Unlike most security technologies that attempt to identify a broad range of bad traffic by means of traditional detection methods, a web application firewall (WAF) is like a finely honed sword designed for a singular purpose: monitoring HTTP traffic between clients and web-servers. The payment card industry (PCI) accelerated the development of the WAF market since it provided a tangibly financial application of this technology. This made WAF a must-have in the arsenal of weapons for many of today’s security administrators.
It has been barely 6 months since the Heartbleed vulnerability was revealed, but just as the global security community has recovered from this vulnerability, one that is more prevalent – and potentially far more damaging – has emerged. The Shellshock vulnerability exploits a weakness in the Bourne Again SHell (BASH) that is native to (and often the default for) many Unix derivatives across the globe. While the extent of the damage has yet to be determined, it is highly likely that any services running on a Unix distribution are exposed.
Next Generation Firewall (NGFW) technology has finally become a mainstay in the enterprise. End users are finding that NGFWs are no longer as limiting in their performance or capability trade-offs as they once were. In fact, in this most recent NGFW group test several vendors submitted products that exceeded 10Gb throughput under load, demonstrating that performance meets or exceeds that of many firewalls just a few years ago.
Along with firewalls, intrusion prevention systems (IPS) are among the most well understood security appliances available on the market today. As part of our recently announced Competitive Intelligence Research offering, NSS Labs has released its first Market Intelligence Brief on the IPS market.
Where the goal of cyberprevention has been to reduce the probability of an attack against the organization, cyber resilience looks to reduce the impact of these attacks through cyber risk management. Assuming that a breach is likely, cyber resiliency of systems and networks is needed to ensure mission survivability in a cyber-compromised environment.
As any enterprise research manager or IT buyer will attest, finding the right information – and at the right time – is difficult at best. Oftentimes, multiple sources are used to answer one particular question – and then additional tools must still be used to validate those initial sources. Market share data, product comparisons, product roadmap implications, and insights into vendor strategy are separate services, and enterprises must sign up for these different services and then aggregate the data themselves, which can be a formidable task.
While one might expect to hear about security, privacy, and compliance at the security-oriented RSA Conference in San Francisco, these are less likely to be headline topics at the annual consumer electronics show, Cebit, or the eclectic South by SouthWest (SXSW) event in Austin, TX. But this year, privacy and security were hot topics at Cebit and at SXSW.
As the volume and value of customer and corporate data increases, attackers are more determined than ever. This data has value attached to it, which can be insured, much like any asset would be. However, it can be more difficult to assess the value of digital assets, and more importantly, it is much more difficult to assess the risk that the storage and use of digital assets represents to an organization.This uncertainty in risk transfers to the insurance carrier because of the difficulty in calculating.
Looking back to the end of 2013 and reviewing 2014 thus far, any security professional would wonder if it is possible to navigate the security landscape successfully. Target announced a serious data breach late last year; Neiman Marcus announced its own breach at the start of this year; and eBay just recently announced a password breach issue. Add to this the same data security and privacy concerns that we had at the end of 2013, and security in 2014 is resembling a jungle, complete with hungry tigers, malaria, and poisonous spiders.
We have to get smart about how we perform security: sophisticated threats require sophisticated countermeasures. The premise sounds simple enough, but the security market is being turned on its head as the effectiveness of legacy technologies such as antivirus is questioned and as new technologies shift to real-time analysis and behavior-based approaches for malware identification.
A review of the tools on the market today reveals two distinct approaches: