Beyond Security Launches Multi-Level Scanning Tool

Published: November 28, 2006

by Alex Woodie

Beyond Security recently launched a multilevel scanning solution that simulates hacker attacks to hunt down security vulnerabilities existing in all types of gear throughout the data center. Called the Automated Vulnerability Detection System (AVDS), the appliance-based "fuzzing" solution builds on the company's previously released network scanning tool by introducing additional vulnerability scans for specific operating systems (including i5/OS), databases, and applications, as well as checking for known vulnerabilities tracked by the company's SecuriTeam research affiliate.

It's been just nine short months since Beyond Security introduced beSTORM, a vulnerability detection system that features a patented algorithm that tries every conceivable character combination against an application's previously unknown vulnerabilities, such as memory buffer overflows. Because it works at the network layer, beSTORM supports practically any piece of gear used in the data center. Prior to beSTORM, Beyond Security sold its Automated Scanning offering, which enables companies and service providers to check applications against SecuriTeam's database of known vulnerabilities.

With the new AVDS solution, the company is combining elements of both its beSTORM engine and its Automated Scanning offering. The solution builds on the network-only checks in beSTORM by simulating brute-force hacker attacks to pry open previously undiscovered holes in operating systems, databases, applications, and Web applications--as well as discovering existing vulnerabilities in customers' systems. It also brings access to SecuriTeam's database of known vulnerabilities.

Beyond Security, which is based in Israel and has U.S. headquarters in McLean, Virginia, claims AVDS is the only multilevel scanning tool that checks for network, system, database, application, and Web application vulnerabilities. It comes with operating system-specific checks for OS/400, VMS, Unix, Linux, NetWare, and Windows; works with all types of network devices, including routers, access points, VoIP phones, firewalls, content filtering systems, and antivirus software; and checks level 7 Web applications, including Web servers, e-mail servers, FTP servers, database servers, and proxy servers.

The offering includes software preloaded onto two X86-based appliances that each occupy 1U of space in a rack. The first appliance is Beyond Security's proprietary Lucent Security Scanner, which simulates hackers looking for new vulnerabilities. The second appliance is called the information server (IS), which serves the Web-based GUI management console used to control the LSS server, houses the SecuriTeam database of existing vulnerabilities (in an embedded MySQL database), and stores and generates graphical reports.

The first step in using the AVDS is mapping an organization's entire network and then kicking off a simulated hacker attack. Each LSS server can check up to eight systems simultaneously, at a rate of about 60 kbps, although the product comes with ways to scale back its consumption of network bandwidth. Once the simulated attack is over, the IS server generates a vulnerability report that details the security breaches and offers recommended fixes for the problems.

To avoid becoming a victim of malicious software and hackers, Beyond Security recommends running scans every day. AVDS checks for updates every hour, and about 100 new vulnerability checks are added to the product every month, giving it a current total of about 4,200 vulnerability checks. But the numbers don't favor those who wait, as there are, on average, about 310 new security vulnerabilities announced every month, the company says.

"Plugging security holes before problems occur means you can avoid downtime, which helps to ensure business continuity," says Aviram Jenik, chief executive officer. "And, continuity and security are key requirements of mandates in virtually every industry--including Sarbanes-Oxley, HIPAA, and ISO 27001. Our solution helps you meet those requirements cost effectively and without tying up a lot of IT resources. That frees up capital and people for more mission-critical projects."

AVDS is available now. Pricing starts at $15,000. For more information, visit www.beyondsecurity.com.