 |
 |
| sss |  |
 |
 |
 |
 |
 |
||
 |
 |
|
|
ABOUT US NT OBJECTives (NTO), based in Orange County, California, brings together an unprecedented collection of top experts in information security to develop and provide a comprehensive suite of industry-leading technology and services to solve the application security challenges of today.s global organizations. NTO has created industry-first, automated technology capable of performing comprehensive and accurate application security audits to protect proprietary information at the application layer. Its next-generation technology, coupled with a comprehensive service offering, including security training services and consulting, puts NTO in a unique position to provide complete application security solutions to today's businesses. Company History The NTO team has substantial experience in the security community. JD Glaser, CEO, wrote the NT version of Tripwire as well as several other groundbreaking security tools for Windows NT. Mr. Glaser was part of the core development team that created Foundscan, the first next generation vulnerability scanner while at Foundstone. At Foundstone, Mr. Glaser realized that while corporations were making good progress in addressing network vulnerabilities, application layer vulnerabilities were being largely ignored. Manual application penetration tests were very expensive and existing tools did not automate the vulnerability discovery process or simplify the process of fixing vulnerabilities. In the summer of 2002, the core product team at Foundstone left to pursue common interests in developing the first enterprise solution truly capable of addressing the emerging application security threats. Later that year, Mr. Glaser hired one of the top Web application researchers/consultants in the world, Mike Shema, author of Hacking Exposed: Web Applications; Hack Notes: Web Application Security; and The Anti-Hacker Toolkit. The NTO Vision NTO believes that Web application security represents the greatest security challenge facing the information technology industry today. Millions of Web applications have been developed in the past two decades. No two are alike and as expectations for enhanced customer and partner interactions may introduce tens of thousands of vulnerabilities across most. Manual penetration tests, the traditional means to identify Web application vulnerabilities, are too expensive to be a solution for most applications. Even if every enterprise had the funds to review all of its applications as infrequently as once a year, there are not enough trained pen testers to do a tenth of the work. The logical solution is an automated tool. Unfortunately, first generation vulnerability assessment tools were not truly automated. The complexities of modern Web sites, including JavaScript, complex authentication and session management, resulted in these early scanners requiring significant user interaction to completely crawl a site. Many users, untrained in their use, did not crawl even a portion of their sites and overlooked significant security holes. Moreover, these scanners merely pointed out long lists of vulnerabilities and did not assist security teams in assigning and remediating these vulnerabilities. The NTO Approach NTO is dedicated to creating fully automated security tools that allow security teams to test their sites with minimumal work and remediate them quickly and efficiently. It has assembled several of the top experts in application security product design, development and consulting. Its tools implement the best practices in Web application penetration testing learned over hundreds of assignments. The most efficient time to eliminate vulnerabilities is during the development process. NTO offers training and professional services to help clients implement best practices across their organizations so that application security is a fully integrated part of the application architecture. Product Overview NTO's NTOSpider is designed to be the most comprehensive, fully automated Web application scanner on the market. NTOSpider automates the process of authentication, session management, crawling and attacking. Its advanced custom error page checking also gives it the lowest false positive rate in the industry. NTOSpider helps security teams as they communicate vulnerabilities to application development teams and work with them to ensure that they are remediated. NTOSpider categorizes vulnerabilities by their root cause, and provides useful and visual reporting to better facilitate remediation efforts. MANAGEMENT Dan Kuykendall, co-CEO and Chief Technology Officer Mr. Kuykendall manages NT OBJECTives' software development and handles NTO’s relationships with several partner companies. He has an extensive background in web application development and security. As part of the Founding Team, Dan has been involved in the methodologies and design of NTO’s flagship product since its inception. Dan joins NT OBJECTives from Foundstone, where he was responsible for the portal interface to the company’s flagship product, FoundScan. During this time he was instrumental in building scan management, and remediation capabilities into the product. Prior to Foundstone, Dan was the founder of the Information Security team in the United States branches of Fortis. Mr. Kuykendall is involved with Web Application Security Consortium, is regular contributor to many open source development projects. He was a founder of the phpGroupWare project and creator of podPress. Dan podcasts to educate the public about web application security issues from his blog at mightyseek.com. Matthew Cohen, co-Chief Executive Officer Mr. Cohen brings extensive experience in executive management to NTO, where he manages the organization's operations, business affairs and relationships with several key clients and partners. Previous to NTO, Matthew was CFO of publicly traded TTR Technologies. Prior to TTR, Mr. Cohen was the founding CFO at APB Online, Inc., where he handled business development, raised $27 million, and built a financial infrastructure to support a 140 person company. Matthew has held positions at The Blackstone Group, Rothschild, Inc., and Kidder, Peabody & Co.; where he worked on restructurings, capital financings, and mergers and acquisitions. He holds a degree in economics from Princeton University. Jay Johnson, Vice President, Sales Mr. Johnson brings more than 20 years of industry experience and an impressive record of building organizations into market leaders. Prior to joining NTO, Jay was a founding executive and VP of Sales at AirDefense, where he helped develop AirDefense into a wireless security leader. Before AirDefense, Mr. Johnson served as Vice President of the Network Security Services division of VeriSign, Inc. (NASDAQ: VRSN), the leading provider of trusted infrastructure services. Under his leadership, the Network Security Services division successfully delivered high double-digit revenue growth rates and earned prestigious client accolades, including acknowledgement from Nokia and Check Point Software Technologies as the Most Valuable Partner and Global Partner of the Year. In 1997 Mr. Johnson teamed up with Jay Chaudhry and Richard Rushing to form SecureIT, a leading provider of security services to the IT industry. As Vice President of Sales at SecureIT, Mr. Johnson successfully generated business from over 50 percent of the Fortune 100 companies in the United States in less than 18 months. |
||||||||||||||||||||||||||||||||||||||||||||
