Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

2/24/2011
05:21 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Security Firm Strikes Back At Cenzic Patent Lawsuit Threat

NT Objectives files suit challenging claims it infringed on Cenzic's patent for "fault injection methods," security experts gathering proof of prior art

Cenzic is back on the legal warpath with another patent infringement lawsuit filed against a security company over Cenzic's patented "fault injection methods" technology. But this time the target of the lawsuit is challenging the validity of the patent.

NT Objectives, a small Web application scanning vendor, on Feb. 14 filed a lawsuit in the U.S. District Court in the Central District of California for a declaratory judgment of noninfringement, calling the patent invalid and unenforceable after Cenzic threatened litigation. Cenzic claims its patent, awarded in 2007, gives it exclusive rights to use the technology, and that after making "good faith attempts to resolve issues amicably" with NT Objectives, it decided to file a lawsuit late last week.

This isn't the first time Cenzic has sued a security firm over the use of this Web application vulnerability scanning technology: In August 2007, Cenzic filed a patent infringement suit against SPI Dyamics, which HP was in the process of acquiring. The suit put Web application security vendors and penetration testers on alert, and several hackers associated with the sla.ckers.org site demonstrated their displeasure with the patent at the time by exposing cross-site scripting flaws in Cenzic's website. HP later settled with Cenzic by signing a cross-licensing agreement. IBM also signed such an agreement nearly two years later with Cenzic.

At the heart of the Cenzic patent dispute is the so-called "prior art": Security experts argue that there are already some fault-injection tools that were released in the 2000-2001 time frame, well before Cenzic first filed for its patent, which would basically render the so-called Patent 232 moot. And critics say the patent is far too broad, covering the day-to-day tasks of most security scanners, penetration testing tools, and even that of the penetration testers themselves.

Neither Cenzic nor NT Objectives would comment on the cases, but some security researchers have begun rallying behind NT Objectives. A site called Stop Cenzic 232 Patent has been launched, and its author is calling for a Month of Prior Art on the technology at issue in the patent that will begin on April 1.

"Now this patent is of no concern if they used the patent 'defensively,' but Cenzic has chosen to go around chasing companies that create Web scanners for licensing money using this broad and unfortunately granted patent," blogged Enrique Sanchez Montellano.

Mantellano lists several products that could also be subject to Cenzic's patent claims because they employ the same method of injection, including Rapid7 Nexpose, Nessus, eEye Retia, McAfee Foundscan, nCircle Suite360, Qualys, Metasploit, Core Impact, and Burp Proxy.

According to a penetration tester familiar with the case and who requested anonymity, the way the patent is written, it could even apply to SQL injection and cross-site scripting attacks or pen tests. It could apply to any products that execute these techniques for bypassing normal security routines. "Even when I do this manually -- it would apply. So as a pen tester, I couldn't do that" according to the lawsuit, the source says.

Alan Shimel, CEO of The CISO Group, says he has heard from sources that Cenzic is "looking for seven figures" from NT Objectives.

"Initially, it looked like Cenzic was using the patent defensively. But now they are using it offensively," Shimel says. "This is just a lousy patent. There's a lot of prior art that should have been looked at before it was granted."

Meanwhile, among the Cenzic employees named in the patent when it was filed in 2002 include Greg Hoglund, founder and CEO of HBGary, whose company was targeted by the Anonymous hacking group.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27706
PUBLISHED: 2021-04-14
Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request. This occurs because the "formIPMacBindDel" function directly passes the parameter "IPMacBind...
CVE-2021-27707
PUBLISHED: 2021-04-14
Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. This occurs because the "formDelPortMapping" function directly passes the parameter "portMappingIn...
CVE-2021-28098
PUBLISHED: 2021-04-14
An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions for...
CVE-2021-30493
PUBLISHED: 2021-04-14
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other wor...
CVE-2021-30494
PUBLISHED: 2021-04-14
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other wo...