Risk
9/25/2008
11:15 AM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%
Repost This

Time To Send Out For Security Help?

Providers are looking to provide everything from e-mail security to log management, all from the cloud.

Security software as a service is increasing in popularity in tandem with the growth in cloud computing, as emerging providers promise to lower costs while increasing security.

Attacks on the scale of a full-on domain hijacking are the nightmare scenario, and outsourced protection against DNS flaws is currently limited to using managed services that patch DNS for you. However, there are other proactive steps companies can take to protect data. Cloud-based Web security companies such as Purewire and Zscaler offer a host of services, including URL filtering, anti-malware, and antivirus, and are seeking to protect against emerging browser-based attacks. Even Google is offering basic security services based on technology from SafeScan.

Purewire and Zscaler can detect malware that has been placed on domains that have been hijacked, and they maintain their own DNS servers. Webroot Software and Savvis provide antivirus and anti-malware scanning of e-mail. Both take advantage of the scalability of the cloud and pitch a "no-capital-expense" service; organizations no longer need to update mail gateways with performance-crimping scanning software. Savvis also performs spam filtering in the cloud, competing with Google's Postini service.

Many have tried--and failed--to sell outsourced log management. Still, Savvis, SecureWorks, and Verizon Business Services are all giving it a go with a new twist, leveraging the cloud. Decreased bandwidth, storage, and hosting costs and increased availability lower the barriers to entry for these companies. It's worth noting that SecureWorks is one of the few remaining original players in the managed security services arena offering log management.

What's next? We expect more vulnerability scanning, Web application firewalls, and even outsourced firewalls in the form of cloud-based offerings.

Return to the story:
Locking Down The Cloud: Why DNS Security Must Be Improved

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web