Attacks/Breaches
6/22/2007
04:48 AM
Connect Directly
RSS
E-Mail
50%
50%

Rethinking Security Technology

Emerging products find new approaches to some old security problems

12:48 PM -- Call it security: the next generation.

Over the past week, security vendors and startups have been launching a wide swath of products and technologies. Normally, this means we're getting rev 6 of Release 3.5.2. But this week, we've seen some genuine innovation -- and perhaps more importantly, some new approaches to solving some very old problems.

Just when you thought firewalls had dead-ended, for example, startup Palo Alto Networks launched a new firewall, the PA-4000, which can identify -- and restrict -- more than 400 types of application traffic. Instead of just two settings for Port 80 ("off" or "on") this firewall enables enterprises to allow, block, or truncate the use of all sorts of applications, including those running over SSL. If it works as promised, the PA-4000 could breathe new life into the firewall market. (See Startup Puts New Spin on Firewalls.)

Another startup, Sentrigo, launched a new product that could change the way enterprises attack the database security problem. Instead of relying on appliances that restrict network flow to and from the database -- or supplementary applications that suck up database server cycles -- Sentrigo's Hedgehog takes a software-only monitoring approach, attaching sensors to the database's cache memory. This method of securing the database could help keep insiders from tampering with the database and reduce server overhead. (See A New Approach to Database Security.)

How about a new take on virtual private networks? Recently, the old VPN has begun to look tired, because of its inability to adapt to mobile devices and its assumption that most of its users would be fixed-location employees. Yet Stonesoft is introducing a new SSL VPN product that works with a wide variety of mobile devices and lets companies give limited access to customers and trading partners. (See Stonesoft Seeks to Open Up VPNs.)

This rethinking of old problems isn't limited to the vendor community. Next week, analyst firm Enterprise Strategy Group is releasing data from a new survey that takes a hard look at how companies secure their intellectual property. Its conclusion: It's time to scrap the manual processes that dominate the IP discovery and classification process, and put in some real automation. (See Securing the 'Company Jewels'.)

Enterprises, meanwhile, are rethinking their approaches to one of the world's oldest problems: physical theft. After being burned several times in the last week, companies are beginning to recognize that one of the most common causes of "data loss" doesn't come from hackers, but from the theft of portable storage media. (See Stop, Thief!)

In an industry where end users often seem to be banging their heads against the same old brick walls (See People, Not Passwords, Are the Problem), it's refreshing to see that some companies are stepping back and thinking about new roads, rather than just repaving the cow paths. Here's hoping the trend continues.

— Tim Wilson, Site Editor, Dark Reading

  • Enterprise Strategy Group (ESG)
  • Palo Alto Networks Inc.
  • Sentrigo Inc.
  • Stonesoft Corp.

    Comment  | 
    Print  | 
    More Insights
  • Register for Dark Reading Newsletters
    Partner Perspectives
    What's This?
    In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

    As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
    Featured Writers
    White Papers
    Cartoon
    Current Issue
    Dark Reading's October Tech Digest
    Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
    Flash Poll
    Video
    Slideshows
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2012-2413
    Published: 2014-10-20
    Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and earlier allows remote attackers to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php.

    CVE-2012-5244
    Published: 2014-10-20
    Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to functions/widgets.php, (6) the category parameter to...

    CVE-2012-5694
    Published: 2014-10-20
    Multiple SQL injection vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allow remote attackers to execute arbitrary SQL commands via the (1) agentPhNo, (2) controlPhNo, (3) agentURLPath, (4) agentControlKey, or (5) platformDD1 parameter to frameworkgui/attach2Agents.p...

    CVE-2012-5695
    Published: 2014-10-20
    Multiple cross-site request forgery (CSRF) vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allow remote attackers to hijack the authentication of administrators for requests that conduct (1) shell metacharacter or (2) SQL injection attacks or (3) send an SMS m...

    CVE-2012-5696
    Published: 2014-10-20
    Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 does not properly restrict access to frameworkgui/config, which allows remote attackers to obtain the plaintext database password via a direct request.

    Best of the Web
    Dark Reading Radio
    Archived Dark Reading Radio
    Follow Dark Reading editors into the field as they talk with noted experts from the security world.