 |
|
DAILY NEWS AND INFORMATION
FOR THE GLOBAL GRID COMMUNITY /
|
Breaking News -
Security:
Reactivity Releases XML Web
Services Threat Defense Framework
Reactivity, a leader in delivering instant and sustainable XML Web services
security solutions, announced the availability of the "XML Web Services Threat
Defense Framework," a guide to enable enterprises to understand the new IT
security threats created by XML Web services and implement a sustainable
defense model of prevention, detection and protection.
The Reactivity "XML Web Service Threat Defense Framework" is the first
comprehensive model to offer enterprises and their connected partners a
practical approach to defending their digital assets in light of the new
threats posed by increasingly vulnerable XML Web services. The Reactivity
framework builds upon the existing security infrastructure of anti-virus,
intrusion detection, authentication and authorization technologies, suggesting
how they can be applied to help prevent the new class of XML-based threats,
and then introduces new heuristic techniques for detecting XML Web services-
specific threats and presents the appropriate actions that can be taken when
attacks occur. A copy of the "XML Web Services Threat Defense Framework" can
be downloaded at no cost from the Reactivity Web site,
www.reactivity.com/threat.html.
"Enterprises need to be proactive in protecting themselves, as well as their
connected business partners and customers, from both accidental and
intentional attacks when leveraging the Internet and, in particular, XML Web
services," said John Lilly, vice president and CTO of Reactivity. "Protecting
an enterprise's digital assets from such attacks requires a thorough
understanding of the nature of these new threats, deploying sound detection
mechanisms, carefully assessing countermeasures and implementing a
comprehensive defense strategy, which we have codified in our new Threat
Defense Framework and integrated into the Reactivity XML Firewall 2300
series."
While using XML Web services to share mission-critical functions by directly
connecting applications, partners and customers create a realm of new business
possibilities, XML and Web services technologies also make it significantly
easier for uninvited outside parties to connect to unprotected systems. These
threats are particularly acute and potentially much more severe because XML
Web services create and depend upon open interfaces into core enterprise
applications and data.
"XML-based threats present a complex problem that requires a sophisticated
solution, and not all threat defense models employed in today's security
products are up to the task," said Glenn Osaka, CEO and president of
Reactivity. "Instead of simply blocking all messages over a certain size to
prevent XML denial of service attacks, for example, Reactivity applies a
heuristic approach that looks at nine different factors, weighs them carefully
and looks at how they combine to determine whether or not they present a real
threat. The result is much fewer false positives and false negatives."
XML is a powerful, expressive medium, but within the constraints of a secure
environment these assets have quickly become liabilities as a new class of
XML-layer attacks has surfaced. Based on its experience helping customers
implement real-world Web services, Reactivity has identified three primary
categories of attacks:
- Identity threats -- updated, XML versions of traditional identity threats
such as authentication attacks and eavesdropping;
- Content-borne threats -- attacks using elements within the actual XML
payload, such as XML viruses, SQL statements, Unix commands, etc.; and
- Operational attacks -- new, application-level versions of operational
attacks like XML Denial of Service (XDoS) attacks.
Reactivity has put its theory into practice through the Reactivity XML
Firewall, a next-generation family of Web services security appliances
delivering the most complete XML and Web services security, unmatched traffic
throughput and unparalleled ease of use. The Reactivity XML Firewall employs a
comprehensive range of standards, heuristics and automated features to
implement the detection mechanisms and countermeasures outlined in the Threat
Defense Framework, and provides a proven, hardened solution for securing XML
Web services.
The Reactivity XML Firewall sits at the edge of the corporate network to
secure message flow between distributed Web services applications. It acts as
an XML proxy that performs authentication, authorization, auditing, XML
validation and routing to secure bi-directional message flow. By decoupling
security from application development, the Reactivity XML Firewall eliminates
the time-consuming and costly process of custom coding such security into each
application and maintaining it.
|