McAfee CEO Unveils 'Predictive Security' Vision
2009-04-23 16:20:32
SAN FRANCISCO --(Business Wire)-- Apr 22, 2009 -- McAfee, Inc. (NYSE:MFE) President and Chief Executive Officer Dave DeWalt in a keynote address today unveiled McAfee's vision for the future of digital security.
"The traditional approach to enterprise security simply doesn't work - it leaves security holes, its unmanageable and is too costly," said DeWalt. "Many companies still wrestle with a patchwork of incompatible products from multiple vendors, which leaves them exposed. To provide the best security in today's world of increased cybercrime, a myriad of compliance requirements and staggeringly complex networks, we need to move to an approach where all security products exchange intelligence and provide real time, all the time visibility."
McAfee is innovating to provide predictive security. This approach comprises interconnected security technology at multiple layers in the technology stack, backed by global threat intelligence. Predictive security will allow security products to intelligently block attacks much sooner than is currently possible with traditional approaches. A real-time, in-the-cloud foundation will allow multiple security products to communicate with each other, leading to new levels of security.
DeWalt drew a parallel with advances in meteorology as an example of where digital security should move. Weather sensors everywhere, from oceans to satellites, gather information that is brought together, analyzed and distributed as a weather forecast, allowing people to know days or weeks ahead to get ready to "hunker down for a storm," or "pack for the beach."
Predictive Security Starts with Global Threat Intelligence
Security technology in the future should be embedded everywhere, from silicon to satellite. All these security "sensors" would report threat data to a Global Threat Intelligence system for analysis. Going beyond meteorology, the Global Threat Intelligence system would then send back data to the sensors to provide smarter security. Reputation management is a key part of global threat intelligence, assigning reputation scores to Internet hosts, senders, domains, URLs and messages based on behavior, much like a credit bureau assigns credit ratings to consumers.
As an example, DeWalt discussed how intelligence learned from a simple spam e-mail can allow a threat intelligence system to update security protection across an enterprise. For example, the firewall could block attacks emanating from the IP address used to send the e-mail, a Web gateway can blacklist the Web site advertised in the spam message and antimalware protection can be alert on any potentially included pests.
McAfee's vision for predictive security is already becoming a reality. McAfee's Global Threat Intelligence today supports best in class protection across most of the McAfee product portfolio. In the future, McAfee plans to invest in its threat intelligence to boost the level of protection and fundamentally move from proactive to predictive security.
About McAfee, Inc.
McAfee, Inc., headquartered in Santa Clara, California, is the world's largest dedicated security technology company. McAfee is relentlessly committed to tackling the world's toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. http://www.mcafee.com
Category : Security | Comments | TrackbacksSun Expands Identity Management Suite With New MySQL Database Interoperability
2009-04-23 16:19:49
SANTA CLARA, Calif. -- April 22, 2009 -- Sun Microsystems, Inc. (NASDAQ: JAVA) today announced expanded interoperability between the Sun Identity Management Suite and MySQL(TM), the world's most popular open source database, allowing customers to radically reduce the total cost of ownership (TCO) for deploying identity management solutions. In addition, the new integration helps to enable companies to create more dynamic identity architectures, comprised of powerful directory services and relational databases, to improve performance and simplify management of large-scale applications. For more information visit: http://www.sun.com/identity.
Today's announcement was made at the seventh annual MySQL Conference & Expo (http://www.mysqlconf.com) being held this week at the Santa Clara Convention Center. With more than 2,000 attendees, it is the world's largest community event for open source database developers, DBAs, vendors and corporate IT managers.
With MySQL and the Sun Identity Management Suite, customers now have a highly flexible, scalable and efficient approach to manage their identity data infrastructure across their organization, regardless of whether they are using an LDAP directory or relational database. The Sun Identity Management Suite is the most proven identity infrastructure in the world, with more than 5,000 deployments worldwide and Sun's MySQL database provides the back-end foundation for some of the world's largest online applications. A key product in the Sun Identity Management Suite, Sun(TM) Directory Server Enterprise Edition is the market leading LDAP directory server, with more than four billion entries in use today.
"Companies continue to struggle with basic identity infrastructure issues and are looking for pragmatic approaches to simplify deployment, reduce complexity and cost while planning for future business growth," said Mark Herring, vice president, MySQL and Software Infrastructure marketing at Sun. "The combination of Sun's open source and commercial solutions along with MySQL provides the lowest TCO of any vendor in the market " allowing customers to consolidate their infrastructure, reduce expensive licensing fees, reduce time-to-acquisition and increase time-to-value."
"Identity management over the years has been making the promise to consolidate, bind together and manage identity information, and Sun Microsystems has an extensive identity management offering that does exactly that," said Felix Gaehtgens, Senior Analyst from Kuppinger-Cole. "Sun's added support for MySQL with their entire identity stack takes this to a new level by allowing organizations to bind together data regardless of whether it is stored in an classic directory or relational database."
New integration of Sun OpenDS(TM) Standard Edition with the latest release of MySQLCluster 7.0, (announced yesterday at the MySQL Conference - http://www.sun.com/aboutsun/pr/2009-04/sunflash.20090421.2.xml) can be deployed as a clustered gateway to combine the mission-critical strength of MySQL's high availability database technology with the flexibility and compatibility of the OpenDS LDAP v3 directory standard. This solution set offers some of the best performance of any combined LDAP and database solution with proven large scale deployments in large telecommunications operations. By maintaining data in standard SQL and LDAP formats, the combined solution requires no application changes and provides organizations with a simpler programming and administration model.
Sun's Virtual Directory, a key component of Sun Directory Server Enterprise Edition, provides customers with a consolidated view of identity information across all of their directories and databases. When building a new Web application based on MySQL, developers now have a simple and intuitive way to onboard new data repositories into their identity infrastructure in a standards-based manner (i.e.--LDAP v3). This standards-based approach reduces quality assurance testing, eliminates integration costs and makes identity data rapidly accessible.
In addition, Sun(TM) Identity Manager can provision users to any repository including LDAP v3 compliant directories and relational databases, such as the MySQL Enterprise(TM) Server, and can also employ MySQL as its data repository. Sun(TM) Role Manager can also be used with MySQL as its identity warehouse. Sun OpenSSO Enterprise allows customers to choose MySQL, Sun Directory Server Enterprise Edition, OpenDS Standard Edition and most third-party LDAP V3 directories as an identity repository. This allows an organization to remove security concerns from the developer so that they focus on rapid application development, and provides a common security model that can be leveraged across an organization's users, roles and resources.
About Sun's MySQL Database MySQL is the most popular open source database software in the world. Many of the world's largest and fastest-growing organizations use MySQL to save time and money powering their high-volume Web sites, critical business systems, communications networks, and commercial software. At www.mysql.com, Sun provides corporate users with commercial subscriptions and services, and actively supports the large MySQL open source developer community.
About Sun Microsystems, Inc. Sun Microsystems develops the technologies that power the global marketplace. Guided by a singular vision -- "The Network Is The Computer(TM)" -- Sun drives network participation through shared innovation, community development and open source leadership. Sun can be found in more than 100 countries and on the Web at http://sun.com.
Category : Security | Comments | TrackbacksResearchers Find Massive Botnet On Nearly 2 Million Infected Consumer, Business, Government PCs
2009-04-23 16:15:17
Researchers have discovered a major botnet operating out of the Ukraine that has infected 1.9 million machines, including large corporate and government PCs mainly in the U.S.
The botnet, which appears to be larger than the infamous Storm botnet was in its heyday, has infected machines from some 77 government-owned domains -- 51 of which are U.S. government ones, according to Ophir Shalitin, marketing director of Finjan, which recently found the botnet. Shalitin says the botnet is controlled by six individuals and is hosted in Ukraine.
Aside from its massive size and scope, what is also striking about the botnet is what its malware can do to an infected machine. The malware lets an attacker read the victim's email, communicate via HTTP in the botnet, inject code into other processes, visit Websites without the user knowing, and register as a background service on the infected machine, for instance. The bots communicate with their command and control systems via HTTP.
Botnet expert Joe Stewart says it appears to be similar to other downloader-type botnets. "It looks a lot like other downloader bots out there," says Stewart, director of malware research for SecureWorks. "It has a system for installing other malware and getting paid for it. The first stage is to get the bot piece onto the machine, and then they get paid to install other malware."
Finjan says victims are infected when visiting legitimate Websites containing a Trojan that the company says is detected by only four of 39 anti-malware tools, according to a VirusTotal report run by Finjan researchers.
"We don't have our hands on the actual [stolen] data, but we can tell a lot of what they [may be] doing with it by the malware," Shalitin says. "They can use it for spam, [stealing data], and almost almost anything."
Around 45 percent of the bots are in the U.S., and the machines are Windows XP. Nearly 80 percent run Internet Explorer; 15 percent, Firefox; 3 percent, Opera; and 1 percent Safari. Finjan says the bots were found in banks and large corporations, as well as consumer machines.
Shalitin says it appears that the botnet operators may be buying and selling bots or portions of their botnet based on a communique Finjan discovered on an underground black-hat hacker forum in Russia.
Category : Security | Comments | Trackbacks