Information Security News mailing list archives
Software Acts As Robotic Hacker
From: InfoSec News <isn () C4I ORG>
Date: Thu, 22 Jun 2000 00:52:10 -0500
http://www.techweb.com/wire/story/TWB20000621S0013 By Rutrell Yasin, InternetWeek Jun 21, 2000 (3:25 PM) The best way to determine if your IT infrastructure is secure is to have a hacker try to break into your corporate systems. Short of that, software that simulates attacks is the next best thing. Wednesday, Sanctum rolled out an automated audit tool that analyzes Web applications, points to security glitches, and provides advice on how to fix any vulnerability. Generally, security holes are found within in-house or third-party applications. Sanctum (formerly Perfecto Technologies) already provides software called AppShield that prevents unauthorized users from manipulating any type of application. AppShield recognizes the application's security policy by analyzing the outbound HTML pages and then enforces compliance with the policy for each incoming HTTP request. However, a large e-business with "5,000 Web servers can't apply AppShield on every server," said Eran Reshef, Sanctum's co-founder and senior vice president. As a result, the new AppScan is designed to automatically ferret out and repair glitches that would normally take IT managers hours to manually patch and upgrade, Reshef added. At the heart of AppScan is the Policy Recognition Engine, which analyzes the application while an auditor browses through it. AppScan's RoboHacker feature can then generate potential hacks such as hidden manipulation code, parameter tampering, cookie poisoning and buffer overflows, as well as search for dangerous content. If an attack is successful, it can be written into a report, and advice on how to fix the problem is generated by the RoboAdvisor feature. AppScan performs the "same functions that a good consulting firm would do when it performs a penetration test," said Gartner Group analyst John Pescatore. However, the tool may be too sophisticated for the average e-business, which lacks security expertise in-house, Pescatore said. "For the tool to be effective, companies would need a real smart person to initiate the attack and then to interpret the results," he said. "It might be beyond what [the typical] e-businesses can do, except for the high-end sites with expertise in-house." Pescatore said the tool would initially be popular among consultants who perform security audits for companies. Reshef said Yahoo (stock: YHOO) and Lycos's (stock: LCOS) Quote.com are early beta testers of the product. AppScan will be available in the third quarter. Pricing is subscription-based, ranging between $20,000 and $75,000 per auditor. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Software Acts As Robotic Hacker InfoSec News (Jun 22)