Category: Trends

Vulnerability management services (VMSs) have arisen from the pragmatic need to make existing security technologies work together to mitigate today’s network securicyty vulnerabilities while the security product vendors develop new technologies.

Enterprise security teams are overwhelmed with the volume of information from intrusion detection systems (IDSs) and patch notifications from vendors. There are significant challenges in identifying vulnerabilities in their network infrastructure and in tuning network security products for optimal efficiency and protection.

Security teams that once reacted to security incidents now are proactively addressing network security through the life cycle of vulnerability intelligence all the way to confirmation of a deployed correction.

Managed security service providers are evolving service product lines from managing security technology, such as managed firewall and managed IDS services, to the higher value service of managing the process across technologies to secure the extended enterprise.

Enterprises will consolidate managed services with a single preferred vendor to capture enterprise experience, simplify escalation procedures across multiple security products and streamline contract negotiations.

Smaller VMS organizations will be forced to extend expert services to new areas of a security policy, such as identity management services, remote connectivity assessment services and wireless security services. The Yankee Group believes VMS vendors will consolidate throughout 2004, driven by the shortage of skilled security professionals.

More info: [url=http://www.csoonline.com/analyst/report2021.html]http://www.csoonline.com/analyst/report2021.html[/url]

“IT spending is more correlated with corporate profits than (gross national product) or other factors, and corporate profits are increasing,” said Frank Gens, senior vice president of research at IDC.

Servers running so-called x86 processors and Windows or Linux will continue to grow at the expense of RISC-Unix servers. In 2004, x86 servers will account for more revenue overall, and Linux will account for 10 percent of the servers sold in the United States. “Although manufacturers continue to promote the concept, real investments in server virtualization and other techniques to more efficiently use computing resources will continue to lag,” the prediction said.

The value of IT goods and services coming to the United States that are produced by offshore labor will hit $16 billion, doubling 2003’s total.

Not only will large U.S. companies continue to outsource, Indian service providers will gain market share as well.

The number of public Wi-Fi hot spots will grow from the current 50,000, to 85,000 by the end of the year, IDC said.

Chinese IT spending will hit $30 billion and grow at four times the rate of that of the rest of the world. Eastern European nations, meanwhile, will see a surge in spending as 10 new nations, most from Eastern Europe, join the European Union.

More info: [url=http://zdnet.com.com/2100-1104_2-5113558.html]http://zdnet.com.com/2100-1104_2-5113558.html[/url]

Just a couple of years ago, the biggest targets were severe vulnerabilities in applications such as Microsoft’s Internet Information Service (IIS) Web server. “Finding security vulnerabilities in a Web server is fairly easy because the protocol of the web, i.e. HTTP, is a plain text protocol,” said veteran vulnerability finder David Litchfield of Next Generation Security.

In some ways, most of the easy bugs have been found in applications. For example, the obvious flaws in IIS, for example, have basically been found.

Vendors are also putting more work into finding flaws before shipping out their applications.

More info: [url=http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci939419,00.html]http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci939419,00.html[/url]

While almost every large and midsize business already uses a firewall, more companies will start installing the devices at an increasing number of points in their networks, said Mark Bouchard, senior program director for technology research at Meta Group.
I see a lot more customers intent on using firewalls in a lot more places, like between business units,” he said. Digitally cordoning off networks has proved to be an effective way to prevent some attacks, such as worms, from spreading. Business adoption of that tactic, plus sales to new customers, will expand the market for firewalls to $2.5bn worldwide in 2005, Bouchard estimated.

The forecast comes as security companies seek to improve the integration of different safeguards into a single device. Such a product would bring together many functions, such as virus protection, intrusion detection, virtual private networking (VPN), firewalls and content filtering. Security device maker NetScreen Technologies and network hardware maker Cisco both plan to add secure sockets layer (SSL) functionality to their VPN products. Internet Security Systems, a network protection company, has combined several security functions into an all-in-one device. In addition, Check Point Software Technologies announced in mid-November that it would branch out from firewall and VPN software and devices to incorporate internal network and website protection software and services.

Meta Group’s Bouchard believes that companies will still demand stand-alone firewall devices to protect key parts of their networks. “I believe that the integrated products have a way to go before they become a primary solution,” he said.

More info: [url=http://www.silicon.com/software/security/0,39024655,39117180,00.htm]http://www.silicon.com/software/security/0,39024655,39117180,00.htm[/url]

Moreover, the successful hacking and distributed denial of service attacks now originate from Brazil, Russia, China and India, the mi2g Intelligence Unit reported in new research. The combined number of attacks — 5,682 — against the European countries far exceeds the overt digital attacks recorded against the United States (3,696) and Canada (209). Brazil, with 962 attacks, Turkey (549) and China (317) are the only non-Western countries in the top 10.

The mi2g report found that 55 per cent of all digital attacks in November were launched against small entities with a turnover below $7-million (U.S.). Only 1 per cent of all successful digital attacks in November were against larger entities with a turnover in excess of $40-million.

In terms of operating systems, Linux remained the most popular among hackers, according to mi2G, reflecting how popular Linux has become as a platform for Internet-connected computers and servers. Systems running the open-source system accounted for 61.7 per cent of all attacks. Microsoft Windows followed with 23.7 per cent.

But since most government computers run Microsoft systems, Windows servers in governmental operations registered a record high of 84.1 per cent of all successful digital attacks.

The mi2g report also estimated worldwide economic damage from hacker attacks, DDoS attacks, as well as virus, worm and spam proliferation at $166.7-billion to $203.75-billion, with the greatest damage coming from malware and spam.

More info: [url=http://www.globetechnology.com/servlet/story/RTGAM.20031128.gthacknov28/BNStory/Technology/]http://www.globetechnology.com/servlet/story/RTGAM.20031128.gthacknov28/BNStory/Technology/[/url]

In general, an unknown writer identifies a vulnerability in a common system, writes software to exploit it and releases it to his chums and the antivirus companies, sometimes into the wild. The virus is analysed, a unique pattern within it is identified and the antivirus companies release the update to their customers.

One approach to counter that is heuristic analysis, where software examines email attachments and incoming files and attempts to work out what they actually do. A more advanced form of heuristic scanning involves running the code, either in emulation or a virtual machine, and watching for dangerous activity.

Yet another approach is to monitor not the suspect code, but the entry points to the operating system: as software runs, the antivirus program constantly checks for dangerous activity.

One of the latest demonstrations comes from Washington University, where John Lockwood and his students have developed a device called the Field Programmable Port Extender (FPX) that can scan incoming bitstreams at up to 2.4 gigabits per second. The hardware builds incoming packets into a message, analyses the protocol headers and compares the contents of the message against a database of known signatures — all things that are normally done in software.

More info: [url=http://insight.zdnet.co.uk/0,39020415,39118047,00.htm]http://insight.zdnet.co.uk/0,39020415,39118047,00.htm[/url]