Ubiq OWASP Member Benefit

image

Andrew van der Stock

Wednesday, January 4, 2023

OWASP and Ubiq Partner to Offer Application-layer Encryption Member Benefit

OWASP is pleased to partner with Ubiq Security (Ubiq) to offer members advanced access to their API-based application-layer encryption and key management as code (SaaS) platform, to help them better protect sensitive application data, and not rely on ineffective storage-layer encryption solutions such as transparent data encryption or server-side encryption.

For decades, one of the worst kept secrets in security – and most often exploited by attackers in data breaches – is that encryption at rest doesn’t provide any meaningful protection against network-based attacks on a running system.

“We built Ubiq to address the Achilles’ heel of most at-rest encryption solutions – the fact that they implicitly trust admins and key processes and provide them unfettered access to cleartext data. Which means that once an attacker has stolen admin credentials to your database or cloud storage account, they have access to your sensitive data. We have seen this very scenario play out in nearly every major data breach,” said Wias Issa, CEO of Ubiq.

Ubiq was designed to enable developers to integrate application-layer encryption into their applications in a matter of minutes (without having to worry about key management), with nothing more than a few lines of code and 2 API calls. In fact, it generally takes developers an average of 15 minutes and less than 20 lines of code to start encrypting their application data. Ubiq natively supports both structured and unstructured data, doesn’t require any changes to your storage layer whatsoever, and can be easily integrated into existing DevOps or DevSecOps practices and processes.

Andrew van der Stock, Executive Director of OWASP, said, “implementing cryptography and data protection effectively has always been challenging for developers, as evidenced by Cryptographic Failures being the #2 on the OWASP Top 10 list. Ubiq takes the guesswork and risk out of cryptography and key management decisions. A huge thank you to them for providing OWASP members access to unique benefits and helping advance our mission. I hope our members leverage the solution as part of their DevSecOps practices to protect sensitive application data at the source – the application.” 

To view all OWASP member benefit details, please visit: https://owasp.org/membership/

To activate the unique benefit, simply create your account using your OWASP email address here: https://www.ubiqsecurity.com/owasp

About Ubiq

Ubiq is an API-based application-layer encryption and key management as code (SaaS) platform that enables development, security, and data protection teams to mitigate the risk of sensitive data theft and eliminate the gap left wide open by most at-rest encryption solutions, by enabling them to encrypt data directly inside of the application in a few lines of code and 2 API calls.

Ubiq is trusted by teams all over the world and empowers them to reduce the risk of data theft, free up precious resources, and build compliant and secure-by-design applications.

You can learn more about their solutions at: www.ubiqsecurity.com

About OWASP

The Open Worldwide Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. Our programs include:

  • Over 200+ Community-led open-source software projects
  • Over 250+ local chapters worldwide
  • 6000+ financial members
  • Industry-leading educational and training conferences

We are an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All our projects, tools, documents, forums and chapters are free and open to anyone interested in improving application security. The OWASP Foundation launched on September 24, 2001, becoming incorporated as a United States non-profit charity on April 21, 2004.

For inquiries, please contact the Executive Director, Andrew van der Stock at [email protected]