 |
 |
| sss |  |
 |
 |
 |
 |
 |
||
 |
 |
|
|
ABOUT US NT OBJECTives (NTO), based in Orange County, California, brings together an unprecedented collection of top experts in information security to develop and provide a comprehensive suite of industry-leading technology and services to solve the application security challenges of today.s global organizations. NTO has created industry-first, automated technology capable of performing comprehensive and accurate application security audits to protect proprietary information at the application layer. Its next-generation technology, coupled with a comprehensive service offering, including security training services and consulting, puts NTO in a unique position to provide complete application security solutions to today's businesses. Company History The NTO team has substantial experience in the security community. JD Glaser, CEO, wrote the NT version of Tripwire as well as several other groundbreaking security tools for Windows NT. Mr. Glaser was part of the core development team that created Foundscan, the first next generation vulnerability scanner while at Foundstone. At Foundstone, Mr. Glaser realized that while corporations were making good progress in addressing network vulnerabilities, application layer vulnerabilities were being largely ignored. Manual application penetration tests were very expensive and existing tools did not automate the vulnerability discovery process or simplify the process of fixing vulnerabilities. In the summer of 2002, the core product team at Foundstone left to pursue common interests in developing the first enterprise solution truly capable of addressing the emerging application security threats. Later that year, Mr. Glaser hired one of the top Web application researchers/consultants in the world, Mike Shema, author of Hacking Exposed: Web Applications; Hack Notes: Web Application Security; and The Anti-Hacker Toolkit. The NTO Vision NTO believes that Web application security represents the greatest security challenge facing the information technology industry today. Millions of Web applications have been developed in the past two decades. No two are alike and as expectations for enhanced customer and partner interactions may introduce tens of thousands of vulnerabilities across most. Manual penetration tests, the traditional means to identify Web application vulnerabilities, are too expensive to be a solution for most applications. Even if every enterprise had the funds to review all of its applications as infrequently as once a year, there are not enough trained pen testers to do a tenth of the work. The logical solution is an automated tool. Unfortunately, first generation vulnerability assessment tools were not truly automated. The complexities of modern Web sites, including JavaScript, complex authentication and session management, resulted in these early scanners requiring significant user interaction to completely crawl a site. Many users, untrained in their use, did not crawl even a portion of their sites and overlooked significant security holes. Moreover, these scanners merely pointed out long lists of vulnerabilities and did not assist security teams in assigning and remediating these vulnerabilities. The NTO Approach NTO is dedicated to creating fully automated security tools that allow security teams to test their sites with minimumal work and remediate them quickly and efficiently. It has assembled several of the top experts in application security product design, development and consulting. Its tools implement the best practices in Web application penetration testing learned over hundreds of assignments. The most efficient time to eliminate vulnerabilities is during the development process. NTO offers training and professional services to help clients implement best practices across their organizations so that application security is a fully integrated part of the application architecture. Product Overview NTO's NTOSpider is designed to be the most comprehensive, fully automated Web application scanner on the market. NTOSpider automates the process of authentication, session management, crawling and attacking. Its advanced custom error page checking also gives it the lowest false positive rate in the industry. NTOSpider helps security teams as they communicate vulnerabilities to application development teams and work with them to ensure that they are remediated. NTOSpider categorizes vulnerabilities by their root cause, and provides useful and visual reporting to better facilitate remediation efforts. MANAGEMENT JD Glaser, CEO JD leads NTO's overall business and market strategy. Widely heralded as one of the top industry luminaries, JD continues to develop a legacy of excellence in building the industry's top security technologies and services to this day, with over a decade of experience in security assessment and application development. Previously, JD worked as the Director of Engineering at Foundstone, a leader in information security services and technology. In his position, JD was the primary architect for FoundScan, the most advanced vulnerability assessment system of its kind. Prior to Foundstone, JD founded NT OBJECTives and developed some of the most widely used security tools in the industry, with over 100,000 subscribers at its peak. JD also wrote the first Windows NT compatible version of Tripwire, a benchmark technology for data integrity. JD has previously worked with companies such as Intel, Hewlett Packard and Columbia Sportswear in architecting and building enterprise network database systems. JD has been a regular instructor at the Black Hat conferences, and is a speaker at top industry conferences and trade shows. He has provided instructional courses on security tactics and techniques to numerous Global 100 companies and the government. Matthew Cohen, Chief Financial Officer Mr. Cohen brings extensive experience in the investment banking industry and executive management to NTO, where he manages the organization's overall financial structure. Previous to NTO, Matthew was CFO of publicly traded TTR Technologies. Prior to TTR, Mr. Cohen was the founding CFO at APB Online, Inc., where he raised $27 million in three private placements and built a financial infrastructure to support a 140 person company. Matthew has held positions at The Blackstone Group, Rothschild, Inc., and Kidder, Peabody & Co.; where he worked on restructurings, capital financings, and mergers and acquisitions. In one of these restructurings, New Dartmouth Bank, the investor group acquired 3 insolvent banks from the FDIC, invested $40 million to re-capitalize them and after an operating restructuring, sold the bank for $160 million two and a half years later. He holds a degree in economics from Princeton University. Jay Johnson, Vice President, Sales Mr. Johnson brings more than 20 years of industry experience and an impressive record of building organizations into market leaders. Prior to joining NTO, Jay was a founding executive and VP of Sales at AirDefense, where he helped develop AirDefense into a wireless security leader. Before AirDefense, Mr. Johnson served as Vice President of the Network Security Services division of VeriSign, Inc. (NASDAQ: VRSN), the leading provider of trusted infrastructure services. Under his leadership, the Network Security Services division successfully delivered high double-digit revenue growth rates and earned prestigious client accolades, including acknowledgement from Nokia and Check Point Software Technologies as the Most Valuable Partner and Global Partner of the Year. In 1997 Mr. Johnson teamed up with Jay Chaudhry and Richard Rushing to form SecureIT, a leading provider of security services to the IT industry. As Vice President of Sales at SecureIT, Mr. Johnson successfully generated business from over 50 percent of the Fortune 100 companies in the United States in less than 18 months. Dan Kuykendall, Director of Engineering Responsible for driving NT OBJECTives' research and development efforts. Mr. Kuykendall brings an extensive background in web application development methodologies and security related understanding to NT OBJECTives. Dan joins NT OBJECTives from Foundstone, where he was responsible for the web interface to the companies flagship product, FoundScan. During this time he was instrumental in building scan management, and remediation capabilities into the product. Prior to Foundstone, Dan led the foundation of the Information Security team in the United States branches of the financial giant, Fortis. Mr. Kuykendall is involved with Web Application Security Consortium, is regular contributor to many open source development projects, and podcasts to educate the public about web application security issues. |
||||||||||||||||||||||||||||||||||||
