Mykonos Software , the leading provider of Web Intrusion Prevention Systems , today announced that the United States Patent and Trademark Office has awarded the company a patent on methods for integrating security in network communications and systems.

www.topix.net | 1/31/12 12:19 AM

Sourcefire's new FireAMP opens up an additional market for resellers of the company's intrusion prevention systems.

www.crn.com | 1/24/12 1:15 AM

In the wake of 24 million customer passwords getting stolen in the Zappos.com hack, the IT security world is warning enterprises not to be lax about breaches of any kind. It's a black eye for the Amazon-owned property, and it may point to a new round of malicious hack attacks.

So far, Zappos is being tight-lipped about the root cause of the attack. Zappos has yet to disclose whether the breach was internal via a backdoor left open by an IT employee or malware installed intentionally or unintentionally by an employee. Zappos didn't hint, either, as to whether or not the data breach was due to known, unpatched application vulnerability or a zero-day vulnerability.

For all that is not known about the Zappos hack, what is known is that Zappos is PCI compliant, and that all transactions are authenticated and encrypted using SSL. Ron Meyran, director of security at Radware, said PCI compliance is a minimum requirement.

Beyond PCI Compliance

"Invest in education to minimize the internal threat: Regularly educate employees about data breaches risks and be aware not to install any unauthorized software which may be disguised as malware," Meyran said. He suggested deploying intrusion prevention and behavioral analysis tools that can alert on abnormal user or application behavior, as well as a security event information system that collects event logs from all security tools to maintain forensics.

As Meyran sees it, the wide use of SSL to secure transactions between users and applications may be creating a false sense of security: Attackers get sophisticated and deploy attacks over SSL encrypted channels. They can scan applications for vulnerabilities through the SSL channels and launch a Web application attack over SSL. Attacks may result with no traces as most security tools cannot inspect SSL encrypted traffic.

"The bottom line: PCI-DSS compliance is only the first...

www.cio-today.com | 1/17/12 7:09 PM

Palo Alto Networks has injected excitement and innovation into the firewall market with its "next-generation" appliances that combine traditional firewalls, threat mitigation technologies such as anti-malware and intrusion prevention, and the new magic dust of application identification. www.networkworld.com | 8/22/11 7:00 PM

Palo Alto Networks has injected excitement and innovation into the firewall market with its "next-generation" appliances that combine traditional firewalls, threat mitigation technologies such as anti-malware and intrusion prevention, and the new magic dust of application identification. www.networkworld.com | 8/22/11 3:00 AM

Nixu Software delivers software-based DNS, DHCP and IPAM solutions that offer the best value in the industry. This translates to virtualizable, dependable and easy-to-use DDI solutions at a reasonable cost coupled with great customer service. With thousands of Nixu DDI server installations in production, our customers are service providers, enterprises, educational institutions and government agencies who view their IP based business infrastructure as a strategic asset.

Implementing Nixu DDI solution allows your organization to:

• Enhance the productivity and the security related to your core network services,
• Slash your Operating Expenses (OPEX) and Total Cost of Ownership (TCO)
• Support emerging technologies (cloud computing, IPv6, DNSSEC) out of the box.

What Differentiates Nixu Software from the Rest?

Companies from hardware appliance background have optimized their product and solution architectures for closed computing environments running on specific pieces of hardware, forcing customers' hand when it comes to platform selection. Deploying these products as virtual appliances often lead to performance and resiliency issues because their architecture has not been intended for virtualization.

Having invented virtualizable software appliances in 2006, all products in Nixu DDI family are available as ISO images that can be used to jump start secure DNS, DHCP and IPAM servers in just minutes. Nixu supports virtualized computing environments by VMware and Citrix as well as general-purpose servers and blades from Dell, Hewlett-Packard, IBM and the like, providing customers with the freedom of choice not offered by our competitors.

Thanks to the unique, patent-pending software appliancing methodology used in Nixu DDI, our products offer advanced security features such as built-in intrusion prevention and support for centralized traffic monitoring, at lower Total Cost of Ownership than competition.

Visit our website to learn more about what differentiates Nixu DDI products.

Nixu DDI Products

Our Product portfolio includes the following building blocks that can be integrated together:

1. Nixu NameSurfer Suite is a virtualization-ready IPAM solution supporting multi-vendor environments (including Microsoft AD networks) and adhering to open networking standards. With its powerful collection of tools and automation, Nixu NameSurfer Suite slashes DDI OPEX while minimizing the chance of network downtime.

2. Nixu DHCP Server is a virtualization-ready DHCP software appliance that can be run as standalone or as failover clusters for high availability. On a suitable platform, Nixu DHCP server scales up to several hundred leases per second performance.

3. Nixu Secure Name Server (SNS) is a virtualization-ready DNS software appliance that can be operated as authoritative or caching DNS server. On a suitable platform, Nixu SNS scales up to 100,000 queries per second performance.

4. Nixu Network Equipment Extractor (NEE) is a virtualization-ready network discovery system that polls the active network equipment for information on network clients and dynamically integrates that information with subnets managed in Nixu NameSurfer IPAM. Nixu NEE allows administrators to pinpoint the exact physical location of each client connected to the network at any time, thereby dramatically improving network transparency.

5. Nixu Registry Server is a Domain Name Registry Solution (DNRS) for generic and mid-sized TLDs. Designed as a solution framework with modular architecture, Nixu Registry Server can be configured and tailored on per-installation basis to meet the exact requirements of the customer.

White Papers
Download Technical Description: Nixu Registry Server White PaperDownload Integrating Nixu IPAM with Microsoft AD White PaperDownload Virtualized Domain Name System and IP Addressing Environments

www.circleid.com | 8/15/11 8:17 AM

IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and GX4004 IPS-GX4004-IB-2 appliances with update 31.030, does not properly handle query strings with multiple instances of the same parameter, which allows remote attackers to bypass intended intrusion prevention by dividing a dangerous parameter value into substrings, as demonstrated by a SQL statement that is split across multiple iid parameters and then sent to a .aspx file on an IIS web server. web.nvd.nist.gov | 8/15/11 3:00 AM

Sony has yet to fully recover from the public beating it took after its Sony PlayStation Network hack. Now the company's movie division has been breached.

The same hackers who recently broke into the PBS web site and led many to believe that murdered rapper Tupac Shakur is still alive are taking responsibility for the attack on Sony Pictures' web site. The now-infamous hacker group is called LulzSec.

"We recently broke into SonyPictures.com and compromised over 1,000,000 users' personal information, including passwords, e-mail addresses, home addresses, dates of birth, and all Sony opt-in data associated with their accounts. Among other things, we also compromised all admin details of Sony Pictures (including passwords) along with 75,000 'music codes' and 3.5 million 'music coupons,'" the group said in a post at Pastebin.

"From a single injection, we accessed everything," the group said. "What's worse is that every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plain text, which means it's just a matter of taking it."

Finding the Threats

Sony needs to find the advanced persistent threat or threats that likely are sitting deep in its network, according to Stephen Gates, director of field engineering for Top Layer. That, he said, is because the hacker community isn't coming in through the front door -- they aren't knocking holes in the firewall.

"It has to be some sort of backdoor into these networks, and companies like Sony need to put some sort of protection mechanisms in place to identify these advanced persistent threats and shut them down," Gates said.

As Gates sees it, Sony needs to identify the compromised machines by tapping technology like intrusion-prevention systems that can thoroughly analyze the protocols coming in and out of its network, clearly identifying the protocol anomalies, and most likely identifying these compromises...

www.cio-today.com | 6/3/11 7:36 PM

The new USG 9300 platform is a next generation firewall including intrusion prevention and an anti-distributed denial of service (DDOS) capability.

www.internetnews.com | 5/6/11 12:55 AM

Unified Communications security specialist Sipera Systems says its UC-Sec enterprise communications security solution is being tested for compatibility with McAfee ePolicy Orchestrator (McAfee ePO) security management platform.

The testing is part of its participation in the McAfee Security Innovation Alliance program, which helps accelerate the development of interoperable security products and simplifies the integration of these products within customer environments.

The UC-Sec appliance is a plug-and-play network device asked to provide security for real-time UC applications; it complements existing security architecture, providing application-layer firewalling, intrusion prevention, threat mitigation, access control and policy enforcement in real-time.

The device encrypts UC-traffic, terminates SIP trunks, forks media and signaling for compliance, and permits an enterprise to safely and securely extend VoIP and UC to any end point in any location.

When the testing is completed, security managers can gain visibility into the entire spectrum of IP-based business communications - including voice, video, data and web applications - from a single central management point.

"When UC-Sec achieves compatibility with the ePolicy Orchestrator platform, enterprises will be able to easily manage UC and smartphone security within their McAfee security management systems," said Andy Asava, Vice President of Business Development at Sipera.  "This testing, and our participation in the McAfee SIA program, will help enterprises more easily adopt desktop-based and mobile UC applications, ensure compliance with industry security and privacy mandates, and streamline overall security management."

The McAfee ePolicy Orchestrator platform is the first to let enterprises and governments centrally manage security and compliance products from multiple vendors

For more:
- see this release

Related articles:
Sipera says its security solutions help ensure credit card privacy
raises another $10M to advance UC security
Sipera protecting a million UC devices and counting

www.fiercevoip.com | 4/19/11 8:45 PM

Open-source security company Sourcefire has announced an entry-level Intrusion Prevention System (IPS) it claims will democratize a technology that is still seen as being exclusively for large companies with experienced security teams, rather than small and medium-size enterprises. www.networkworld.com | 4/18/11 3:09 PM

Looking to bolster its intrusion-prevention capabilities Symantec today announced the beta versions of its 2012 editions of its consumer-focused Windows-based security products, Norton AntiVirus and Norton Internet Security. www.networkworld.com | 4/15/11 3:00 PM

McAfee Inc. plans to acquire privately-owned Sentrigo, a provider of database security and compliance, assessment, monitoring and intrusion prevention solutions. www.eetimes.com | 3/26/11 2:16 AM

To beef up its database security portfolio, McAfee is snapping up a privately owned company known for security, compliance, assessment, monitoring and intrusion-prevention solutions. McAfee plans to acquire Sentrigo for an undisclosed amount.

McAfee is no stranger to Sentrigo's capabilities. The Intel-owned McAfee has partnered with Sentrigo through its Security Innovation Alliance program. In 2010, McAfee entered an OEM relationship with Sentrigo to offer McAfee Vulnerability Manager for Databases, McAfee Database Activity Monitoring, and McAfee Integrity Monitoring for Databases.

Apparently, the alliance worked out so well that McAfee decided to bring Sentrigo's portfolio in-house. The acquisition will beef up McAfee's solutions for vulnerability management of databases, protection of databases, and activity monitoring of databases.

Plans for Sentrigo

"With all the business-intelligence and business-analytics products hitting the market, securing those critical database assets will be an important part of the solution set," said Charles King, principal analyst at Pund-IT.

As King sees it, this could translate into a healthy business. Intel has become a bigger player in areas outside its server niches, he added, and providing chips for networking switches is a sizable business for the company.

"McAfee didn't say anything related to Sentrigo, but in the past the company has stated quite clearly that it intends to embed security features at the chipset level," King said. "So it isn't hard to imagine them doing something like that for networking vendors and OEMs in that space."

New DB Security Solution

McAfee on Wednesday also announced a database security solution that works to protect business-critical databases without impacting performance and availability. The goal is to protect data assets from network to server to the database itself.

In a recent market-outlook survey by Evalueserve, databases were cited as the most challenging part of the IT infrastructure to protect, which explains why for many customers the level of database...

www.cio-today.com | 3/24/11 9:04 PM

Intel-owned McAfee is announcing an acquisition this morning—database security company Sentrigo. Terms of the deal were not disclosed. Sentrigo, which has raised $19 million in venture funding from Benchmark Capital, Stata Venture Partners and Juniper Networks,, provides host-based software that protects enterprise databases by monitoring all activity in the database in real-time, providing alerts, audit trail, virtual patching and automatic intrusion prevention capabilities. Sentrigo’s solution, called Hedgehog, uses a very small footprint non-intrusive agent that has complete visibility into all database activity, whether it is originated by outsiders or privileged insiders, and does so without impacting database performance. techcrunch.com | 3/23/11 2:16 PM

The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods. web.nvd.nist.gov | 2/25/11 2:00 AM

On Monday at the 2011 RSA Conference, Qualys announced that they were creating an open source Intrusion Prevention System (IPS) project. Companies create open source projects for a variety of reasons. Those reasons include attempts to commoditize a market, build a community, or dump a failing project. One way to understand which kind of open source announcement Qualys is making is to find out how they are investing in the project. If they are not allocating any resources to the new project, you can be sure this is the later kind of announcement, otherwise known as a “dump-and-run.” However, if a company has real people whose principal job is to work on this project in the open, then this project is for real. Communities do not build themselves any more, so trying to ascertain the level of “open source marketing” efforts can also shed light.

read more

opensource.sys-con.com | 2/16/11 9:15 PM

While the 802.11i -- or WPA2 -- wireless security standard does a fine job of authenticating users to the corporate network and encrypting both authentication and user data over the air, many of the latest wireless security threats aren't specifically related to authentication. www.networkworld.com | 2/14/11 5:02 PM