Snow Leopard right at home with Deep Freeze Mac 4.5

August 29, 2009 · Filed Under Software News, Utilities and Operating Systems · Comment 

Faronics is excited to announce the immediate availability of Deep Freeze Mac 4.5. This coincides with the release of Apple’s latest operating system, Mac OS X 10.6 Snow Leopard. The concurrent launch of Deep Freeze Mac 4.5 demonstrates Faronics’ commitment to delivering bulletproof workstation protection while reducing computer support costs.

Deep Freeze Mac offers the most robust Mac protection available and eliminates the need for IT professionals to perform rebuilds, re-image, or troubleshoot computers. IT administrators are able to map user accounts individually or by user type to an unprotected partition or a Thawspace to retain user documents, pictures, movies, bookmarks and other data between protected sessions.

IT administrators of large Mac deployments are already familiar with Deep Freeze Mac’s ability to protect a workstation’s operating system and software without restricting user access. Mac users who are protected by Deep Freeze’s patented technology are able to enjoy a clean and consistent Mac session–each and every time. IT administrators love that Mac environments are easier to manage and expensive computer assets are kept running at 100% capacity.

“The Macintosh market is a key part of our business strategy because a significant percentage of our customers in media, retail, healthcare, hospitality and education have mixed Mac/Windows or Mac-only environments,” said Brent Smithurst, Vice President of Technical Operations for Faronics. “We supported Leopard immediately when it shipped and I’m proud we are able to do the same with Snow Leopard support.”

A free, fully functional 30-day evaluation version of Deep Freeze Mac can be downloaded at www.faronics.com. Deep Freeze Mac offers a wide range of enterprise capabilities via its seamless integration with Apple Remote Desktop.

Source: Faronics

Tags: , , , , , , ,

McAfee and Phoenix Technologies to deliver a secured computing cloud for PC Notebook & Netbook users

August 28, 2009 · Filed Under Internet Software, Security Software, Software News · Comment 

Viruses, malicious attacks, malware and spyware meet new gatekeeper with combined technologies delivering unrivaled online and platform protection for consumers

McAfee, Inc., the world’s largest dedicated security technology company, and Phoenix Technologies Ltd., the leader in PC 3.0(TM) products, services and embedded technologies, announced their partnership to develop a product for HyperSpace(TM) — Phoenix’s groundbreaking instant-on computing environment for notebooks and netbooks. By combining technologies, McAfee and Phoenix plan to provide computer users revolutionary new levels of protection from viruses and targeted attacks as well as online malware and spyware intrusions.

HyperSpace, a Moblin-compliant, instant-on computing environment features applications that are certified by Phoenix to ensure the integrity of the computing environment. Contents of the hard drive remain walled off from the internet and are therefore protected. By teaming with McAfee, HyperSpace is achieving new levels of consumer internet security protection.

The explosion in Web 2.0 applications, including social networking sites with cloud-based applications and functionality, has created new vehicles for launching malicious attacks, according to McAfee’s “2009 Threat Predictions.” Including McAfee’s technology into HyperSpace means computer users will have additional protection from online threats.

“McAfee’s superior technology complements the device-level protection provided by HyperSpace by blocking attacks targeting the browser or network access,” said Brent Remai, vice president of consumer marketing at McAfee. “With the online threatscape constantly shifting, and computer users moving more and more of their activities and documents onto cloud-based systems, the combination of HyperSpace and McAfee represents a powerful security option available for computer users.”

“Security plays a key role in our PC 3.0(TM) strategy of providing software and services that make computing devices more user-friendly,” said Woody Hobbs, President and CEO of Phoenix Technologies. “Protection from malicious software and other forms of attack enhances the user experience. By itself, HyperSpace provides a secure computing environment for users to surf the Web, access applications and sensitive data and conduct financial and other transactions. Layering in McAfee’s best-in-class security technology provides additional tiers of vault-like protection for computer users that are unmatched in the industry.”

HyperSpace is designed to deliver significantly faster boot times, continuous, smart internet connectivity, extended battery life and new levels of security protection while online. With HyperSpace, users can begin searching the Web, send and receive email, use other Web-based applications and work in important productivity applications within seconds of turning on their computing device. Users also enjoy the benefits of up to two hours of extra battery life on their HyperSpace-enabled laptops and all-day computing on their netbooks and smartbooks. The HyperSpace platform also provides a unique computing environment that PC designers, software developers and content providers can utilize to create always-available, instant-on applications that bring new convenience, connectivity, uptime and security to users.

Source: Phoenix Technologies Ltd.

Tags: , , , , , , , , , , , , , , , , , , ,

New Trend Micro Consumer Security delivers universal, multi-platform protection

August 25, 2009 · Filed Under Internet Software, Security Software, Software News · Comment 

Optimized for Microsoft(TM) Windows(TM) 7, Trend Micro(TM) Internet Security 2010 is the total protection package for consumers everywhere.

In developing its 2010 consumer line, Trend Micro kept in mind that consumers often find security software programs to be tedious to manage and heavy on computer resources. The company unveiled today new versions of its flagship consumer products – Trend Micro(TM) Internet Security and Trend Micro Internet Security Pro, both the first to be optimized for Microsoft(TM) Windows(TM) 7. Now faster and smarter while remaining easy to use, they provide superior protection without draining computer resources.

“We listened to our customers and honed in on convenience, ease-of-use and efficiency. Compared to last year, our new products have a 20-percent reduction in installed file size and scan time,” said Carol Carpenter, general manager of the consumer and small business unit. “Trend Micro Internet Security 2010 is comprehensive security that promises easy, fast and smart protection for consumers who are tired of complicated, cumbersome security packages.”

Smart Security Made Simple

Software security doesn’t have to be complex. Trend Micro Internet Security and Internet Security Pro give consumers the freedom and peace of mind to shop, surf, or bank online without struggling to update or manage their security programs — one of the reasons why many simply opt out of security software completely. But with identity and data theft draining consumers millions of dollars every year, foregoing security software or even settling for free security software can be an expensive risk.

Both products offer unique features that make it effortless for consumers to stay protected. The Home Network Security Management function, for example, allows consumers to see and remotely manage other computers in their home network through a graphical home network map and block wireless network intruders.

Trend Micro has also tried to alleviate the need for consumers to manually adjust their security program. The 2010 products are “state aware,” which means scans and updates happen only when it’s convenient for consumers — no inconvenient in-product messages while they are watching a video, conducting a PowerPoint presentation, or playing a computer game.

The Security Activity Dashboard has also been improved so customers see a comprehensive and customizable snapshot of all the security activities on their computers through streamlined, easy-to-understand charts and graphs. By learning more about when and how their computers can be attacked, customers can surf without worry.

Fast, Ubiquitous Protection

Simplicity joins speed in this year’s consumer line. With cybercriminals moving at unprecedented speed, consumers need their security programs to work even faster. Trend Micro Internet Security and Internet Security Pro are powered by the Trend Micro(TM) Smart Protection Network(TM) infrastructure, which works in the background, correlating threat intelligence, protecting in the Internet cloud, and giving consumers – wherever they are — immediate, real-time protection competitive products don’t offer.

Ubiquitous protection is another must for consumers who travel with their laptops or smartphones and Trend Micro tailors its products for this mobile group. As part of the Trend Micro Internet Security Pro package, consumers also get a license for Mobile Security, which protects smartphones against viruses, spam, data theft, service disruptions and other malware attacks against Microsoft Windows Mobile and Symbian(TM) OS based devices.

Smart, Online Protection – For the Whole Family

Worrying about security software is one thing, but worrying about your child’s online safety is another issue entirely. A recent Trend Micro survey found that parents have a misperception of their kids’ online safety — over 65 percent of parents surveyed believe their kids are safe while using the Internet.

But online dangers are real and can pose serious offline threats. Busy working families with tech-savvy kids can take advantage of the enhanced parental controls found in Trend Micro consumer products; parents can tailor control features according to age and remotely monitor when and what their kids are viewing online. They can control both inbound traffic (by blocking inappropriate Web site content) and outbound traffic (personal information such as home addresses, phone numbers, passwords, etc.) they don’t want to be sent from a computer.

In addition to fast and easy protection for the entire family, Trend Micro Internet Security and Internet Security Pro also include additional enhanced security features that:

  • Automatically prevent suspicious software on USB drives from opening and installing itself on the computer.
  • Analyze suspicious domain names and block attempts to open potentially dangerous Web sites.
  • Rate the safety of hyperlink search results via search engines such as Biglobe(TM) (one of the largest Internet Service Providers in Japan), Infoseek(TM) and Bing(TM) on the Trend Micro Toolbar.
  • Include improved correlation via the Trend Micro Smart Protection Network — customers are part of a “neighborhood watch” system of protection that means greater security.

Protection beyond the PC

Trend Micro, through its multi-device “security blanket” strategy for the home, has also extended its protection to the Mac platform, Netbooks, USB drives, Sony PlayStation and Sony Portable, Linksys(TM) by Cisco(TM) routers, and Apple(TM) iPhone.

Pricing & Availability for North America

Trend Micro consumer security suites come in three flavors: Trend Micro Internet Security, Trend Micro Internet Security Pro, and Trend Micro(TM) AntiVirus + AntiSpyware. Trend Micro Internet Security Pro offers additional features that are optimized for performance, laptop usage away from home, and online banking and shopping. For those who want just the basic protection, Trend Micro also offers Trend Micro AntiVirus + AntiSpyware.

The consumer product line will be available online on August 24th at www.trendmicro.com. They will also be in retail stores in August. The subscription prices for one year are $39.95, $49.95 and $69.95, respectively for Trend Micro AntiVirus + AntiSpyware, Trend Micro Internet Security, and Trend Micro Internet Security Pro. Customers who purchase Trend Micro Internet Security or Internet Security Pro are able to install the software on up to three household computers.

Source: Trend Micro

Tags: , , , , , , , , , , ,

Identity-theft malware flourishes during economic downturn, according to PandaLabs

August 24, 2009 · Filed Under Security Software, Software News · Comment 

The number of computers infected by malware designed to steal confidential, personal or banking details has risen 600 percent compared to this time last year — Of the 37,000 new viruses, worms, Trojans and other security threats that appear each day, 71 percent are Trojans, mostly designed for identity theft

Panda Security, the Cloud Security Company, announced that PandaLabs, the company’s laboratory for detecting and analyzing malware, has discovered that the number of users affected by malware designed for identity theft has increased 600 percent this year compared to the same time in 2008. Most of these variants are Trojans, with many incidents of phishing, worms, and spyware.

PandaLabs receives nearly 37,000 samples of new viruses, worms, Trojans and other types of Internet threats each day. Of these, 71 percent are Trojans, mostly aimed at stealing bank details or credit card numbers, as well as passwords for other commercial services. Between January and July 2009, PandaLabs received 11 million new threats, approximately 8 million of which were Trojans. This is in clear contrast, for example, to the average of 51 percent of new Trojans that PandaLabs received in 2007. For a graphical representation of the increase in malware by month, please click here: http://www.flickr.com/photos/panda_security/3837426110/

According to Luis Corrons, Technical Director of PandaLabs, “One of the possible reasons for this increase is the economic crisis. This in conjunction with organizations that have made a business out of selling personal information on the black market, such as credit card numbers, PayPal or eBay accounts is what we can attribute the rise to. We have also seen an increase of the distribution and infection of this kind of malware through social networks.”

Hackers have also been busy exploring new channels for propagating threats and new sources of revenue. With malware samples, which previously almost exclusively targeted users’ online banking information by getting them to enter their user name and password in a spoof bank website, potential victims are now taken to any platform or online site in which their bank details may be stored or where they might have to enter them. This is the case with the increase in targeted attacks on pay platforms (such as PayPal) and other services where users often save their payment details, including popular online stores (such as Amazon), online auctions (such as eBay), or even NGO portals where they make charitable donations.

Similarly, whereas email was one of the only channels used in the past for contacting victims, many other methods are now being used:

– Distribution across social networks with fake URLs, such as Twitter or Facebook
– Cloning of Web pages to make them appear among the first results in searches by keywords in popular search engines
– SMS messages to cell phones
– Infecting computers with spyware which displays alarming messages and takes users to fake websites (e.g. fake antivirus programs)

Messages that use social engineering are often the final touch to lure users into taking the bait.

Once cybercriminals have obtained credit card or bank details, they have two possible options: use them to make purchases which victims will be unaware of until they receive their bank statement; or sell the details on the black market (often fetching approximately $4 per ID).

PandaLabs estimates that approximately three percent of all users have fallen victim to these techniques. The problem with these types of threats, unlike traditional viruses of the past, is that they are designed to go undetected, and therefore users do not realize they have become victims until it is too late. To avoid falling victim to identity theft, visit Panda’s helpful tips online at http://www.pandalabs.com/.

Tags: , , , , , , , , , , , , ,

Panda Managed Office Protection and Panda GateDefender Performa receive industry praise

August 18, 2009 · Filed Under Security Software, Software News · Comment 

Panda Managed Office Protection (PMOP) has been awarded five stars in a PC World (Spain) review – Panda GateDefender picked up CRN’s recommended product seal

Panda Managed Office Protection (PMOP), the security as a service (SaaS) solution from Cloud Security Company Panda Security, and Panda GateDefender Performa, the company’s perimeter security device, have both received positive ratings from reputable industry publications, PC World and CRN Magazine, respectively.

Panda Managed Office Protection was awarded the maximum five stars in a review by PC World in Spain. The magazine defines PMOP as a “product based on a software-plus-services platform, offering simple and dynamic protection for workstations with extensive management options.” According to PC World, “(PMOP) is a highly flexible solution that allows users in SMBs to be managed and protected from a central point, regardless of whether they are inside or outside the company… This tool lets you create protection profiles even for groups, yet specifying parameters to apply to individual users. Solution administrators can view a status graph at any time, listing detections and their sources.”

“It also includes, for each license, unlimited Malware Radar audits, offering a rapid analysis of the general status of users.” These audits, along with the overall simplicity and management capabilities of the solution are rated as the most outstanding features of PMOP in the PC World review.

Panda GateDefender Performa has earned the Recommended Product seal in a review by CRN. According to the article, “Since GateDefender does not act as a router, it can easily be integrated into an existing network, without any changes to the architecture.” The magazine also praises how simple it is to set up the various Panda Security modules: “Content filtering is intuitive to set up. You can exclude specific files from the filter, or you can enable the HMTL page filter,” says CRN. This highly respected publication also underlines how Panda GateDefender Performa is “a heroic effort on the part of Panda to take on so many threats– antimalware, embedded Web threats, and more.”

More information about Panda Managed Office Protection is available at http://www.pandasecurity.com/enterprise/solutions/managedprotection/, and Panda GateDefender Performa at http://www.pandasecurity.com/enterprise/solutions/gatedefender-performa/.

Tags: , , , , , , , , , , , , , , ,

Sunbelt Software and FaceTime partner to enable Secure Web 2.0, Social Networks and Unified Communications

August 17, 2009 · Filed Under Communications, Security Software, Software News · Comment 

Sunbelt’s Anti-malware Technology Integrated into FaceTime’s Secure Web Gateway

Sunbelt Software, a leading provider of Windows security software, announced a licensing agreement with FaceTime Communications, the leading provider of solutions enabling the safe use of Web 2.0 and unified communications in the enterprise.

Through the terms of the agreement, Sunbelt’s anti-malware technology, designed specifically for the gateway, and its Threat Track(TM) data feeds have been licensed by FaceTime for integration with its Unified Security Gateway product. As part of the integration, FaceTime will deploy Sunbelt’s VIPRE technology into its appliance to augment the protection provided by FaceTime’s Security Labs and the FaceTime WebFilter.

With the incorporation of Sunbelt’s gateway anti-malware technology, FaceTime’s Unified Security Gateway delivers robust malware scanning at the network perimeter alongside traditional Web filtering. This is in addition to the application research provided by FaceTime’s Security Labs, which protects enterprises from the associated threats of more than 2,100 Web 2.0 applications from instant messaging to P2P, Gaming, IPTV and social networking. Sunbelt’s Threat Track provides the industry’s most accurate and up-to-date feeds, identifying and propagating the latest malicious URLs and malware to researchers. It relies on the world-class research efforts of SunbeltLabs(TM), the malware research and analysis division of Sunbelt Software.

“As enterprise communications converge with publicly available Web 2.0 applications it becomes imperative to secure increasingly complex data streams,” said Nishant Jadhav, Director of Product Management of FaceTime Communications. “Sunbelt gives us the most powerful information in real-time to be able to protect enterprise users so they can freely communicate through any channel in a secure fashion.”

“Sunbelt’s threat research and detection technology, along with Threat Track data feeds is a perfect complement to FaceTime’s existing application security capabilities,” said Chad Loeven, VP, business development for Sunbelt Software. “The integration of our comprehensive perimeter anti-malware scanning engine provides FaceTime’s customers protection from the full range of threats that can be found in the Web 2.0 sphere.”

Source: Sunbelt Software

Tags: , , , , , , , , , , , , , , , , , ,

FarStone releases VirtualDrive 12 CD-DVD Emulators for Windows 7

August 14, 2009 · Filed Under Software News, Utilities and Operating Systems · Comment 

FarStone Technology has released a new version of its popular CD-DVD emulation software, VirtualDrive and VirtualDrive Pro Version 12 for Windows 7.

FarStone Technology has released a new version of its popular CD-DVD emulation software, VirtualDrive and VirtualDrive Pro Version 12 for Windows 7. FarStone VirtualDrive 12 allows you to run CD-DVDs on Windows 7 without the disc, with full ISO support, including customizable features like hot keys, virtual CD cabinets, and enhanced virtual CD building. VirtualDrive is available in five different languages English, French, German, Traditional Chinese, and Simplified Chinese. VirtualDrive is the utility software you will need on your new Window 7 platform.

“Version 12 emulators were developed to support Windows 7,” said Thomas Lin, FarStone CEO. “Our customers told us they wanted more control over the process of creating, playing, and organizing virtual CDs, and VirtualDrive 12 gives them exactly that.”

VirtualDrive’s VCD Manager plays ISO files directly without requiring conversion to the FarStone VCD format. An ISO file is a standardized disc image used by a variety of emulation software. Users can archive their virtual CDs in custom cabinets, which functions like folders and sub-folders in Windows 7. Manage VCD collections simply by clicking and dragging.

VirtualDrive 12

VirtualDrive 12 CD emulator copies a CD or unencrypted DVD as a compressed image, or “virtual disc,” which can be played in place of the original disc in a “virtual drive” that the software creates. Virtual discs run directly on the hard drive with access speeds nearly 200 times faster than CD-ROMs, accelerating the performance of PC games, photo CDs, and disc-based applications.

VirtualDrive Pro 12

VirtualDrive Pro 12 includes a copy of Virtual Hard Drive Pro, which takes a portion of system memory (RAM) and creates a RAM disk. A RAM disk functions like a hard drive, only with dramatically reduced read and write times, allowing applications to perform up to 340 times faster.

Source: FarStone Technology, Inc.

Tags: , , , , , , ,

52 percent of new viruses last only 24 hours, according to PandaLabs

August 13, 2009 · Filed Under Security Software, Software News · Comment 

Approximately half of the 37,000 new viruses, worms, Trojans and other security threats that appear each day are short-lived – The amount of catalogued malware throughout Company’s history totals 30 million individual samples through July 2009

Panda Security, the Cloud Security Company, announced that PandaLabs, the company’s laboratory for detecting and analyzing malware, has discovered that 52 percent of new viruses last only 24 hours. Each day, PandaLabs receives nearly 37,000 samples of new viruses, worms, Trojans and other types of Internet threats. Of these, PandaLabs found that approximately 52 percent of them (19,240 on average) spread and try to infect users for just 24 hours. After that timeframe, they become inactive and harmless as they are replaced by other, new variants that join the list of new specimens in circulation.

The reason for this lies in hackers’ motivation to profit financially from malware and the goal of ensuring their creations go unnoticed by users and security solution vendors. Just 24 hours after hackers put any strain of malware into circulation, they will modify its code so that malware can continue to spread without being detected by security companies.

This explains the significant increase in the number of new threats detected by PandaLabs. In 2008, PandaLabs recorded a total of 18 million malware samples the company had received in its 20 year history. Since last year, the number of malware has increased dramatically to 30 million through July 31, 2009.

“This is a never-ending race which, unfortunately, the hackers are still winning. We have to wait until we get hold of the malware they have created to be able to analyze, classify and combat it,” said Luis Corrons, Technical Director of PandaLabs. “In this race, vendors that work with traditional, manual analysis techniques are too slow to vaccinate clients, as the distribution and infection span is very short. Panda’s Collective Intelligence offers almost real-time protection, significantly reducing the risk window.”

Source: Panda Security

Tags: , , , , , , , , , , , , , , ,

69% of Australian organisations hit by one or more data breach incidents within last twelve months

August 12, 2009 · Filed Under Software News · Comment 

Research from Ponemon Institute Reveals Company-wide Use of Data Encryption Technologies Reduces Risk of Breach and is Critical to Company Reputation

PGP Corporation, a global leader in enterprise data protection, has announced the results of the second annual study by The Ponemon Institute, identifying the steps Australian organisations are taking in order to safeguard their confidential data. The 2009 Annual Study: Australian Enterprise Encryption Trends, which polled IT security professionals at 482 enterprises, found that 69 percent of Australian organisations have been hit by at least one data breach incident within the last year, up from 56 percent in the previous year. The number of firms experiencing multiple breaches was also up, with 41 percent of respondents admitting to more than two data loss incidents in the twelve month period (up from 28 percent in 2008). Of those organisations that did admit to a breach in the last 12 months 65 percent were never publicly announced; there was no legal or regulatory requirement to disclose these incidents.

Despite the rising number of data breaches, Australian organisations are aware of the consequences of such incidents, with 66 percent of respondents stating that data protection played an ‘important’ or ‘very important’ role in an organisation’s overall risk management efforts. 57 percent felt encryption helped them meet privacy commitments and 70 percent believed encryption was a critical factor in protecting a company’s reputation. The percentage of respondents who believe that the use of encryption increases customers’ trust and confidence in the organization’s privacy or data security commitments has increased from 32 percent in 2008 to 38 percent in 2009. Using encryption to comply with privacy or data security regulations and requirements has increased from 13 percent in 2009 to 15 percent in 2009. Those who selected regulations as one of the top reasons for using data encryption in 2009 point to the Privacy Act, National Privacy Principles and PCI DSS requirements.

In response to some high profile cases of lost and stolen laptops, together with the increased business use of smart-phones, this year’s study also assessed organisational approaches to encrypting data held on mobile devices. More than 64percent of respondents say it is very important or important to encrypt employees’ mobile devices and 55% believe that it is very important or important to provide end-to-end email security for Windows Mobile 6.0/6.1 Professional Edition.

“As we are finding through-out the world, breaches are on the rise as well in the Australian market where they increased 13 percent year over year,” said Dr Larry Ponemon, Chairman and founder of The Ponemon Institute. “There is encouraging news in the Australian market, 85 percent of the respondents stated that when they take a strategic approach to their encryption applications and use a platform approach it increases the effectiveness and efficiency of their IT security program.”

The primary benefits of the platform approach to managing encryption across the enterprise include reducing operational costs, eliminating redundant administrator tasks and supporting the development of a strategic encryption strategy. These were cited in the 2008 study as being the primary benefits as well.

“Australia organizations are in a unique position to be able to lead the next generation of privacy and data security regulations in the Asia Pacific region,” said Phillip Dunkelberger, president and CEO of PGP Corporation. “The Ponemon data shows us that Australian organisations are already taking a proactive approach to protecting customer information and other valuable data assets.”

The study found that 75% of Australian businesses have fully executed or just launched implementation of data encryption technology while 25 percent are in the process of implementing encryption in order to protect sensitive information. Encryption is most widely used to protect the data held on file servers, Virtual Private Networks (VPN) and databases. VOIP and mainframe encryption are the least deployed applications.

Other high priority activities in 2009 also include data archive and e-discovery systems with 71 percent fully executed or recently launched and endpoint device control technologies with 70 percent fully executed or just launched. The activities with the highest in-process response in 2009 include the implementation of endpoint-based data leak detection and prevention technologies, identity and access management systems and strong authentication devices.

For more information or to receive a copy of this study, visit: www.encryptionreports.com.

Source: PGP Corporation

Tags: , , , , , , , , , , , , , , , ,

IBM Acts to Protect Enterprises Against Web Application Attacks

August 11, 2009 · Filed Under Internet Software, Security Software, Software News · Comment 

IBM  announced the release of the industry’s most comprehensive solutions for helping to combat Web application attacks and to secure the integrity of data processed by Web applications, as part of its ongoing strategy to deliver its clients security solutions designed to address today’s most significant security risks.

As threats and attacks increasingly target Web applications, many enterprises have been forced to take a reactive approach to security with point products that address only pieces of Web application security and add to the complexity of security operations. IBM has brought together the breadth of its offerings designed to deliver end-to-end Web application security that includes security rich code development, vulnerability management, real-time blocking of attacks, dedicated security and performance for Web services, and access management.

IBM’s integration of its Web application security offerings can help enable enterprises to combat these types of attacks. The latest component of the solution, IBM Proventia SiteProtector 8.0, integrates a consolidated security management system with Rational AppScan, an industry-leading solution for Web application vulnerability and secure code testing; and IBM’s recently announced Web application protection module for network and host intrusion prevention systems. This combined solution is designed to deliver multiple benefits to enterprises, including:

– Reduced security management operational costs
– Improved security posture
– Consolidated reporting infrastructure
– A common workflow system for managing security incidents
– Correlation of application vulnerabilities with potential security events and real-time attacks, enabling organizations to prioritize remediation to immediately address top threats

IBM’s Web application security further demonstrates the strength of IBM security with integrated management consoles for software and hardware solutions, professional services for trusted expertise and managed security services that can help reduce the cost and complexity of security operations.

“Web application security is the front line in the war against cybercrime. Enterprises everywhere are under constant attack and protecting our Australian Open website from hacking is a key issue,” said Dr. Chris Yates, Chief Information Officer for Tennis Australia. “IBM’s Web application security solution can help enable Tennis Australia to adopt a more coordinated and efficient approach to Web application security during the Australian Open. This will ultimately help us reduce the cost of security while helping to protecting our organization against breaches, and Australian Open Web site visitors against malware infections.”

According to the latest statistics from the IBM X-Force 2009 Midyear Trend & Risk Report, which will be released later this month, Web application attacks continue to accelerate. For example, SQL injection attacks – attacks where criminals inject malicious code into legitimate Web sites, usually for the purpose of infecting visitors – rose 50% in Q1 2009 as compared to Q4 2008, and nearly doubled in Q2 at 96% as compared to Q1. The report concludes that the most common intent of Web application attacks are to steal and manipulate data and take command and control of infected visitors.

“Web application security is one of the top pain points for enterprises today, and only IBM can offer a comprehensive solution designed to help turn the tide against SQL injection and other Web application attacks,” said Dan Powers, vice president of business strategy at IBM Internet Security Systems. “Additionally, our integrated approach to security may help to reduce costs and simplify security management, which can ultimately reduce opportunities for human error and improve overall security posture.”

Because Web applications often rely on Web services and service oriented architecture (SOA), IBM has integrated the robust security and governance features of the purpose-built WebSphere DataPower SOA Appliances with the centralized management of Tivoli Security Policy Manager. The combination of Tivoli Security Policy Manager and WebSphere DataPower SOA Appliances can help to enable enterprise architects and security operations to align business and IT by centrally managing and enforcing security policies for Web services resources across multiple policy enforcement points. It can help to reduce the manual, inconsistent and costly administration of security policies and enable consistent enforcement of operational and lifecycle governance policies, with the ability to delegate and audit all changes to policies.

IBM SiteProtector 8.0 is also a key offering in IBM’s Information Infrastructure portfolio for improved security, management and encryption, announced last week. Other offerings include Proventia Server for Windows 2008 – helping organizations harness the security and compliance challenges in the heterogeneous datacenter, encrypted disk support for the System Storage DS5000; as well as IBM Tivoli Identity Manager 5.1 featuring role management for more effective enforcement of SOD, and Tivoli Security Information and Event Manager’s NERC module, security products that help improve security with little or no productivity impact.

Further extending its leadership in the Web application security space, IBM recently announced the acquisition of Ounce Labs, Inc., a privately-held company based in Waltham, Massachusetts, whose software helps companies reduce the risks and costs associated with security and compliance concerns. Ounce Labs provides application source code testing to help enterprises identify and resolve vulnerabilities, helping developers and security professionals to reduce the risks and costs associated with security and compliance concerns.

For more information about IBM, please visit www.ibm.com/security.

Tags: , , , , , , , , ,

Next Page »