Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

11/17/2009
04:21 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

DeepNines Introduces Security Lab And Internet Security Assessment Tool

Lab will provide a view of long- and short-term network threats

Dallas, TX " November 17, 2009 " Leading network security provider, DeepNines Technologies, today launched its DeepNines Security Labs, along with the output report from its industry-first, proprietary Internet Security Assessment (ISA), which provides critical information on security gaps, threats and risks entering and leaving the network. Over the last three years, DeepNines has performed hundreds of Internet Security Assessments for enterprises, healthcare, education and government organizations. The DeepNines Security Labs measured findings from 2008 versus 2009 to provide a baseline of increases or decreases in threats and risks. The new lab will enable followers and participants to have a clear view of long- and short-term network threats and provide a clear path to solutions based specifically on these findings.

DeepNines Security Lab Results

* The number one threat revealed in the report is the increase in denial of service (DoS) attacks, which is up over 16 percent over the 12-month period. * Going hand-in-hand with DoS, and ranking second on threats year-over-year, is social networks which are up by 8 percent. * Chat was the fastest growing issue from 2008 to 2009, increasing nearing 28 percent in one year. * The report also uncovered that one of the most unrecognized threats was web proxies " a content filter circumvention tool bringing threats to networks from the outside.

"These reports have been extremely insightful for us as a way to provide users details on threats they may not be aware of otherwise. By releasing this analysis to the public, we hope to uncover trends that affect the industry as a whole," said Shawn Eldridge, vice president of marketing and products at DeepNines. "ISA is really like going to the doctor; the Internet Security Assessment will examine your network security, even if you think you feel well, to determine any illnesses, which helps us understand how to make the patient better."

DeepNines Internet Security Assessment

The DeepNines ISA is a comprehensive network evaluation that provides administrators complete Internet traffic visibility by scanning all content, applications and threats that enter and exit the network. By identifying all Internet vulnerabilities and capturing any violations of acceptable use policies, such as web proxies and music downloads, regardless of port or protocol, ISA enables organizations to understand risks to better protect, control and manage their network.

"Understanding network bandwidth, usage patterns and security risks is a huge challenge," said Marcus Martinez, IT director for Calhoun County Independent School District. "DeepNines' ISA helped us capture the actual threats, applications and content on our network that would have otherwise gone unnoticed."

ISA's approach allows participants to obtain a completely accurate and transparent look at their network and the holes that exist, without first investing in a plethora of technology that might not actually solve the problem. The tool utilizes DeepNines' powerful Secure Web Gateway solution, and sits invisibly in the network to capture all traffic and provide quantifiable, useful information and statistics on network activity and usage.

"Most network security point products inspect a limited number of ports and protocols, and often are only looking for specific types of traffic without any insight into users, applications or content. We provide a deep and thorough assessment based on real information to determine what's going on before we try to provide a solution," Added Eldridge.

For more information and insight from DeepNines Security Lab, please visit: http://www.deepnines.com/security-lab/deepnines-security-labs.

To sign up for a free DeepNines Internet Security Assessment, go to: http://www.deepnines.com/internet-security-assessment/.

About DeepNines

DeepNines Technologies is a leader in network security, providing real-time, identity-based network defense for content and applications. Since 1999, DeepNines has provided business, education, health care and government customers with innovative network security that is affordable and easy-to-use. By inventing and patenting unified threat management technology, DeepNines' products enable unparalleled protection and control of ports, protocols, users, applications and content at firewall speed. DeepNines' gateway products leverage the power to protect, control and manage inbound and outbound Internet traffic, empowering enterprises and institutions to secure their networks deep-into-the-nines. To learn more about DeepNines, please visit www.deepnines.com. DeepNines products are protected by one or more U.S. Patents Nos. 6,930978, 7,380,272, 7,058,976; Foreign Patent Nos. 95182 (W002/100039), 106027 (W02003/073724), 1282954; Patents Pending.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29445
PUBLISHED: 2021-04-16
jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...
CVE-2021-29446
PUBLISHED: 2021-04-16
jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...
CVE-2021-29451
PUBLISHED: 2021-04-16
Portofino is an open source web development framework. Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT. The issue will be patched in the upcoming 5.2.1 release.
CVE-2021-29452
PUBLISHED: 2021-04-16
a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible to admins. Unfortunately, privileges were incorrectly checked allowing any logged in user to make this ...
CVE-2021-29444
PUBLISHED: 2021-04-16
jose-browser-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDec...