Mocana company logo

The profile is currenly unclaimed by the seller. All information is provided by CB Insights.

mocana.com

Founded Year

2002

Stage

Acquired | Acquired

Total Raised

$101.59M

About Mocana

Mocana is developing a device-independent Smart Device Security Platform that secures all aspects of IP addressable devices as well as the information, applications and services that run on them. Mocana's solutions increase confidence, trust and compliance among OEMs, service providers and their customers.On January 13th, 2022, Mocana was acquired by DigiCert. Terms of the transaction were not disclosed.

Mocana Headquarter Location

1735 N First St Suite 306

San Jose, California, 95112,

United States

415-617-0055

Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

Research containing Mocana

Get data-driven expert analysis from the CB Insights Intelligence Unit.

CB Insights Intelligence Analysts have mentioned Mocana in 2 CB Insights research briefs, most recently on Sep 28, 2021.

Expert Collections containing Mocana

Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.

Mocana is included in 2 Expert Collections, including Cybersecurity.

C

Cybersecurity

4,901 items

A

Advanced Manufacturing

3,315 items

Companies focused on the technologies to increase manufacturing productivity, ranging from automation & robotics to AR/VR to factory analytics & AI, plus many more.

Mocana Patents

Mocana has filed 38 patents.

The 3 most popular patent topics include:

  • Cryptography
  • Key management
  • Cryptographic protocols
patents chart

Application Date

Grant Date

Title

Related Topics

Status

1/29/2020

4/12/2022

Cryptography, Cryptographic protocols, Key management, Secure communication, Transport Layer Security

Grant

Application Date

1/29/2020

Grant Date

4/12/2022

Title

Related Topics

Cryptography, Cryptographic protocols, Key management, Secure communication, Transport Layer Security

Status

Grant

Latest Mocana News

06:00 EDT Armis Discovers "TLStorm 2.0," Five Critical Vulnerabilities in Network Switches, Organizations Around the World at Ri...

May 3, 2022

News provided by Share this article Share this article Vulnerabilities found in widely-used network switches could allow attackers to bypass security features such as network segmentation to gain access to critical systems PALO ALTO, Calif., May 3, 2022 /CNW/ -- Armis , the leading unified asset visibility and security platform, today announced the disclosure of five critical vulnerabilities, known as TLStorm 2.0 , in the implementation of TLS communications in multiple models of network switches. The vulnerabilities stem from a similar design flaw identified in the TLStorm vulnerabilities (discovered earlier this year by Armis), expanding the reach of TLStorm to millions of additional enterprise-grade network infrastructure devices. In March 2022, Armis first disclosed TLStorm—three critical vulnerabilities in APC Smart-UPS devices. The vulnerabilities allow an attacker to gain control of Smart-UPS devices from the internet with no user interaction, resulting in the UPS overloading and eventually destroying itself in a cloud of smoke. The root cause for these vulnerabilities was a misuse of NanoSSL, a popular TLS library by Mocana. Using the Armis knowledgebase—a database of more than two billion assets—our researchers identified dozens of devices using the Mocana NanoSSL library. The findings include not only the APC Smart-UPS devices but also two popular network switch vendors that are affected by a similar implementation flaw of the library. While UPS devices and network switches differ in function and levels of trust within the network, the underlying TLS implementation issues allow for devastating consequences. The new TLStorm 2.0 research exposes vulnerabilities that could allow an attacker to take full control over network switches used in airports, hospitals, hotels, and other organizations worldwide. The affected vendors are Aruba (acquired by HPE) and Avaya Networking (acquired by ExtremeNetworks). We have found that both vendors have switches vulnerable to remote code execution (RCE) vulnerabilities that can be exploited over the network, leading to: Breaking of network segmentation, allowing lateral movement to additional devices by changing the behavior of the switch Data exfiltration of corporate network traffic or sensitive information from the internal network to the Internet Captive portal escape These research findings are significant as they highlight that the network infrastructure itself is at risk and exploitable by attackers, meaning that network segmentation alone is no longer sufficient as a security measure. "Research at Armis is driven by one simple purpose: Identify emerging security threats to provide our customers with real-time and continuous protection," said Barak Hadad, Head of Research, Armis. "The TLStorm set of vulnerabilities are a prime example of threats to assets that were previously not visible to most security solutions, showing that network segmentation is no longer a sufficient mitigation and proactive network monitoring is essential. Armis researchers will continue to explore assets across all environments to make sure our knowledgebase of more than two billion assets is sharing the latest threat mitigations to all of our partners and customers." Captive Portals A captive portal is the web page displayed to newly-connected users of a Wi-Fi or wired network before they are granted broader access to network resources. Captive portals are commonly used to present a login page that may require authentication, payment, or other valid credentials that both the host and user agree upon. Captive portals provide access to a broad range of mobile and pedestrian broadband services, including cable and commercially provided Wi-Fi and home hotspots, and enterprise or residential wired networks, such as apartment complexes, hotel rooms, and business centers. Using the TLStorm 2.0 vulnerabilities, an attacker can abuse the captive portal and gain remote code execution over the switch with no need for authentication. Once the attacker has control over the switch, they can disable the captive portal altogether and move laterally to the corporate network. Vulnerability Details and Affected Devices Aruba CVE-2022-23677 (9.0 CVSS score) - NanoSSL misuse on multiple interfaces (RCE) The NanoSSL library mentioned above is used throughout the firmware of Aruba switches for multiple purposes. The two main use cases for which the TLS connection made using the NanoSSL library is not secure and can lead to RCE: Captive portal - A user of the captive portal can take control of the switch prior to authentication. RADIUS authentication client - A vulnerability in the RADIUS connection handling could allow an attacker that is able to intercept the RADIUS connection via a man in the middle attack to gain RCE over the switch with no user interaction. CVE-2022-23676 (9.1 CVSS score) - RADIUS client memory corruption vulnerabilities RADIUS is an authentication, authorization, accounting (AAA) client/server protocol that allows central authentication for users who attempt to access a network service. The RADIUS server responds to access requests from network services that act as clients. The RADIUS server checks the information in the access request and responds with authorization of the access attempt, a rejection, or a challenge for more information. There are two memory corruption vulnerabilities in the RADIUS client implementation of the switch;  they lead to heap overflows of attacker-controlled data. This can allow a malicious RADIUS server, or an attacker with access to the RADIUS shared secret, to remotely execute code on the switch. Aruba devices affected by TLStorm 2.0: Aruba 5400R Series Avaya management interface pre-auth vulnerabilities The attack surface for all three vulnerabilities of the Avaya switches is the web management portal and none of the vulnerabilities require any type of authentication, making it a zero-click vulnerability group. CVE-2022-29860 (CVSS 9.8) - TLS reassembly heap overflow This is a similar vulnerability to CVE-2022-22805 that Armis found in APC Smart-UPS devices. The process handling POST requests on the webserver does not properly validate the NanoSSL return values, resulting in a heap overflow that can lead to remote code execution. CVE-2022-29861 (CVSS 9.8) - HTTP header parsing stack overflow An improper boundary check in the handling of multipart form data combined with a string that is not null-terminated leads to attacker-controlled stack overflow that may lead to RCE. HTTP POST request handling heap overflow A vulnerability in the handling of HTTP POST requests due to missing error checks of the Mocana NanoSSL library leads to a heap overflow of attacker-controlled length, which may lead to RCE. This vulnerability has no CVE because it was found in a discontinued product line of Avaya meaning no patch will be issued to fix this vulnerability, though Armis data shows these devices can still be found in the wild. Avaya devices affected by TLStorm 2.0: ERS3500 Series Updates and Mitigations Aruba and Avaya collaborated with Armis on this matter, and customers were notified and issued patches to address most of the vulnerabilities. To the best of our knowledge, there is no indication the TLStorm 2.0 vulnerabilities have been exploited. Organizations deploying impacted Aruba devices should patch impacted devices immediately with patches in the Aruba Support Portal here . Organizations deploying impacted Avaya devices should check security advisories immediately in the Avaya Support Portal here . Armis customers can immediately identify devices that are vulnerable in their environments and begin remediation. To speak with an Armis expert and experience our award-winning unified asset visibility and security platform, click here . Research Presentations Armis experts will discuss the TLStorm research during the following event:

Mocana Web Traffic

Rank
Page Views per User (PVPU)
Page Views per Million (PVPM)
Reach per Million (RPM)
CBI Logo

Mocana Rank

  • When was Mocana founded?

    Mocana was founded in 2002.

  • Where is Mocana's headquarters?

    Mocana's headquarters is located at 1735 N First St, San Jose.

  • What is Mocana's latest funding round?

    Mocana's latest funding round is Acquired.

  • How much did Mocana raise?

    Mocana raised a total of $101.59M.

  • Who are the investors of Mocana?

    Investors of Mocana include DigiCert, Paycheck Protection Program, Shasta Ventures, Sway Ventures, ForgePoint Capital and 9 more.

  • Who are Mocana's competitors?

    Competitors of Mocana include Cybellum, Microsec, ForeScout Technologies, Cylance, Sequitur Labs and 7 more.

You May Also Like

CounterTack Logo
CounterTack

CounterTack+GoSecure is a provider of Predictive Endpoint Detection and Response, Next Gen Antivirus and Insider Threat Detection, which meets Gartner's updated definition for Endpoint Protection Platform (EPP) for the enterprise. The Platform delivers multi-vector detection, prevention, and response by applying a unique combination of behavioral analysis, memory forensics, machine learning, and reputational techniques to counter advanced threats. Powered by the Platform, CounterTack+GoSecure also offers a full spectrum of managed cybersecurity services, integrating EDR, SIEM, NextGen firewalls, IPS, vulnerability assessment and patch management. Its Advanced Response Centre (ARC) provides Threat Hunting, Active Threat Mitigation and Incident Response services.

Bastille Networks Logo
Bastille Networks

Bastille Networks completely secures the IoT on corporate campuses by identifying airborne threats and allowing for preemptive response. Through its software and sensor technology, Bastille safely and privately scans a corporation's air space, giving security personnel visibility into every RF-emitting device on a premise. As a result, companies can accurately quantify risk and mitigate threats.

dellfer Logo
dellfer

dellfer is a security company that focuses on automotive, building automation, industrial automation, and network appliances.

Dragos Logo
Dragos

Dragos develops the Dragos Platform which is an industrial cybersecurity automation platform that sits on-prem with customers to provide them visibility into their assets, detection of threats through behavioral analytics, collection and correlation of various ICS and OT data sets, and automated workflows reaching across incident response scenarios as well as compliance checks. The Dragos Ecosystem is built off of the Dragos Platform and also includes the Dragos Threat Operations Center.

Argus Cyber Security Logo
Argus Cyber Security

Argus is an automotive cyber security company enabling car manufacturers to protect technologically advanced connected vehicles from current and future malicious attacks. Customers include OEMs, Tier 1s, aftermarket connectivity providers, and fleet managers.

GuardKnox Logo
GuardKnox

GuardKnox provides cyber defense for connected and autonomous vehicles. The GuardKnox solution family provides in-depth security with a central gateway ECU drop-in SNO, a secured domain controller and a local SNO for externally connected ECU's.

Discover the right solution for your team

The CB Insights tech market intelligence platform analyzes millions of data points on vendors, products, partnerships, and patents to help your team find their next technology solution.

Request a demo

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.