Attacks/Breaches
6/22/2007
04:48 AM
50%
50%

Rethinking Security Technology

Emerging products find new approaches to some old security problems

12:48 PM -- Call it security: the next generation.

Over the past week, security vendors and startups have been launching a wide swath of products and technologies. Normally, this means we're getting rev 6 of Release 3.5.2. But this week, we've seen some genuine innovation -- and perhaps more importantly, some new approaches to solving some very old problems.

Just when you thought firewalls had dead-ended, for example, startup Palo Alto Networks launched a new firewall, the PA-4000, which can identify -- and restrict -- more than 400 types of application traffic. Instead of just two settings for Port 80 ("off" or "on") this firewall enables enterprises to allow, block, or truncate the use of all sorts of applications, including those running over SSL. If it works as promised, the PA-4000 could breathe new life into the firewall market. (See Startup Puts New Spin on Firewalls.)

Another startup, Sentrigo, launched a new product that could change the way enterprises attack the database security problem. Instead of relying on appliances that restrict network flow to and from the database -- or supplementary applications that suck up database server cycles -- Sentrigo's Hedgehog takes a software-only monitoring approach, attaching sensors to the database's cache memory. This method of securing the database could help keep insiders from tampering with the database and reduce server overhead. (See A New Approach to Database Security.)

How about a new take on virtual private networks? Recently, the old VPN has begun to look tired, because of its inability to adapt to mobile devices and its assumption that most of its users would be fixed-location employees. Yet Stonesoft is introducing a new SSL VPN product that works with a wide variety of mobile devices and lets companies give limited access to customers and trading partners. (See Stonesoft Seeks to Open Up VPNs.)

This rethinking of old problems isn't limited to the vendor community. Next week, analyst firm Enterprise Strategy Group is releasing data from a new survey that takes a hard look at how companies secure their intellectual property. Its conclusion: It's time to scrap the manual processes that dominate the IP discovery and classification process, and put in some real automation. (See Securing the 'Company Jewels'.)

Enterprises, meanwhile, are rethinking their approaches to one of the world's oldest problems: physical theft. After being burned several times in the last week, companies are beginning to recognize that one of the most common causes of "data loss" doesn't come from hackers, but from the theft of portable storage media. (See Stop, Thief!)

In an industry where end users often seem to be banging their heads against the same old brick walls (See People, Not Passwords, Are the Problem), it's refreshing to see that some companies are stepping back and thinking about new roads, rather than just repaving the cow paths. Here's hoping the trend continues.

— Tim Wilson, Site Editor, Dark Reading

  • Enterprise Strategy Group (ESG)
  • Palo Alto Networks Inc.
  • Sentrigo Inc.
  • Stonesoft Corp.

    Comment  | 
    Print  | 
    More Insights
  • Register for Dark Reading Newsletters
    White Papers
    Cartoon
    Current Issue
    Flash Poll
    Video
    Slideshows
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2014-2027
    Published: 2015-03-31
    eGroupware before 1.8.006.20140217 allows remote attackers to conduct PHP object injection attacks, delete arbitrary files, and possibly execute arbitrary code via the (1) addr_fields or (2) trans parameter to addressbook/csv_import.php, (3) cal_fields or (4) trans parameter to calendar/csv_import.p...

    CVE-2014-2830
    Published: 2015-03-31
    Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors.

    CVE-2014-7876
    Published: 2015-03-31
    Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors.

    CVE-2014-9462
    Published: 2015-03-31
    The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.

    CVE-2014-9706
    Published: 2015-03-31
    The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.

    Dark Reading Radio
    Archived Dark Reading Radio
    Good hackers--aka security researchers--are worried about the possible legal and professional ramifications of President Obama's new proposed crackdown on cyber criminals.