Secure Coding mailing list archives
More host-based production security tools unveiled
From: "Kenneth R. van Wyk" <Ken () KRvW com>
Date: Mon, 07 Jun 2004 16:41:22 +0100
Greetings all, In this (http://www.eweek.com/article2/0,1759,1607680,00.asp) article over on eWeek.com, a couple of new tools are described, including Determina's SecureCore and Immunix's Application Firewalling Suite. The article states, "This tack represents a shift from the decades-old approach of detecting and stopping attacks in progress using signatures or pattern-recognition algorithms. Customers and security experts say the new tools signal a new direction for the industry at large." As a staunch non-advocate of the patch-and-chase game, I find this encouraging and sincerely hope that the tools live up to the expectations that are being set. I also wonder if things such as AMD's relatively new NX (non-execute) bit architecture can be of any value in preventing things like buffer overflow attacks in production environments. While they're no substitute for designing and coding things properly in the first place, I do like the notion of the system preventing such attacks before they can do harm. (In fact, this concept is very much at the center of my first monthly column on eSecurityPlanet, which should be hitting http://www.eSecurityPlanet.com later today.) Although the Immunix suite was briefly described here earlier, the Determina product wasn't. Has anyone here looked at these tools and care to share their experience with either or both? Cheers, Ken van Wyk -- KRvW Associates, LLC http://www.KRvW.com
Current thread:
- More host-based production security tools unveiled Kenneth R. van Wyk (Jun 07)
- Re: More host-based production security tools unveiled Crispin Cowan (Jun 08)