SOA integrates Thales HSMs to provide the highest level of protection and manage risk in the API-tier
Plantation, Fla & Los Angeles, CA – September 2nd, 2014 – Thales, a world leader in Critical Information Systems and Cybersecurity and SOA Software, an API Security, API Management and SOA Governance leader, announced the integration of the Thales nShield family of hardware security modules (HSMs) with SOA Software’s API Gateway, providing enhanced data protection and threat prevention for mobile, cloud and web applications.
Digital initiatives are impacting every aspect of life. Businesses and governments are under pressure to deliver a richer and more consistent experience to their users across an ever wider range of channels that span in-store, at home and mobile. Furthermore, the opportunity to monetize digital content through marketing partnerships and commercial ecosystems creates a race to interconnect applications and simplify the adoption and control of integrated data-based services. This creates the need to manage a plethora of service interfaces and APIs that span legacy as well as leading-edge application technologies, cloud and on-premise based delivery platforms and a range of compliance imperatives. A common thread is the need for an end-to-end, comprehensive data protection strategy that includes strong authentication to control access for users, devices and services coupled with encryption of data in motion and at rest to ensure confidentiality.
As with any encryption based security system, the attention of attackers and regulators alike turns to key management and the confidence that these processes are physically and logically protected. To achieve a higher level of assurance, SOA Software and Thales joined hands and integrated the Thales nShield HSM with the SOA Software API Gateway. The nShield HSM is used to generate keys, authenticate service requests, encrypt sensitive application payload such as credit card numbers and personal information and digitally sign message exchanges to guard against interception and modification.
Thales nShield HSMs are certified to FIPS 140-2 Level 3 and Common Criteria EAL4+, delivering the highest levels of cryptographic security and best-in-class performance for cryptographic operations, including accelerated SSL termination and high-speed digital signing of messages. By integrating with Thales nShield HSMs, SOA Software’s API Gateway can satisfy customers who need to demonstrate FIPS-compliance and that have the most demanding performance requirements.
Alistair Farquharson, Chief Technology Officer, SOA Software, says:
“Increasingly enterprises are opening their applications to partners, developers, mobile apps and cloud services, but by exposing those apps they also become a perfect target for hackers. Thales is the leader in data encryption and cyber security and provides the added assurance of FIPS-compliance to our security conscious customers helping them to safely and securely embrace our API technology.”
Richard Moulds, Vice President Strategy, Thales e-Security, says:
“Exposing applications to cloud and mobile based environments is a business imperative but it dramatically expands the available attack surface and therefore risk. SOA Software helps organizations protect the flow of sensitive data and control access to it and we are excited that they have embraced Thales HSMs as the most widely accepted best practice for delivering the necessary level of assurance and selected the Thales nShield HSM to give their customers the most convenient and easily deployed solution.”
SOA Software’s API Management solution has been positioned by Gartner, Inc. in the Leaders Quadrant of the 2013 Gartner Magic Quadrant for Application Services Governance.
SOA Software is a leading provider of API Management and SOA Governance products that equip business to deliver APIs and SOA together to drive their company to meet its business strategy quickly and effectively. SOA Software’s technology helps businesses to accelerate their digital channels with APIs, drive partner adoption, monetize their assets, and achieve agility and operational excellence across their applications and datacenters. Some of the world’s largest companies including Bank of America, Pfizer, and Verizon use SOA Software products. SOA Software is also recognized as a “Leader” by Gartner in Application Services Governance MQ and as a leader by other analyst firms. For more information on SOA Software’s API Platform, see http://www.soa.com
About Thales e-Security
Thales e-Security is a leading global provider of data encryption and cyber security solutions to the financial services, high technology, manufacturing, government and technology sectors. With a 40-year track record of protecting corporate and government information, Thales solutions are used by four of the five largest energy and aerospace companies, 22 NATO countries, and secure more than 80 percent of worldwide payment transactions. Thales e-Security has offices in Australia, France, Hong Kong, Norway, United States and the United Kingdom. www.thales-esecurity.com
Thales is a global technology leader in the Aerospace, Transportation and Defence & Security markets. In 2013, the company generated revenues of €14.2 billion (equivalent of $18.3 billion) with 65,000 employees in 56 countries. With its 25,000 engineers and researchers, Thales has a unique capability to design, develop and deploy equipment, systems and services that meet the most complex security requirements. Thales has an exceptional international footprint, with operations around the world working with customers and local partners. www.thalesgroup.com
Positioned as a value-added systems integrator, equipment supplier and service provider, Thales is one of Europe’s leading players in the security market. The Group’s security teams work with government agencies, local authorities and enterprise customers to develop and deploy integrated, resilient solutions to protect citizens, sensitive data and critical infrastructure.
Drawing on its strong cryptographic capabilities, Thales is one of the world leaders in cybersecurity products and solutions for critical state and military infrastructures, satellite networks and industrial and financial companies. With a presence throughout the entire security chain, Thales offers a comprehensive range of services and solutions ranging from security consulting, intrusion detection and architecture design to system certification, development and through-life management of products and services, and security supervision with Security Operation Centres in France and the United Kingdom.