Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Businesses Security

IronNet, Founded by Former NSA Director, Shuts Down (techcrunch.com) 6

IronNet, a once-promising cybersecurity startup founded by a former NSA director and funded by cyber and defense investors, has shuttered and laid off its remaining staff following its collapse. From a report: In a regulatory filing published Friday, IronNet's president and chief financial officer Cameron Pforr said the company had ceased all business activities as it prepares for Chapter 7 bankruptcy, effectively liquidating the company's remaining assets to pay its remaining debts. The Virginia-based IronNet was founded in 2014 by retired four-star general Keith Alexander, soon after he departed as the former director of the National Security Agency during the biggest leak (at the time) of government secrets by former contractor Edward Snowden. IronNet provided corporations and government agencies with technologies aimed at helping to defend against cyber threats, and using large data sets and analytics to automate threat intelligence. Its other products were designed to protect critical infrastructure.
This discussion has been archived. No new comments can be posted.

IronNet, Founded by Former NSA Director, Shuts Down

Comments Filter:
  • by memory_register ( 6248354 ) on Monday October 02, 2023 @04:03PM (#63895125)
    How IRONic.
  • Area 51 tech, but they couldn't keep their tentacles, I mean hands to themselves.

  • by Eunomion ( 8640039 ) on Monday October 02, 2023 @10:15PM (#63895819)
    to protect their privacy? Hire sex offenders to run women's shelters while you're at it.
  • Promising CyberSec? (Score:4, Interesting)

    by LostMyBeaver ( 1226054 ) on Tuesday October 03, 2023 @01:35AM (#63896055)
    I've evaluated tech from many companies and interviewed many cybersec professionals. The overwhelming majority of my findings is that the cyber security believes security is achieved by adding tools and devices to systems rather than correcting or improving system design.

    Here is an example. I presented an insecure system for auditing. There were two core weaknesses.
    1) The system communicated between modules on an open network using plain text protocols
    2) The system used weak ciphers for HTTP communication.
    As a bonus,
    3) The system use the source from OpenVPN for key exchange (that code is criminally bad)

    Every cybersecurity professional or organization who audited the system made endless suggestions as to what products and services should be bought. At least 75% of all recommendations would have no impact and many would have negative impact.

    By comparison, when presenting the problem to computer science graduates and software engineering firms and describing some of the known problems, most recommended modifying the code to use HTTPS with secure ciphers and CI/CD to notify the build manager of patches to the protocol stacks, pull, rebuild and recommend use of new best practices for ciphers, hashes, and key exchange algorithms. In addition, some recommended binding to appropriate ports, employing ACLs and moving the backend network to a private domain. Some suggested moving to containers and recoding against a service mesh and appropriately employing an ingress to limit attack surface area.

    CyberSec firms are basically a scam. They tend to have no clue how systems are built and often end up building systems which make things worse.

    Consider that most of Cisco's cybersec junk runs on outdated Linux kernels and in many cases run on VMs with VM drivers that are easily exploitable. Some even run on NetFilter and don't provide kernel updates more than once or twice a year.

Order and simplification are the first steps toward mastery of a subject -- the actual enemy is the unknown. -- Thomas Mann

Working...