Supriya Ghosh (Editor)

Comodo Group

Updated on
Edit
Like
Comment
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit
Type
  
Private

Founder
  
Melih Abdulhayoğlu

Motto
  
Creating Trust Online

Website
  
www.comodo.com

Founded
  
1998

Number of employees
  
1,100

Industry
  
Computer security internet security

Key people
  
Melih Abdulhayoğlu (President and CEO)

Products
  
SSL Certificates AntiVirus Firewall PCI Compliance EndPoint Security Managed DNS

CEO
  
Melih Abdulhayoğlu (1998–)

Headquarters
  
Clifton, New Jersey, United States

Profiles

Facebook
Google+

Comodo Group, Inc. is a privately held group of companies providing computer software and SSL digital certificates, based in Clifton, New Jersey in the United States. It has offices in the United Kingdom, Ukraine, Romania, China, India, Turkey and Clifton, NJ. As of 3 February 2017, Comodo is the largest issuer of SSL certificates with a 44% market share on 13.9% of all web domains.

Contents

History

The company was founded in 1998 in the United Kingdom, by Melih Abdulhayoğlu, who remains its CEO. The company relocated to the United States in 2004. Its product line is focused on computer and internet security. The firm operates a Certificate Authority that issues SSL certificates, and offers information security products for both enterprises and consumers that secure endpoints, networks and boundaries against cyber threats using on premise and cloud-based offerings.

Companies

  • Comodo CA Limited: Based in City of Salford, Greater Manchester, UK, is a digital certificate authority that issues SSL and other digital certificates. According to W3Techs.com, Comodo is the largest digital certificate provider.
  • Comodo Security Solutions, Inc: Based in Clifton, NJ, develops and markets security software for commercial and consumer use. This includes web site vulnerability and penetration scannng, corporate and consumer pc security systems and other networks security products. Comodo AntiVirus Labs support all versions of their security systems.
  • DNS.com: Based in Louisville, Kentucky, the company provides managed DNS services.

    • Consumer Security Products

  • Comodo Internet Security (CIS) is a suite of security products for the desktop, provided free, with additional features available for a fee. Support requires a subscription. It includes a personal firewall, Host-based intrusion detection system and antivirus program.
  • Comodo Antivirus- A free Antivirus product that supports all major OS including Mac, (from OS X 10.4), Linux (from Ubuntu 12.04) and Windows (from XP S2, including Windows 10).
  • Comodo Mobile Security - A free Android application that protects mobile devices against viruses, worms and scripts. In addition, it also features SMS & Call Blocking, a software & process manager, data and apps backup and data traffic Monitor.
  • Comodo email certificate - S/MIME-enabling certificates, free for personal use, per-year fee for corporate use.

    • Enterprise Products - Digital Certificates and Certificate Management

  • Comodo SSL - Comodo was founded as a Certificate Authority selling Comodo SSL and digital certificates. Its primary source of revenue comes from related products to business and enterprises. Related E-Commerce products include PCI Compliance Scanning and Web Site Vulnerability Scanning.
  • Comodo Certificate Manager (CCM) is a cloud-based digital certificate management product allowing enterprises to manage certificates.

    • Enterprise Products - Security

  • Comodo Advanced Endpoint Protection (AEP) provides next-generation endpoint protection, combining Comodo Client Security, ITSM, and Valkyrie file analysis.
  • Valkyrie Cloud File Analysis Platform - The Valkyrie cloud-based file analysis platform uses multiple techniques to provide a verdict of good or bad on unknown files.
  • Comodo Client Security is the client application used by AEP to provide endpoint security.
  • IT and Security Manager (ITSM)- ITSM is the management console used by AEP, providing a single consolidated dashboard of all decies and from which IT administrators can act on issues, report on current risk, and push changes. It allows for the configuration of security policies and visibility into the security posture and health of enterprise endpoints (PCs and mobile devices).
  • Comodo Dome (cDome Shield, cDome Enterprise, cDome Data Protection) - a family of products providing a cloud-delivered secure web platform providing various security functions including web security, anti spam, secure VPN, and next generation firewall. In May 2014, the Comodo Group acquired MyDLP, an open source data loss prevention system and integrated the functionality as Comodo Dome Data Protection.
  • Comodo Securebox was released in July 2014 and was jointly developed with Western Union with the intention of solving the problem of an application needing to conduct sensitive activities such as financial transactions from an already compromised system. Securebox containment technology protects the application and its activities even if the computer is infected with malware
  • Comodo Mobile Device Management - Comodo MDM software could rightly be called a powerful tool in the hands of IT administrators. Using this tool they can manage and at the same time ensure the security of a large number of mobile devices, both personal as well as those that are part of a corporate network.
  • Comodo cWatch a breach prevention and threat detection managed SaaS offering hosted by Comodo.
  • Comodo Korugan - In 2014 Comodo introduced the Korugan line of Unified Threat Management Appliances that provide a bundle of network security solutions such as firewall, gateway antivirus and end security management.

    • Web browsers offered by Comodo

  • Comodo Dragon - A Chromium-based browser with enhanced privacy and security
  • Comodo IceDragon - a Firefox-based browser, both with enhanced privacy and security features

    • Other Products

    1. Comodo System Utilities - PC Magazine reviewed the product concluding "it is an effective system-enhancing utility that is as potent, if not more so in certain cases, as paid apps".
    2. SurGate Labs - In 2014 Comodo acquired SurGate Labs, a Turkish Software company that specializes in secure email an messaging systems. SurGate only recently began marketing its products outside of Turkey and Eastern Europe.
    3. Comodo Backup - In 2014 Comodo introduced Secured backup for Online Storage.
    4. Comodo Penetration Testing - Comodo Penetration Tests will identify critical attack paths present in network infrastructure manually and provide advice to eliminate threats.

    Industry affiliations

    Comodo is a member of the following industry organizations:

  • Certificate Authority Security Council (CASC): In February 2013, Comodo became a founding member of this industry advocacy organization dedicated to addressing industry issues and educating the public on internet security.
  • Common Computing Security Standards Forum (CCSF): In 2009 Comodo was a founding member of the CCSF, an industry organization that promotes industry standards that protect end users. Comodo CEO Melih Abdulhayoğlu is considered the founder of the CCSF.
  • CA/Browser Forum: In 2005, Comodo was a founding member of a new consortium of Certificate Authorities and web browser vendors dedicated to promoting industry standards and baseline requirements for internet security.

    • Symantec

    In response to Symantec's comment over the effectiveness of free Antivirus software, on September 18, 2010, the CEO of Comodo Group challenged Symantec to see which products can defend the consumer better against malware. GCN'S John Breeden understood Comodo's stance on free Antivirus software and challenging Symantec: "This is actually a pretty smart move based on previous reviews of AV performance we've done in the GCN Lab. Our most recent AV review this year showed no functional difference between free and paid programs in terms of stopping viruses, and it's been that way for many years. In fact you have to go all the way back to 2006 to find an AV roundup where viruses were missed by some companies."

    Symantec responded saying that if Comodo is interested they should have their product included in tests by independent reviewers.

    Comodo volunteered to a Symantec vs. Comodo independent review. Though this showdown did not take place, Comodo has since been included in multiple independent reviews with AV-Test, PC World, Best Antivirus Reviews, AV-Comparatives, and PC Mag.

    Certificate hacking

    On March 23, 2011, Comodo posted a report that 8 days earlier, on 15 March 2011, a user account with an affiliate registration authority had been compromised and was used to create a new user account that issued nine certificate signing requests. Nine certificates for seven domains were issued. The attack was traced to IP address 212.95.136.18, which originates in Tehran, Iran. Though the firm initially reported that the breach was the result of a "state-driven attack", it subsequently stated that the origin of the attack may be the "result of an attacker attempting to lay a false trail.".

    The attack was immediately thwarted, with Comodo revoking all of the bogus certificates. Comodo also stated that it was actively looking into ways to improve the security of its affiliates.

    In an update on March 31, 2011, Comodo stated that it detected and thwarted an intrusion into a reseller user account on March 26, 2011. The new controls implemented by Comodo following the incident on March 15, 2011, removed any risk of the fraudulent issue of certificates. Comodo believed the attack was from the same perpetrator as the incident on March 15, 2011.

    In regards to this second incident, Comodo stated, "Our CA infrastructure was not compromised. Our keys in our HSMs were not compromised. No certificates have been fraudulently issued. The attempt to fraudulently access the certificate ordering platform to issue a certificate failed."

    On March 26, 2011, a person under the username "ComodoHacker" made several posts to Pastebin.com claiming to be an Iranian responsible for the attacks.

    Such issues have been widely reported, and have led to criticism of how certificates are issued and revoked. As of 2016, all of the certificates remain revoked. Microsoft issued a security advisory and update to address the issue at the time of the event.

    Such attacks are not unique to Comodo - the specifics will vary from CA to CA, RA to RA, but there are so many of these entities, all of them trusted by default, that further holes are deemed to be inevitable.

    Association with PrivDog

    In February 2015, Comodo was associated with a man-in-the-middle enabling tool known as PrivDog, which claims to protect users against malicious advertising.

    PrivDog issued a statement on February 23, 2015, saying, "A minor intermittent defect has been detected in a third party library used by the PrivDog standalone application which potentially affects a very small number of users. This potential issue is only present in PrivDog versions, 3.0.96.0 and 3.0.97.0. The otential issue is not present in the PrivDog plug-in that is distributed with Comodo Browsers, and Comodo has not distributed this version to its users. there are potentially a maximum of 6,294 users in the USA and 57,568 users globally that this could potentially impact. The third party library used by PrivDog is not the same third party library used by Superfish....The potential issue has already been corrected. There will be an update tomorrow which will automatically update all 57,568 users of these specific PrivDog versions."

    Certificates issued to known malware

    In 2009 Microsoft MVP Michael Burgess accused Comodo of issuing digital certificates to known malware.

    Comodo responded when notified and revoked the issued certificates that contained the rogue malware.

    Chromodo browser

    In January 2016, Tavis Ormandy reported that Comodo's Chromodo browser exhibited a number of vulnerabilities, including disabling of the same-origin policy.

    The vulnerability wasn't in the browser itself, which was based on the open-source code behind Google's Chrome browser. Rather, the issue was with an add-on. As soon as Comodo became aware of the issue in early February 2016, the company released a statement and a fix: "As an industry, software in general is always being updated, patched, fixed, addressed, improved - it goes hand in hand with any development cycle...What is critical in software development is how companies address an issue if a certain vulnerability is found - ensuring it never puts the customer at risk." Those using Chromodo immediately received an update. The Chromodo browser was subsequently discontinued by Comodo.

    Let's Encrypt trademark registration application

    In October 2015, Comodo applied for "Let's Encrypt", "Comodo Let's Encrypt", and "Let's Encrypt with Comodo" trademarks. These trademark applications were filed almost a year after the Internet Security Research Group, parent organization of Let's Encrypt, started using the name Let's Encrypt publicly in November 2014, and despite the fact Comodo's "intent to use" trademark filings acknowledge that it has never used "Let's Encrypt" as a brand.

    On June 24, 2016, Comodo publicly posted in its forum that it had filed for "express abandonment" of their trademark applications.

    Comodo's Chief Technical Officer Robin Alden said, "Comodo has filed for express abandonment of the trademark applications at this time instead of waiting and allowing them to lapse. Following collaboration between Let's Encrypt and Comodo, the trademark issue is now resolved and behind us, and we'd like to thank the Let's Encrypt team for helping to bring it to a resolution."

    Dangling markup injection vulnerability

    On July 25, 2016, Matthew Bryant showed that Comodo's website is vulnerable to dangling markup injection attacks and can send emails to system administrators from Comodo's servers to approve a wildcard certificate issue request which can be used to issue arbitrary wildcard certificates via Comodo's 30-Day PositiveSSL product.

    Bryant reached out in June 2016, and on July 25, 2016, Comodo's Chief Technical Officer Robin Alden confirmed a fix was put in place, within the responsible disclosure date per industry standards.

    References

    Comodo Group Wikipedia
    (Text) CC BY-SA