCS+, and FALCON, as recommended by the National Institute of Standards and Technology (NIST) since August 2024. It was then that Commvault introduced a cryptographic agility (crypto-agility) framework, enabling its customers, via the Commvault Cloud platform, to address rapidly evolving threats without overhauling their systems. With today's announcement, Commvault has built on that framework by adding support for Hamming Quasi-Cyclic (HQC), a new error correcting code-based algorithm designed to defend against threats like 'harvest now, decrypt later' where adversaries are intercepting encrypted network traffic and storing it for a later time when quantum computers are powerful enough to decrypt it. 'The quantum threat isn't theoretical,' said Bill O'Connell, Chief Security Officer at Commvault. 'We were among the first cyber resilience vendors to address post-quantum computing, and by integrating new algorithms like HQC and advancing our crypto-agility framework, we are providing our customers with the tools to navigate this complex landscape with confidence. Our goal is simple and clear: as quantum computing threats emerge, we intend to help our customers keep their data protected.' For industries where long-term data storage is required, like finance and healthcare, Commvault's expanded post-quantum cryptography capabilities provide access to a variety of safeguards that can help fortify network tunnels against quantum-based attacks. With Commvault's Risk Analysis capabilities, customers can discover and classify data to determine where these cryptographic capabilities may be helpful. In addition, Commvault's capabilities are simple to implement, often using a checkbox configuration, making it easy for customers to utilize when needed. The evolving quantum landscape – the need for speed As investments pour into the quantum field, the time to address emerging threats is shrinking. This makes proactive adoption of post-quantum cryptography critical. 'Quantum readiness has become a business imperative, particularly for industries which handle data that remains sensitive for decades. The time when currently encrypted data can be decrypted using quantum technology is closer than many people think,' said Phil Goodwin, Research VP, IDC. 'Commvault's early adoption of quantum-resistant cryptography and commitment to crypto-agility positions it at the forefront among data protection software vendors in proactively addressing quantum threats. Organizations with sensitive, long-term data need to prepare now for a quantum world.' 'Commvault has been an invaluable partner in our journey to enhance cyber resilience. Their leadership in adopting post-quantum cryptography, combined with their crypto-agility framework, is exactly what we need to meet stringent government security mandates and protect highly sensitive information from emerging quantum threats,' said Jeff Day, Deputy Chief Information Security Officer, Nevada Department of Transportation. 'Safeguarding sensitive data is paramount, and the long-term threat of quantum decryption is a significant concern. Commvault's rapid integration of NIST's quantum-resistant standards, particularly HQC, gives us great confidence that our critical information is protected now and well into the future,' said Peter Hands, Chief Information Security Officer, British Medical Association. 'Their commitment to crypto-agility is important for healthcare organizations like ours.' Availability Commvault's post-quantum cryptography capabilities, including support for NIST's HQC algorithm, are immediately available to all Commvault Cloud customers running software version CPR 2024 (11.36) and later, enabling seamless adoption of quantum-resistant protection.
Scoop
10-06-2025
- Business
- Scoop
Commvault Boosts Quantum-Safe Encryption To Tackle Emerging Cyber Risks
Quantum computing will change everything we know about encryption and cyber defence, said Bill OConnell, Commvaults CSO. Our goal is to stay ahead of these shifts, giving customers the tools they need before threats materialize. Commvault has expanded its quantum-safe encryption toolkit, becoming one of the first major cyber resilience vendors to support the Hamming Quasi-Cyclic (HQC) algorithm—part of its broader strategy to protect against next-generation threats enabled by quantum computing. The company announced today that its Commvault Cloud platform now supports HQC, a NIST-recommended algorithm designed to address 'harvest now, decrypt later' risks. These involve adversaries capturing encrypted data today to decode it in the future, once quantum computing reaches sufficient maturity. 'Quantum computing will change everything we know about encryption and cyber defence,' said Bill O'Connell, Commvault's CSO. 'Our goal is to stay ahead of these shifts, giving customers the tools they need before threats materialize.' Commvault's commitment to post-quantum cryptography dates back to August 2024, when it introduced a crypto-agility framework and support for standards like CRYSTALS-Kyber and SPHINCS+. With today's additions, the company continues to set the pace in an increasingly urgent race. The update is especially relevant for sectors like healthcare and finance, where data must be protected for decades. Commvault's Risk Analysis tools help organizations pinpoint which data sets could benefit from quantum-safe encryption, making the transition easier through a simple checkbox interface. 'Quantum readiness has become a business imperative,' said IDC's Phil Goodwin. 'Commvault's leadership in this space positions it as a proactive player in data protection.' The PQC features are immediately available for all Commvault Cloud users on version CPR 2024 (11.36) and above.
Scoop
10-06-2025
- Business
- Scoop
Commvault Boosts Quantum-Safe Encryption To Tackle Emerging Cyber Risks
Commvault has expanded its quantum-safe encryption toolkit, becoming one of the first major cyber resilience vendors to support the Hamming Quasi-Cyclic (HQC) algorithm—part of its broader strategy to protect against next-generation threats enabled by quantum computing. The company announced today that its Commvault Cloud platform now supports HQC, a NIST-recommended algorithm designed to address 'harvest now, decrypt later' risks. These involve adversaries capturing encrypted data today to decode it in the future, once quantum computing reaches sufficient maturity. 'Quantum computing will change everything we know about encryption and cyber defence,' said Bill O'Connell, Commvault's CSO. 'Our goal is to stay ahead of these shifts, giving customers the tools they need before threats materialize.' Commvault's commitment to post-quantum cryptography dates back to August 2024, when it introduced a crypto-agility framework and support for standards like CRYSTALS-Kyber and SPHINCS+. With today's additions, the company continues to set the pace in an increasingly urgent race. The update is especially relevant for sectors like healthcare and finance, where data must be protected for decades. Commvault's Risk Analysis tools help organizations pinpoint which data sets could benefit from quantum-safe encryption, making the transition easier through a simple checkbox interface. 'Quantum readiness has become a business imperative,' said IDC's Phil Goodwin. 'Commvault's leadership in this space positions it as a proactive player in data protection.' The PQC features are immediately available for all Commvault Cloud users on version CPR 2024 (11.36) and above.
Yahoo
09-06-2025
- Business
- Yahoo
Commvault Unveils New Post-Quantum Cryptography Capabilities to Help Customers Protect Data from a New Generation of Security Threats
Expanded support for new encryption standards empowers customers to proactively safeguard long-term sensitive data against 'harvest now, decrypt later' quantum threats TINTON FALLS, N.J., June 9, 2025 /PRNewswire/ -- At a time when quantum computing is rapidly emerging as an entirely new security challenge for organizations and governments around the world, Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud and one of the first cyber resilience vendors to support post-quantum cryptography (PQC), today announced enhancements to its PQC capabilities. These advancements are designed to help customers protect their highly sensitive, long-term data from a new generation of imminent but unknown cyber threats, creating an additional layer of support, when needed. Quantum computing uses quantum mechanics to process data and solve complex problems that could take decades with classical computers. However, these advancements bring unprecedented security challenges, along with the potential for threat actors to use quantum computing to decipher and unlock traditional encryption methods. According to the Information Systems Audit and Control Association's (ISACA) Quantum Computing Pulse Poll, 63% of technology and cybersecurity professionals say quantum will increase or shift cybersecurity risks and 50% believe it will present regulatory and compliance challenges1. Now is the time to prepare and take action. Commvault has provided support for quantum-resistant encryption standards, like CRYSTALS-Kyber, CRYSTALS-Dilithium, SPHINCS+, and FALCON, as recommended by the National Institute of Standards and Technology (NIST) since August 2024. It was then that Commvault introduced a cryptographic agility (crypto-agility) framework, enabling its customers, via the Commvault Cloud platform, to address rapidly evolving threats without overhauling their systems. With today's announcement, Commvault has built on that framework by adding support for Hamming Quasi-Cyclic (HQC), a new error correcting code-based algorithm designed to defend against threats like 'harvest now, decrypt later' where adversaries are intercepting encrypted network traffic and storing it for a later time when quantum computers are powerful enough to decrypt it. "The quantum threat isn't theoretical," said Bill O'Connell, Chief Security Officer at Commvault. "We were among the first cyber resilience vendors to address post-quantum computing, and by integrating new algorithms like HQC and advancing our crypto-agility framework, we are providing our customers with the tools to navigate this complex landscape with confidence. Our goal is simple and clear: as quantum computing threats emerge, we intend to help our customers keep their data protected." For industries where long-term data storage is required, like finance and healthcare, Commvault's expanded post-quantum cryptography capabilities provide access to a variety of safeguards that can help fortify network tunnels against quantum-based attacks. With Commvault's Risk Analysis capabilities, customers can discover and classify data to determine where these cryptographic capabilities may be helpful. In addition, Commvault's capabilities are simple to implement, often using a checkbox configuration, making it easy for customers to utilize when needed. The evolving quantum landscape – the need for speedAs investments pour into the quantum field, the time to address emerging threats is shrinking. This makes proactive adoption of post-quantum cryptography critical. "Quantum readiness has become a business imperative, particularly for industries which handle data that remains sensitive for decades. The time when currently encrypted data can be decrypted using quantum technology is closer than many people think," said Phil Goodwin, Research VP, IDC. "Commvault's early adoption of quantum-resistant cryptography and commitment to crypto-agility positions it at the forefront among data protection software vendors in proactively addressing quantum threats. Organizations with sensitive, long-term data need to prepare now for a quantum world." "Commvault has been an invaluable partner in our journey to enhance cyber resilience. Their leadership in adopting post-quantum cryptography, combined with their crypto-agility framework, is exactly what we need to meet stringent government security mandates and protect highly sensitive information from emerging quantum threats," said Jeff Day, Deputy Chief Information Security Officer, Nevada Department of Transportation. "Safeguarding sensitive data is paramount, and the long-term threat of quantum decryption is a significant concern. Commvault's rapid integration of NIST's quantum-resistant standards, particularly HQC, gives us great confidence that our critical information is protected now and well into the future," said Peter Hands, Chief Information Security Officer, British Medical Association. "Their commitment to crypto-agility is important for healthcare organizations like ours." Availability Commvault's post-quantum cryptography capabilities, including support for NIST's HQC algorithm, are immediately available to all Commvault Cloud customers running software version CPR 2024 (11.36) and later, enabling seamless adoption of quantum-resistant protection. To learn more about Commvault's quantum-resistant encryption solutions and how to future-proof your data security strategy, read today's blog, watch our executive videos here and here, and check out the executive brief. About CommvaultCommvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO. 1 ISAC. (2025, April 28). Despite Rising Concerns, 95% of Organizations Lack a Quantum Computing Roadmap, ISACA Finds [press release]. View original content to download multimedia: SOURCE COMMVAULT Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
