Information Security News mailing list archives
Ernst & Young Expands Online Security Service
From: William Knowles <wk () C4I ORG>
Date: Wed, 7 Jun 2000 18:43:52 -0500
[Sure it sounds like a story developed from a press release, But I know there are plenty of competitive intelligence professionals with various infosec companies on this list that really dig this kind of information. Personally it sounds like they are selling the service of someone reading ISN and BUGTRAQ and others all day, Trimming out noise and selling the signal. -WK] http://www.techweb.com/wire/story/TWB20000607S0011 By David Drucker , InternetWeek Jun 7, 2000 (12:38 PM) Ernst & Young this month is expanding an online service, eSecurityOnline.com, that's designed to make it easier for managers to set up and maintain network security. The service gives IT managers information on how to configure systems for optimum security; profiles of the vulnerabilities of specific hardware and software and details on how to fix them; and notifications of new vulnerabilities and viruses. It evolved from a security service E&Y has been providing to clients. New to the service is a knowledge base of best practices -- culled from Ernst & Young's security-consulting services -- for configuring Web servers, routers, firewalls, operating systems and other technology. Managers input details on hardware and software they're using and receive security-related advice. Managers can identify aspects of their network that affect security but are often overlooked, such as ports, default IDs, and password and naming conventions, said eSecurityOnline vice president Tony Spinelli. "An IT manager typically knows how to set up a product for performance and scalability, but can overlook many security risks," he said. A premium service, which has been available through subscription, gives managers a listing of known security vulnerabilities of their hardware and software. The listings include ratings of the risk, recommended procedures for remedying the problems, links to patches and other vendor fixes, and recommendations for how best to implement them. E-mail alerts notify IT managers of newly discovered vulnerabilities. The service is designed to alleviate the need for managers to constantly search for the latest vulnerabilities, Spinelli said. Ernst & Young recently partnered with Network Associates (stock: NETA) to include Network's virus notifications in the basic service. The service will filter notifications so managers are only alerted to viruses that pose a threat to their network environment. The basic service will be available later this month; pricing is not yet determined. The vulnerability service, available now, is priced starting at $5,000 per annual single-user license. *-------------------------------------------------* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen. Alfred. M. Gray, USMC --------------------------------------------------- C4I Secure Solutions http://www.c4i.org *-------------------------------------------------* ISN is sponsored by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Ernst & Young Expands Online Security Service William Knowles (Jun 07)