News & Events

SafeNSec Corporation releases a new range of SoftControl products

Thu, 02 Jul 2020 11:17:00 +0300

The SoftControl system provides a range of products designed to ensure integrity of the software environment for network endpoints and to protect data from non-authorized access by personnel and hackers. 

Features of the new version of SoftControl include:

Support of the new antivirus scanner used by virustotal.com

Enhanced API possibilities for integration of centralized management by means of protection using event monitoring systems and by means of software administration on a device network

Enhanced audit mode, which allows 1) using simple methods for precise determination of the technology used for processing of protected information and 2) implementing multi-level protection measures which account for specifics of software operation on a device network

Continued support of Windows XP x86 SP2, which is still used on special devices (ATMs, payment terminals, �omputer-aided process control systems, medical equipment)

Also, some minor modifications have been introduced in the new SoftControl range; we have extended the list of DeCrypt events and their details, and implemented a new mechanism for restoration of the client module.

About SafeNSec Corporation

SafeNSec Corporation is a leader in developing software products for banks and financial organizations in the field of information security. The company was founded in Moscow in 1999. Now it works under the StarForce and SoftControl brands. By now, the company has released more than 20 software products which are intended to protect IT infrastructure against targeted attacks, to protect information against illegal copying and distribution, as well as to obfuscate and to encrypt code.

The distribution network has over 300 partners in 89 countries. Over 70 000 000 licenses have been sold worldwide.

Project with SafenSoft solutions nominated for FINAWARD

Wed, 11 Mar 2020 15:42:00 +0300

The ATM and payment terminal cyber security project for Tinkoff Bank, which uses SoftControl TPSecure products, has been selected for the "Information security innovation or anti-fraud service" nomination.

FINAWARD is an annual award given since 2013 for innovative achievements in the financial industry. The award commemorates the most noticeable products and IT innovations in the financial sphere. The business magazine Bankovskoye Obozreniye, the award establisher, selects the most important banking and financial products, services, methods of their implementation, and people who created them.

"Very strong projects and participants have been nominated for the award. For example, the National System of Payment Cards (NSPK) and the Research Institure for Molecular Electronics (NIIME) created the first chip in Russia that facilitates contact and contactless payments. Previously, only two enterprises in the world had been making that product: in France and in South Korea. While a project by the Russian Agricultural Bank and SafeTech implemented the first mobile electronic signature in Russia. It allows to make payments with your smartphone that are not just convenient, but also safe. We are very happy to be nominated along these incredible teams. It is especially satisfying to know that these projects have been implemented using Russia's most advanced technology solutions," Svetozar Yakhontov, the Head of Business Development at SafenSoft, says.

�

Information about the project that uses SoftControl TPSecure solutions:

Tinkoff Bank has introduced the secure mode of software maintenance for ATMs and payment terminals, using products of the SoftControl TPSecure range. The solution provides control over changes made to the hardware and software configuration of devices. Whitelisting processes and applications allows using only trusted software on protected devices. Dynamic integrity control and control over process and application activity allows running only trusted scripts of client operations.

�

Why this project is unique:

This is the first project in Russia and in the world that makes a network of self-service banking terminals running on Microsoft Windows 10 comply with PCI DSS requirements.

Companies leading in the sphere of critical IT infrastructure security analysis have run multiple penetration tests on the implemented defense measures.

At the same time, these measures do not encumber updating payment applications on the terminals network. This allows timely release of new banking products by means of the push strategy for supply and provides the bank with technology leadership on the financial services market.

In collaboration with experts from Tinkoff Bank, we created new unique functions for the SoftControl protection solution. Thus we created the new module for ATM hard disk encryption, which accounts for operation specifics in self-service banking terminals: the disk decryption key is bound to hardware characteristics of peripheral devices and does not use the ATM motherboard's TPM. It facilitates trusted computing for a device in self-service mode without affecting operation of special electronics.

Changes in products made during the first half of 2019

Thu, 03 Oct 2019 17:30:00 +0300

Main changes of the SoftControl system components:

File checksums for profile inclusion and exclusion can be configured in settings.

Now activity control rules can be set for groups of users.

Named groups of rules have been moved to the database. They are stored separately from the settings, and all operations with named groups of rules are now performed through the database.

Built-in security principals (e.g., Local Service, Network Service) can be selected in advanced settings for activity control rules.

We have changed display of activity control rules: a space character at the end of an existing rule is shown as a dot. It helps to avoid errors caused by an accidentally typed space at the end of a string (in the SoftControl Admin Console and SoftControl SysWatch interface).

More details have been added to notifications received from the server: client GUID, event ID, time value with seconds. When SoftControl SysWatch receives settings from the server and logs them, the name of settings is recorded along with other information.

Minor bugs have been fixed in the graphic interface of SoftControl Admin Console.

New SoftControl version released

Mon, 23 Sep 2019 15:17:00 +0300

Protection Technology has released a new version of the SoftControl product line.

The SoftControl system is a range of products the main purpose of which is to provide integrity of the software environment of network endpoints and to protect data against unauthorized access by staff or violators.

Among other features, the new version of SoftControl allows adding checksums of executable files to the whitelist of trusted processes from the control server. It is a centrally controlled operation. Moreover, the new version implements security profiles: now you can manage activity control rules by combining them in logical groups. Besides, the mechanisms for control registry access operations are improved.

In addition, some minor changes are implemented in the new version of SoftControl, more details are added to the list and content of events in notifications, new types of events are implemented in security logs and process activity logs.

About Protection Technology

Protection Technology is a leader in developing software products for banks and financial organizations in the field of information security. The company was founded in Moscow in 1999. Now it works under the StarForce and SoftControl brands.

By now, the company has released more than 20 software products which are intended to protect IT infrastructure against targeted attacks, to protect information against illegal copying and distribution, as well as to obfuscate and to encrypt code.

Important information

Mon, 19 Aug 2019 11:10:00 +0300

20 August 2019 our company is moving to a new office hence possible short-term problems of communication may appear. We are doing our best that our clients continue to receive feedback.

Ak Bars Bank passes annual audit with Softcontrol TPsecure software

Tue, 30 Jul 2019 11:52:00 +0300

Ak Bars Bank has passed an annual audit for the fifth year running and confirmed compliance with the PCI DSS standards. The bank uses the TPsecure software solution to protect its ATMs network and payment terminals.

Ak Bars Bank that is a leading universal bank in the Republic of Tatarstan provides modern banking services to individuals and entities with distant service lines. More then 1,7 millions of payment cards for the international payment systems were issued by the bank. ATM machines and payment terminals are the endpoints to data-processing of payment cards. The bank provides security of data processing in accordance with the requirements of the international PCI DSS standards.

SoftControl TPSecure, formely known as SafenSoft TPSecure, is the software solution for protection of information. It allows implementing the software security operation regulations for banking self-service devices. At the moment SoftControl TPSecure provides safety for more than 180 000 banking self-service devices across the Russia Federation and 24 countries worldwide.

The SoftControl product line was developed by Protection Technology ltd (brand of Starforce). Nowadays, under the brand StarForce more than 20 software products are grouped to protect the IT infrastructure against targeted attacks, as well as to protect information against illegal copying and distribution. Starforce also provides code obfuscation and data enscryption solutions. The company has a partners network in 89 countries around the world and sold more than 70 000 000 licenses.

Protection Technology ltd and ICL successufully launched the IT security projects for the financial industry in the Republic of Tatarstan and the Central Federal Area in Russia.

StarForce releases a new version of SoftControl DeCrypt

Mon, 25 Feb 2019 11:34:00 +0300

StarForce has released the new version of SoftControl DeCrypt 4.6.10. Now the product supports an extended list of BIOS.

How SoftControl products have changed in 2018

Mon, 11 Feb 2019 10:45:00 +0300

The main changes in the SoftControl products include creation of name rule groups, improved system reports and event logs, as well as export and import of client application settings.

The following changes affected the SoftControl Service Center:

Named rule groups are supported. Activity control rules from different categories (file system, system registry, network activity and modules) can be grouped together.

Activity control rules for separate applications can be created in SoftControl Admin Console and transferred to client hosts with the installed SoftControl SysWatch client applications.

Increased password security for SoftControl Service Center database.

Supported import and export of selected client application settings with the help of an XML file.

Changes in SoftControl Admin Console:

Improved logic for creating system reports. The groups of events are now called 'Threats' and 'Services and unsuspicious applications'. In the former case, SoftControl Admin Console logs control policy violations and the start of suspicious processes. In the latter case, SoftControl Admin Console logs service events and the start of unsuspicious processes.

Event logs are now more detailed and easier to understand. This includes the improved format of the information displayed in the �Action field on the �Log tab.

System profile on the client host with SoftControl SysWatch can be disabled through the client application settings. In addition, the update source for SoftControl SysWatch can be selected (update through either SoftControl Service Center or the Internet).

Identification data of a module are filled in automatically in the settings after specifying an exe file.

The �Clients tab contains the �Permanent connection status column to track possible disconnections.

Flags are supported for files on the �Profile data ... tab that indicate whether a file is added to the profile by the installer or during the profile collection process.

Changes in SoftControl SysWatch client application:

As with SoftControl Admin Console, system reports are made more clear and unambiguous.

Event logs are now more detailed and easier to understand. In particular, the report indicates whether the application is in the profile, whether it is tracked; whether the installer has a valid digital signature; whether the global software update mode is enabled, etc.

Logging events of control policy violation is improved. Control policy violation events are considered similar and are not logged if they have coinciding actions, binary paths, command lines, and process identifiers, as well as if the period of time after the previous event is added is less than the specified value (one minute by default). Besides, the event log contains information about how many similar events were skipped.

Control policy violation report contains the PID for the process that caused policy violation.

If the protection is turned off, all applications (both in the profile and outside of it) are given permission to run until the system service starts.

Increased password security for SoftControl SysWatch client components.

Fixed vulnerability in the msiexec installer. It is not allowed to execute the msiexec system installer from a folder that differs from % SYSTEM32%.

Fixed vulnerability in dll blocking algorithm (CVE-2018-5718). This vulnerability allowed local users to cause a denial of service (BSOD) or modify kernel-mode memory by loading a forged dll.

Updated glossary that is used in the program. In particular, the term �mode of operation is replaced to �software update mode. The term �unknown installer is changed to �unsigned installation program, and �unknown application is replaced by �non-profile application, and so on.

SoftControl releases a new version of its product line

Thu, 31 Jan 2019 15:52:00 +0300

StarForce Technologies has released a new version of the SoftControl TPSecure 4.6.7 product line to monitor the integrity of software devices such as ATMs, payment terminals, medical equipment and automated process control tools.

The new version contains the SoftControl DeCrypt hard disk encryption module.

Encrypting the system volumes of self-service devices allows preventing the following common attacks on ATMS and payment terminals:

bypassing self-defense of software protection by deleting files from an offline hard drive when booting from external media;

reverse engineering the ATM software from a stolen hard drive for a targeted attack;

using a stolen hard disk to attack the processing services is possible because violators have both the certificates to connect to payment application servers and the information from the hard disk.

SoftControl DeCrypt allows decrypting the system disk partition before the operating system starts, with the help of the key generated from the sets of parameters of peripherals connected to computer.

The implementation allows bypassing the operational limitations that are specific to self-service devices (ATMs, payment terminals, information booths):

it is not possible to enter the password locally to decrypt the partition when the device runs;

it is not possible to use TPM (Trusted Platform Module, the cryptographic key storage on the motherboard). Writing the keys to TPM leads to deleted certificates of special electronic devices (cash dispenser, bill acceptor, PIN pad, and card reader) and the operation of the devices is disrupted.

SoftControl DeCrypt works along with other modules of the SoftControl protection software. It can be controlled remotely, as well as through the command line. Besides, it is possible to monitor events from the SoftControl Service Center management server.

Protection Technology, Ltd. has Obtained FSTEC License

Mon, 09 Jul 2018 08:52:00 +0300

A FSTEC (Federal Service for Technical and Export Control) license for the development and production of the tools for protection of confidential information allows Protection Technology, Ltd. to expand its scope of activity on the domestic information security market and offer advanced technological solutions to all niches where the solutions can be applied.

�A large number of software vendors all over the world use the technologies developed by StarForce, says Svetozar Yakhontov, Director of Business Development at Protection Technology, Ltd. �The license will enable our partners who use StarForce software components and technologies in their products, to pass FSTEC software certification procedures.

Besides, the FSTEC license allows us to submit the Protection Technology, Ltd. solutions, in particular, SoftControl (SafenSec) products, for certification in accordance with the regulators requirements. The SoftControl products currently protect sensitive infrastructure in banks, state-owned companies and fuel and power companies in Russia.

Protection Technology, Ltd. also has Russias Federal Security Service license for the development, production and distribution of encryption (cryptographic) tools, information and communications systems.

SoftControl Update: A convenient and reliable way to protect your computer from malware

Mon, 25 Jun 2018 13:18:00 +0300

The complexity of targeted attacks have not changed in the last two decades. An attack is always a well-planned, professional operation. Although the attack techniques and methods can be fine-tuned, most damage always comes from the use of conventional intrusion and cracking tools. This means malware that tends to get into the enterprise infrastructure by any means.

Experience has shown that

multilevel protection methods that the industry associations recommend and that the regulators require are effective;

designing, implementing and maintaining complex protection methods is very resource-intensive and is often hard to achieve. The problem is the lack of high-skilled and efficient staff.

A malware protection solution requires tools that enable users to:

get a clear idea about the information processing technologies in use; start from the �Learn your technologies principle.

design, test and iteratively improve the protection methods.

learn the technology quickly. The tools should be a means to train the personnel by solving real-world problems.

SoftControl 4.4. What's new?

New features in SoftControl 4.4 were developed in collaboration with our customers engineers. The basis of these features is the generated best practices in implementing multilevel protection methods for sensitive infrastructure:

Detailed activity control rules

The users can create detailed activity control rules for groups of applications and certain processes from the control computer and distribute the created settings as specific or group policies. This allows specifying strict scenarios for the processing of the information under protection on a network of varied devices, as well as preventing system processes and dedicated software from being compromised.

Advanced audit mode

Advanced audit mode allows the users to test the control policy settings without any impact on the system under protection, which is very important when implementing multilevel protection methods on a sensitive infrastructure that is difficult to simulate on a test bench.

Examining the event log

Examining the event log from the administrator console is very convenient. The log provides detailed information about the activity of the applications on the system under protection and allows assessing possible impact of the protection methods under test.

Also the new version eliminated known vulnerabilities and defects, increased stability on multiprocessor computers.

You can update to the current version right now, it is available on the update server.

SoftControl 4.4.12 Update

Thu, 26 Apr 2018 14:01:00 +0300

SafeNSec Corporation (www.safensoft.com), the leader in development of software solutions to provide information security in banks and financial organizations, releases an update of the SoftControl system. The main target of this release is to improve usability and stability of the security system. The system is designed to provide the integrity of the software environment of the network endpoints and to protect data against unauthorized access by maintenance staff or violators.

The system includes three basic modules.

1. SoftControl Service Center that consists of:

SoftControl Server, the server component;

SoftControl Admin Console, the management console.

2. The client components for proactive protection of end points:

SoftControl ATM Client for self-service devices;

SoftControl Endpoint Client for corporate network workstations;

SoftControl SClient for servers;

SoftControl SysWatch for personal computers.

3. SoftControl DLP Client, the client component designed to monitor and collect data about the user's activity.

The update is aimed to improve the level of security and ease of use. A number of vulnerabilities were eliminated, and reports and event logs were reworked to obtain detailed information.

The most important changes in 4.4.12 version are the following:

Control activity rules for certain applications can be created in SoftControl Admin Console and then applied on client hosts with installed SoftControl SysWatch that allows to set rules to monitor activity of application groups and definite processes and transfer these rules both to individual and group politics.

The format of event logs is supplemented, which allows the security administrator to obtain a detailed and visual representation of the information processing technologies on the protected device.

Known vulnerabilities have been fixed.

Detailed information is available for clients in the update section of the corporate site.

About SafeNSec Corporation

SafeNSec Corporation (www.safensoft.com) was founded in 2006 to develop best-of-breed solutions in information security for financial organizations and banks. The company is a member of the PCI Security Council and serves on the Security Best Practices committee of the ATMIA. The clients of SoftControl products are located in Europe, Middle East, Southeast Asia and Africa.