ne
ws
8In
fosecu
rity Tod
ayJanuary/February 2005
Kavado goes defiant
Web application security
supplier Kavado has
launched a threat management
system designed for large-
scale, distributed deployment
of web applications and serv-
ices.
Branded ‘Defiance TMS’, the
product is made up of a web
application level intrusion de-
tection system, an intrusion pre-
vention system, a centralized
repository of logs, and a con-
sole enabling unified adminis-
tration, management, reporting,
and forensics.
"Web application security
and web services security has
been brought to the present
with this", said Vikram Desai,
chief executive officer. "Frankly
it had been stuck around 2001".
"Very large customers are
adopting this very swiftly," he
said. "We saw that at the end of
2004 and right now".
"They had been aware that
web application security was
an issue for them, but they did
not have a way of deploying a
defence that was manageable
within their own enterprise.
"It's been a technology per-
spective that's been predomi-
nant in the past. Customers
have been scanning code and
then filling in the holes, but all
of that takes too long to make
business sense", he said.
Defiance TMS is available for
trial, and pricing starts at
$52,980.
News In Brief
Oracle patch up-date
The first quarterly release
of Oracle's Critical Patch
Update was made public in
mid-January.
Oracle announced in
November that all patches
would be released simultane-
ously, four times a year, after
customer complained that the
sporadic release of patches
when they were ready was
too confusing.
SSH goes for IBM mainframe
News In Brief
Spy virus creatorcaptured
The creator of a virus
which infected webcams
and allowed secret recordings,
has been arrested in Spain.
Information gained from the
webcam recordings allowed
the author access to bank ac-
counts as well as spy on vic-
tims.The virus is thought to
have spread through peer-to-
peer file sharing sites. No oth-
er information has yet been
released.
Carnivore de-voured by com-mercial rivals
The FBI's custom built sur-
veillance ware, known as
Carnivore, has been replaced
by a commercial product.
Developed to read online
communications between sus-
pected terrorists and spies,
the system was first used in
2000, but barely used since.
The FBI has not divulged
which commercial products it
is using instead.
Microsoft claims50% of UK usersare infected
After talking to 1500 of
their British customers,
Microsoft has announced that
44% have had a virus on their
PC in the last year.Despite this,
some 20% say that security
doesn't bother them at all —
and 51% of the people sur-
veyed are most worried about
losing an email.
Weblogs, one of the most
popular ways for people
to share their thoughts and
opinions on the internet has
been plagued by spam.The re-
sult? Increasing segregation of
the internet and the help of
Google to resolve it.
More and more people are
only accepting mail from peo-
ple they know in an attempt to
cease the flow of spam.
Accordingly, spammers have
started posting on weblogs,
bringing the page to the top of
Google's PageRank system by
entirely duplicitous means.
Google have hit back, by ac-
cepting that a link that regular-
ly features on blogs will re-
move the page from the sys-
tem, meaning that spammers
are once again frustrated.
While this means less spam
and more accurate searching, it
also means that once again,dif-
ferent opinions and views will
be harder to find, and the inter-
net will seem just like an easy
way to contact people who you
already know and support what
you already think.
Google aids web cliques
Finnish security vendor SSH
has targeted the IBM zOS
mainframe operating system,
with a version of its Tectia se-
curity middleware suite.
The company says this will
enable banks and large finan-
cial institutions to benefit
from SSH secure shell tech-
nology and managed security
middleware for secure file
transfer.
Timo Rinne, the supplier's
chief technology officer said
"our big financial sector cus-
tomers have signalled a need
for a single security solution
that goes from the Windows
desktop to the Z-series main-
frame.
"IBM has ported the open
source secure shell to the
zSeries, however it is not a
supported product in any spe-
cific way.”
Asked to comment on the
industry significance of the
product, Rinne said: "this is an
opening for a system where
you can apply the same secu-
rity policy through a hetero-
geneous system — from
Windows desktops and
servers through Unix servers
to mainframes.
"Mainframes are sold more
and more every year", he
added. "It is nothing new but,
it is a factor constantly adding
heterogeneity to IT environ-
ments".
infosec_0201_pg04-12.qxd 26/01/2005 14:37 Page 8