Skip to main content
search
Category

Blog

Sep 20
Love308

Lancera’s sister company HEROIC Cybersecurity wins the consumers’ hearts

By Blog, Press No Comments

Tech Conference Attendees Vote HEROIC People’s Choice Winner

HEROIC company pitch land audience’s vote during competition

Orem, UT – March 9, 2016 – HEROIC, the leading provider of next-generation consumer cybersecurity, today was voted as the 2016 Tech 10 People’s Choice award winner at Utah Valley’s Big Business and Technology Conference.

The annual Tech 10 Competition at the Big Biz Conference showcases new technologies released in Utah in the last year. Judges for Tech 10 include: Jeff Burningham (Peak Capital), John Richards (Startup Ignition), Ryan Davies (Clarke Capital), Jim T. Evans (Xactware), Clint Betts (Beehive Startups), Jeanette Bennett (UV BusinessQ).

Awards include: Best UX Design, Best Disruptive Technology, Best Sales Traction Achievement, Best Model Development, People’s Choice, Experts Choice & more.

To learn more about the Big Biz Conference and the TECH10 Competition, visit Bennett Events.

HEROIC on Social
Facebook, Twitter, LinkedIn, Instagram, HEROIC Blog

About HEROIC
HEROIC is the leading provider of next-generation cybersecurity for home users and their devices. Unlike traditional antivirus products, our solution takes a predictive and proactive approach to intelligently secure users and their devices before an attack or threat occurs. The end result is a secure, device-friendly platform that offers users Preventative Network Security, Identity Theft Protection, Secure Online Backup and Malware Protection in one easy-to-use platform. To learn more, and for a free account, please visit HEROIC.com.

Contact
David McDonald
LANCERA
+1-801-845-2777

See more at https://heroic.com

Aug 17
Love315

Inc 500 Press Release – August 17, 2016

By Blog, Press

 

Lancera Lands Spot on Inc. 500 List for Second Consecutive Year
Ranks No. 146 on Prestigious Inc. 500 List

PROVO, UT (August 17, 2016) – Today Lancera, the leading provider of Cybersecurity and Custom Software Services, ranked No. 146 in the recently-released 2016 Inc. 5000 List, Inc. magazine’s annual ranking of the fastest-growing private companies in the U.S. This is Lancera’s second consecutive year making the list, and its second year reaching the elite top 500. Lancera was also ranked No. 9 overall in the software industry and No. 5 for all Utah companies.

“It’s an incredible feat to be on the Inc. 500 list for two years in a row,” said Chad Bennett, Founder and CEO of Lancera. “This amazing achievement helps validate the hard work of our team and continues to prove the need for secure application development solutions. This is only the beginning of great things to come from Lancera and our affiliated companies.”

Lancera delivers growth-accelerating Custom Software Development, Online Presence, and Cybersecurity Solutions. In a time of heightened cyber threats, Lancera stands out as a leader in the emerging secure software development and cybersecurity markets. Significantly contributing to Lancera’s outstanding growth rate of 2,423% has been it’s IT support focused subsidiary company, Box Support, which was launched in 2014. Lancera is also helping to prepare for the public launch of its highly anticipated spin-off company HEROIC.com, a consumer-focused cybersecurity platfrom that protects against hackers and cyber threats.

Lancera climbed three spots from Inc. magazine’s previous Inc. 5000 rankings – from No. 149 in 2015. For more information about Lancera’s ranking in the Inc. 5000, please visit Inc.com.

About the Inc. 500|5000 List
Each year, Inc. and Inc.com celebrate the remarkable achievements of today’s entrepreneurial superstars. The Inc. 500|5000 list represents the fastest growing companies in the nation. Companies are ranked according to the percentage growth of their annual revenue over a three-year period. The 2016 list assesses revenues from 2012-2015 to calculate overall growth.

About Lancera
Founded in 2011, Lancera is a leading provider of Cybersecurity and Custom Software Development Solutions. Lancera leverages its significant foundation of cybersecurity and software development experience to help clients both protect and scale their business with peace of mind. Embracing a client-focused, collaborative approach, Lancera provides the technology and resource solutions to help accelerate business growth. For more information, visit Lancera.com.

Contact
Wyatt Semanek
PR Manager
801-845-2777
[email protected]
@WSemanek

Feb 04
Love304

Lancera Receives Top 10 Honors at Utah TechX

By Blog, Press No Comments

Tech X

Lehi, UT – February 4, 2016 – Today Lancera, the provider of custom software, web development and cybersecurity solution, received honors in the annual TechX Revenue Accelerator program. The awards focus on Utah companies showing unparalleled trajectory in growth and sales.

As a business accelerator, TechX is a Park City Partners program that brings together sales and marketing disciplines to help companies address their three biggest problems; generating more leads, closing more business, and keeping more customers.

“This is the second time we’ve won this award,” said Chad Bennett, Founder of Lancera. “There are many up-and-coming companies that compete for these honors. It’s just special to know that what we’re doing continues to be recognized… the TechX program has helped Lancera grow tremendously.”

Since completing the TechX program, Lancera has continued to grow at record pace, receiving national recognition including a spot on the annual Inc. 500 list for consecutive years.

CONTACT US today to see how Lancera can help accelerate your growth.

Aug 17
Love302

Press Release – August 17, 2015

By Blog, Press No Comments

Lancera Named #149 Fastest Growing Private Company in America on Inc. 500 List

We’re extremely honored and thrilled to announce that Lancera has been named the 149th Fastest Growing Private Company in America on Inc. Magazine’s 500|5000 list. Lancera also received other Inc. 500 honors including #16 Top Software Company and #5 Top Utah Company.

Inc. Magazine’s 500|5000 list represents the fastest growing companies in the nation. Companies are ranked according to the percentage growth of their annual revenue over a three-year period. The 2015 list assesses revenues from 2011-2014 to calculate overall growth.

Lancera’s Founder, Chad Bennett, had a few remarks about our achievement, “We are honored to have ranked so high on such a prestigious and important list. This amazing achievement not only validates all of the hard work and sacrifice that we’ve put in as a company over the past three years, but it shows our upwards trajectory moving forward.”

Lancera’s amazing growth has come from an increasing need in the marketplace for software development and the exponential increase in cybersecurity threats. With hacking attacks becoming more frequent and more malicious than ever before, businesses desperately need a solution that can resolve these issues.

CONTACT US today to see how Lancera can help accelerate your growth.

Jul 28
Love165

Hacks Get Broader – Answers Still Simple

By Blog No Comments

Last week, a hacked Jeep made headlines. Today, it’s Android phones via text message. As more devices get smarter the targets get broader. In 2012, then FBI Director Robert Mueller talked about two kinds of companies: those that have been hacked and those that will be. With growing targets and continued hack proliferation, could the prevention answers still be simple?

Access the full text of the post by clicking here.

Jun 23
Love161

Can You Bring Down The Price?

By Blog No Comments

Did you know that the average cost of such data incidents is $100,000 according to multiple sources?

Given the nature of these incidents, I always marvel at the client who whines about the price of a proper penetration test. “Can you do any better?” or “Wow, we weren’t expecting that. Can you sharpen your pencil?” Seriously?

Access the full text of the article by clicking here.

Jun 10
Love156

The 3 Key Issues In Hiring a Software Development Company…

By Blog No Comments

The 3 Key Issues In Hiring a Software Development Company…

Bringing your vision to functional reality is not easy where software development is concerned. When hiring a custom development company, will it be able to listen to you and “get it?” Will it bring your functionality and envisioned user experience to a useable level?

One large organization I recently consulted with confessed to having a project overrun of more than a year and thousands of dollars in personnel and other costs. I have discovered this to be a common problem.

The purpose of this article is to provide three simple guidelines by which you may judge the effectiveness of a custom software development organization. Although this guidance is most appropriate for project-based development, the principles may also apply to managed outsourcing.

Access the full text of the article by clicking here.

May 22
Love172

3 Key Reasons You’ll Fail Your PCI Audit

By Blog No Comments

I am always astonished at the common recurring themes that expert penetration testers uncover during routine testing for requirement 11.3 of the PCI DSS. Since misery loves company I will assuage your pain by pointing out you’re not alone – I’ve seen these same issues for a decade now.

“Your database is in the DMZ isn’t it?” to which he sheepishly replied, “Yes!”

Here are those common reasons:

  1. I can pull down your entire database of key information.
  2. You’re still sending clear text passwords in your application.
  3. Your web application is fraught with XSS vulnerabilities.

Your Database

Yesterday I was speaking with a fellow at a business trade show. He lamented about how his business had recently been hacked, and all of his customer data had been altered such that all his customer addresses now show Ontario, Canada. I said, “Your database is in the DMZ isn’t it?” to which he sheepishly replied, “Yes!”

That is a simple example of ignorance, but more sophisticated organizations – those who process card data, for example, and even those with multiple POS systems and central data relays – have been known to display a more sophisticated (though no less forgivable) ignorance.

One such organization did have their database in a secure zone, but due to blind SQL vulnerabilities, the penetration tester was just one command short of downloading their entire database structure and data.

Another organization had no password on several logins, and as above, the tester was able to potentially download the entire database. In fairness, that scenario was on an internal white box test, but no less ignorance of the facts regarding the issue.

Clear Text Passwords

Organizations build and run applications. Some are public facing, others have internal access only. Either way, equally astounding is the fact that password schemas often pass such in clear text instead of using cryptography. This is every hacker’s dream, giving him access to data, systems or worse – root access.

I am always floored when a major SAaS company is discovered to be running clear text passwords in parts or all of its application(s). Many a company has been compromised due to this issue.

Cross Site Scripting

Web server applications that generate pages dynamically are vulnerable to a cross-site scripting exploit if they fail to validate user input and to ensure that pages generated are encoded properly. An example of this is en exploit that creates a link to a page that looks proper but sends the user to a phishing page to steal credentials.

This is always do to insecure application coding with a failure to properly validate the user input or handle error messages.

The point here is that I’ve seen this in many card processing organizations where the failure to fix this vulnerability could be disastrous.

Summary

Having pointed out recurring key issues, you may be saying, “Well I can see that in other companies but not in mine!” The problem is, sometimes when one vulnerability is fixed, others are introduced. So while you may have passed your point-in-time compliance audit last year, this year may be a different story.

It is instructive to point out the PCI requirement 11.3.1 which applies here: “Perform external penetration testing at least annually and after any significant infrastructure or application upgrade or modification.” Most companies simply don’t do this.

In summary, you don’t have to fail your PCI Audits every year – just test and fix before the auditor arrives (vs. waiting to test while your annual assessment is in progress), and during the ensuing year ensure that at least one additional pen test is conducted to avoid cascading accumulation of problems.

Feb 18
Love99

It’s Not About Target Anymore

By Blog No Comments

This article is a clarion call to the healthcare industry to wake up! It’s not about Target and Home Depot anymore. On February 5th, Anthem Inc., the largest for-profit managed health care company in the Blue Cross and Blue Shield Association, announced that 80 million records had been compromised.

It is interesting to note that this is not a unique occurrence. Just a week prior to the Anthem incident, a laptop was stolen from the Riverside County Regional Medical Center in Moreno Valley, California. The information on the laptop included names, phone numbers, addresses, dates of birth, Social Security Numbers, and clinical information such as medical record numbers, physicians, diagnosis, treatments received, medical departments and health insurance information.

To all of the State Governors, Hospital Administrators, and various CEOs of insurance and other healthcare-related entities reading this article, pay attention because herein lies the secret of knowing whether you are next. You must ask the question, “How hackable am I?” And you must fully expect to find out.
In the same month, other data breach incidents occurred at Sunglo Home Health Services of Harlingen, Texas, and California Pacific Medical Center/Sutter Health of San Francisco, California. It seems health data compromises from California to New York, and from Texas Health and Human Services to the Utah Department of Health have in recent years experienced a sharp uptick.

To all of the State Governors, Hospital Administrators, and various CEOs of insurance other healthcare-related entities reading this article, pay attention because herein lies the secret of knowing whether you are next. You must ask the question, “How hackable am I?” And you must fully expect to find out.

There is only one way to find out if you are hackable, and that is to hire a hacker to hack you. It sounds risky, but it is actually called penetration testing and is performed by reputable companies who employ credentialed individuals such as the Certified Ethical Hacker or CISSP credential.

You may say, “Well we have our own internal vulnerability team.” This is fantastic! As it should be. However these are your employees and are biased by the paycheck you sign every payday. I recommend that you hire an objective outside company at least annually to perform an in-depth internal and external penetration test on both your network, databases and critical applications.

Some standards, such as PCI, state that penetration tests by qualified outside parties should be performed annually or as often as there are changes to the environment. The point here is that such an event only applies to a point-in-time assessment and is invalidated if new technology is installed and configured incorrectly.

In summary, qualified engineers can find and report on the “hackability” of your systems, and provide a remediation report to ensure you don’t become the next Anthem. It’s not just about Target, Home Depot, or big box retailers anymore. Healthcare is now squarely on the hacker’s crosshairs.

About the Author

Greg Johnson is the VP of Security Business Development and Strategy at Lancera Security, the World’s Trusted Source of Security Solutions. Mr. Johnson is an entertaining and sought-after speaker in the world of cyber security.

Close Menu
MENU