Palindrome Technologies: Removing Complexity from Cloud Security

Peter Thermos, Founder, President and CTO, Palindrome TechnologiesPeter Thermos, Founder, President and CTO It began with a microscope, tweezers, and worms Throughout his life, Peter Thermos, a cybersecurity expert and the CEO of Palindrome Technologies, has been intrigued by the impact of cyber threats on humanity. "It began in my first year of college when I read, "With Microscope and Tweezers: An Analysis of the Internet Virus of November 1988. This paper ignited his curiosity and inspired him to delve deeper into the information security space.

After college, Thermos conducted early research on cyber security issues for telecommunication carriers and government agencies at the prestigious Bell Labs offspring Bell Communications Research, a.k.a., Bellcore. Here, he realized the critical role and importance of reliable and secure technologies in instilling confidence among customers and stakeholders.

Technology has proliferated throughout our daily lives. We depend on it heavily and trust it implicitly. We start to doubt the reliability and effectiveness of technological evolution if a malicious actor compromises the integrity of the systems we rely upon." Thermos says.

Tackling the most challenging security threats

This understanding drove Thermos to establish Palindrome Technologies in 2005. He assembled a world-class team of cyber security experts known as the people to call when you need the “best of the best”. Peter focused the Company on tackling the most formidable security threats - global companies and government agencies with complex computing environments working to secure emerging technologies such as 5G, IoT, V2X, and SDN/NFV.

The Company’s ultimate goal is to help protect their clients’ brands, infrastructure assets, and enable secure business operations. To do this, they need to instill trust and inspire confidence in the reliability and effectiveness of their architectures in the face of shifting threat landscapes and an explosion of emerging technologies. Indeed, they work with customers worldwide to proactively identify vulnerabilities; and implement security controls, all to minimize their business’ potential risk exposure.

We break code because we care…and because they can.

Palindrome Technologies is not just about addressing the toughest security threats and completing the job. Thermos views the Palindrome Technologies’ team as an extension of their customers’ operations. Their deep understanding of their customers’ unique architectures, business priorities, and expertise in cybersecurity enables Palindrome Technologies to earn the reputation as a trusted cybersecurity services provider for clients' spanning complex telecommunication networks and high assurance environments. Their motto is "we break code because we care” and they can.

Impacting security for over 100 million users every day

Today, Palindrome Technologies has improved the cybersecurity of platforms that support more than 100 million consumers every day. "We have been supporting multiple cloud products for one of the largest U.S. communication providers on a multi-year cloud transformation," states Thermos. This was demonstrated by the contract awarded to Palindrome Technologies by the U.S. Department of Homeland Security to conduct research and develop an architecture for 5G & WiFi 6/6E coexistence for secure federal networks. The Company will create a secure architecture framework for 5G and Wifi6 coexistent networks (HetNets) through this endeavor, a long-term concern for commercial and government organizations.

Palindrome Technologies is one of the few labs in the U.S. to have worked with major wireless carriers on the thirdgeneration partnership project (3GPP), fourth-generation (4G) since 2008, and the fifth-generation (5G) wireless communication systems.
Information Security in the Cloud: Top 3 Cyber Security Challenges

With the rapid pace of digitalization, it is becoming an increasing challenge for businesses to ensure information security, especially in the Cloud. The cloud environment is rapidly evolving, with distributed teams working from different locations and devices, creating challenges in cloud security around operations and compliance.

Alongside this, players across regulated industries such as healthcare, finance, insurance, and education are struggling to address high-assurance compliance requirements. To this end, Palindrome Technologies assists clients in closing their compliance evaluation gaps with continuous attack surface monitoring and automated asset analysis managed services.

Thermos is frequently asked by CEOs, CIOs, and CISOs his view on the biggest cyber security challenges facing these industries and operating safely in the Cloud. He nets it out to three significant challenges:
1. Lack of knowledge and expertise; This is the primary challenge in securing the enterprise cloud. The lack of expertise leads to misconfigurations, absence of proactive prevention and prompt remediation. A study from the Cloud Security Alliance reported that organizations are only “moderately confident” in their ability to defend against cloud vulnerabilities and threats.
2. Velocity of identifying and remediating vulnerabilities; Enterprise organizations with cloud implementations often lack the necessary expertise and rigor of identifying and remediating vulnerabilities, especially in large complex enterprise environments that support high assurance applications (e.g., smart warehousing, telemedicine)
3. Coherent alignment of policies across the organization; Organizations with cloud implementations may lack a uniform approach of security requirements, policies, and procedures among their teams, specifically, development, operations, and security. This is where adopting DevSecOps approach will help harmonize security in cloud implementations and greatly improve the security and robustness of the cloud infrastructure.

Reliability, Performance, and Scalability
To address these challenges for the Enterprise, Carriers and Government customers, Palindrome Technologies offers a service portfolio with three core service lines:
• Security research and analysis of emerging technologies
• Service provider security assurance (telecommunication carriers, energy, financial, and healthcare service providers)
• Enterprise security advisory services (including risk governance, security audits, vulnerability and threat management, due diligence assessments of third-party technology vendors, and security risk management for mergers and acquisitions (M&A)) Going the extra mile, Palindrome Technologies collaborates with academic research labs and industry standards bodies to drive open discussions and contributions to anticipate potential threats:
• Internet Real-Time (IRT) Lab at Columbia University and Centre for Security, Reliability, and Trust (SnT)
• University of Luxembourg
• Cloud Security Alliance (CSA), CTIA, IEEE, IETF, and GSMA-3GPP

Applying Science to Security: An unwavering commitment to applied research

Palindrome Technologies has had an unwavering commitment to applying science and research to cybersecurity from its founding. Anticipating the next threat, especially with global enterprises, demands this level of commitment and knowledge.

"Our prime directive is is to help protect our clients’ businesses, reputations, and infrastructure assets from escalating threats,” said Thermos. “We achieve this by applying “science to security” through our unwavering commitment to applied research, scientific analysis, and rigorous testing.”

To secure any system, we have to understand how it is designed, its purpose, and how it is implemented. We are proud to have end-to-end system expertise in holistically securing an IT ecosystem from low-level embedded hardware platforms to public cloud systems," mentions Thermos.
This allows Palindrome Technologies to perform comprehensive security design and analysis and subsequently make its clients more confident”.

First Worldwide GSMA accredited NESAS Testing Laboratory

To ensure the quality of the technical processes and procedures used in the security assurance testing framework, the Company maintains an ISO/IEC 17025 testing laboratory accreditation. They are recognized as the first worldwide GSMA accredited NESAS testing laboratory to offer security assurance for product vendors.

The company is also a GSMA IoT Security Testing Lab and a CTIA Authorized Test Lab (CATL) for IoT Cybersecurity Certification.

One of the world’s largest cloud-native 5G Multiaccess Edge Computing (MEC) deployments

Palindrome Technologies completed an end-to-end security analysis of a unified cloud-based communications platform with mobile, desktop, and web software clients. The company performed end-to-end threat analysis, architecture design review and worked with the product team to implement security best practices and fix multiple zero-day vulnerabilities.

For the same customer, Palindrome Technologies’ also performed one of the largest cloud-native 5G Multi-access Edge Computing (MEC) deployments in the world. "We have been fortunate enough to work with clients who trusted us to evaluate their flagship projects and anticipate the future transformation of their operations and infrastructure," mentions Thermos.

A Culture of Excellence, Curiosity, and Integrity

Peter and his leadership team have developed a Company culture dedicated to instilling the spirit of excellence, integrity, and curiosity into every team member. "Our philosophy is to attract the best who strive to achieve excellence, deny succumbing to pressure, and never hesitate to make the right decisions. We achieve the trust of our colleagues, partners, and clients through diligence, honesty, candor, and 100% transparency," he adds.

Keeping abreast of major cybersecurity trends

Having carved a unique nichein the cloud security space, Palindrome Technologies has its ears to the ground when comprehending new trends. The major trends that will impact cloud security are:
• Zero Trust Architecture (ZTA)
• Integration of seamless identity
• Access management (IAM) platforms

Today, the ZTA is motivating CIOs and CISOs to rethink the enterprise ecosystem that consists of users, devices, applications, networks, automation, and analytics., Palindrome Technologies plans to help global businesses with the secure implementation of cloud-native IAM platforms that can support millions of users with its architecture design and analysis expertise.

We want to be proactive in identifying vulnerabilities and help organizations implement security controls to minimize potential risk exposures

Looking for patterns others overlook
The Company is currently striving to commercialize its products for further growth. "We have the initiative to commercialize our 5G and WiFi coexistence research," says Thermos. Additionally, Palindrome Technologies works with standards and specifications bodies to define product security requirements. "We question conventional thinking and look for the patterns that others often overlook. Our push for moving to define and refine security is a key component of our strategy to architect and mitigate potential vulnerabilities in products and for our customers," concludes Thermos.
Share this Article:
Palindrome Technologies

Palindrome Technologies

Hazlet, NJ

Peter Thermos, Founder, President and CTO

Palindrome works with some of the largest technology companies worldwide, securing their infrastructure and products ranging from supporting DevSecOps, securing5G networks, secure cloud migrations, mobile edge computing and industrial IoT. The company is working with clients to close the compliance evaluation gap with continuous attack surface monitoring and automated asset analysis managed services. Palindrome Technologies focuses on securing emerging technologies such as 5G, IoT, V2X, SDN/NFV, among others. It is one of the few labs in the U.S. to have worked with major wireless carriers on the third generation partnership project (3GPP), fourth-generation (4G) since 2008, and the upcoming fifth-generation (5G) wireless communication systems.