|
|
|
|
|
       |
 |
|
|
Computer Security Intelligence Services Are Gaining Acceptance by Alex Woodie By now the dynamic is well established: Hackers attempt to break into networks and servers, which leads to greater efforts on the part of security officers to thwart their attacks. This, in turn, leads to more sophisticated attempts by the hackers, and so forth. Last year, a new class of security services that provides organizations with intelligence about where, when, and how hackers might hit began to emerge. This year, security intelligence services continue to gain momentum, and they foresee integration with security software on PCs and servers.
Of course, the very words security and intelligence have taken on new meaning in the wake of the September 11 terrorist attacks. There is a growing need for information about the types of threats and vulnerabilities that are most likely to affect organizations, in particular industries that use specific platforms or applications, operating in any given part of the world. The Yankee Group described this need for information in a June 2001 report entitled Security Intelligence Services: An Oxymoron or the Final Frontier? In this report, author and analyst Matthew Kovar predicted that, by the end of this year, security intelligence services would emerge as a key component and a "must-have" for defending corporations against hack attacks. The function of emerging SIS [security intelligence services] offerings is to [gather] security threat information, recommend fixes, and deliver the information to customers in a customized and actionable format. . . similar to what is provided by Reuters or Bloomberg in the financial services industries," Kovar wrote. Information about vulnerabilities and threats has been available, without charge, from numerous Web sites over the last decade, but in 2001, security intelligence services became actual products, and the number of security intelligence services providers increased from about three to more than 10. Those services providers include Vigilinx, NETSEC, eSecurityOnline, Ubizen, SecurityFocus, Predictive Systems, Riptech, iDEFENSE, RedSiren Technologies, and Pinkerton Global Intelligence Services. So how big is the market for security intelligence services? Kovar reported that $3 million was spent on security intelligence services in 2000, and he predicted that the market would hit $80 million in 2002. This year, The Yankee Group gave itself an A-minus for the accuracy of its 2001 report, and said the market was still on track to hit $1 billion by the end of the decade. The market is still relatively small, but considering that it is developing in lock-step with the next generation of security solutions, it is probably worth keeping an eye on. The security intelligence services market is progressing from the first generation of products, which included basic vulnerability and threat information available on Web sites, to a second generation, which will feature closer integration with security assessments and better allow managers in specific parts of an organization to react to the threats, according to the second of Kovar's two reports on security intelligence services, which was published in May 2002. The third phase of product development will feature an even closer integration of security intelligence with asset management systems, event notifications systems, and auditing and compliance systems. PentaSafe Security Technologies, probably the biggest provider of OS/400 security utilities, announced the launch of its first security intelligence assessment software last week. With the launch of PentaSafe's VITAL, or VigilEnt Intelligence and Threat Analysis Lab, the Houston, Texas, company is setting in motion a plan to deliver a solution that lands somewhere between the second and third generation of services on Kovar's scale. Ralph Logan, the computer security professional that PentaSafe hired three weeks ago to head up VITAL, said PentaSafe's solution will at first include vulnerability and threat information that his team gathers from sources such as Vigilinx, Computer Emergency Response Team, IBM, and antivirus software vendors. In the future, Logan and his team will conduct their own research and distribute their findings to PentaSafe customers. The security intelligence that VITAL gathers is available to users of PentaSafe's software, through its support Web site. In the future, however, PentaSafe plans to tie the security intelligence gathered by VITAL directly into the policy-based management component of PentaSafe's software suite, enabling more proactive security management. "Other security teams out there, in the past, have supplemented their products" with security intelligence, Logan said. "The differentiator for us will be tying this intelligence and threat-management information into an active policy capability in our product line. It won't just be getting information and sending out nice alerts to customers. That's a part of it. But this information we're gleaning will be built into our product." In the future, intelligence gathered from VITAL will be transmitted to the four components of PentaSafe's Integrated Security Management suite, which includes the VigilEnt Policy Center, the VigilEnt User Manager, the VigilEnt Security Manager, and the new VigilEnt Intrusion Manager, which start shipping this September. Depending on what kind of baseline policies the users have set for their applications and platforms supported by PentaSafe, which include OS/400, Unix, Novell NetWare, and others, the Integrated Security Management solution will indicate to the user which threats and vulnerabilities need to be addressed, which patches need to be applied, or what other corrective actions need to be taken, based on intelligence provided by VITAL.
|
Editor
Contact the Editors |
|
Last Updated: 6/24/02 Copyright © 1996-2008 Guild Companies, Inc. All Rights Reserved. |
LINOMA SOFTWARE