Attacks/Breaches
6/22/2007
04:48 AM
50%
50%

Rethinking Security Technology

Emerging products find new approaches to some old security problems

12:48 PM -- Call it security: the next generation.

Over the past week, security vendors and startups have been launching a wide swath of products and technologies. Normally, this means we're getting rev 6 of Release 3.5.2. But this week, we've seen some genuine innovation -- and perhaps more importantly, some new approaches to solving some very old problems.

Just when you thought firewalls had dead-ended, for example, startup Palo Alto Networks launched a new firewall, the PA-4000, which can identify -- and restrict -- more than 400 types of application traffic. Instead of just two settings for Port 80 ("off" or "on") this firewall enables enterprises to allow, block, or truncate the use of all sorts of applications, including those running over SSL. If it works as promised, the PA-4000 could breathe new life into the firewall market. (See Startup Puts New Spin on Firewalls.)

Another startup, Sentrigo, launched a new product that could change the way enterprises attack the database security problem. Instead of relying on appliances that restrict network flow to and from the database -- or supplementary applications that suck up database server cycles -- Sentrigo's Hedgehog takes a software-only monitoring approach, attaching sensors to the database's cache memory. This method of securing the database could help keep insiders from tampering with the database and reduce server overhead. (See A New Approach to Database Security.)

How about a new take on virtual private networks? Recently, the old VPN has begun to look tired, because of its inability to adapt to mobile devices and its assumption that most of its users would be fixed-location employees. Yet Stonesoft is introducing a new SSL VPN product that works with a wide variety of mobile devices and lets companies give limited access to customers and trading partners. (See Stonesoft Seeks to Open Up VPNs.)

This rethinking of old problems isn't limited to the vendor community. Next week, analyst firm Enterprise Strategy Group is releasing data from a new survey that takes a hard look at how companies secure their intellectual property. Its conclusion: It's time to scrap the manual processes that dominate the IP discovery and classification process, and put in some real automation. (See Securing the 'Company Jewels'.)

Enterprises, meanwhile, are rethinking their approaches to one of the world's oldest problems: physical theft. After being burned several times in the last week, companies are beginning to recognize that one of the most common causes of "data loss" doesn't come from hackers, but from the theft of portable storage media. (See Stop, Thief!)

In an industry where end users often seem to be banging their heads against the same old brick walls (See People, Not Passwords, Are the Problem), it's refreshing to see that some companies are stepping back and thinking about new roads, rather than just repaving the cow paths. Here's hoping the trend continues.

— Tim Wilson, Site Editor, Dark Reading

  • Enterprise Strategy Group (ESG)
  • Palo Alto Networks Inc.
  • Sentrigo Inc.
  • Stonesoft Corp.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win a Starbucks Card! Click Here
    Latest Comment: This comment is waiting for review by our moderators.
    Current Issue
    Five Things Every Business Executive Should Know About Cybersecurity
    Don't get lost in security's technical minutiae - a clearer picture of what's at stake can help align business imperatives with technology execution.
    Flash Poll
    Dark Reading Strategic Security Report: The Impact of Enterprise Data Breaches
    Dark Reading Strategic Security Report: The Impact of Enterprise Data Breaches
    Social engineering, ransomware, and other sophisticated exploits are leading to new IT security compromises every day. Dark Reading's 2016 Strategic Security Survey polled 300 IT and security professionals to get information on breach incidents, the fallout they caused, and how recent events are shaping preparations for inevitable attacks in the coming year. Download this report to get a look at data from the survey and to find out what a breach might mean for your organization.
    Slideshows
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2013-7445
    Published: 2015-10-15
    The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

    CVE-2015-4948
    Published: 2015-10-15
    netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

    CVE-2015-5660
    Published: 2015-10-15
    Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

    CVE-2015-6003
    Published: 2015-10-15
    Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

    CVE-2015-6333
    Published: 2015-10-15
    Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

    Dark Reading Radio
    Archived Dark Reading Radio
    Security researchers are finding that there's a growing market for the vulnerabilities they discover and persistent conundrum as to the right way to disclose them. Dark Reading editors will speak to experts -- Veracode CTO and co-founder Chris Wysopal and HackerOne co-founder and CTO Alex Rice -- about bug bounties and the expanding market for zero-day security vulnerabilities.