Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Thursday, February 22, 2007

Cisco’s Web Security Play

Cisco’s acquisition of XML vendor Reactivity today could set the stage for a new approach in handling the Web services security problem, experts say.  On the surface, the deal looks like a simple play for the networking giant to incorporate Web services capabilities into its hardware lines, but security experts inside and outside Cisco say there may be more to it than that.

“Identity management is one aspect of security that becomes a lot more complex in a Web services environment, because now you need a way to preserve the identities of both users and applications across different services.

The merger of Cisco and Reactivity could make it easier for enterprises to build a common structure for Web services security in at the network level, rather than forcing application developers to resolve the security issues at the program level, experts say.  From that standpoint, especially in the virtualized data center, Reactivity and Cisco are in a good spot to make things happen.”  “There is a threat of external attacks, and we’re addressing that, but in Web services, there’s a more important threat, which are security problems caused inadvertently by misprogramming,” says Sirota.

Posted on 02/22