 |
|
DAILY NEWS AND INFORMATION FOR THE GLOBAL GRID COMMUNITY /
|
Breaking News - Security:
Sana Security, Service Integrity To Offer Web Services Security
Sana Security Inc announced a strategic alliance with Service Integrity Inc, a
developer of XML/Web Services monitoring, analysis and visibility software.
Interoperability between the products creates a best-of-breed solution
providing large organizations with real-time application security, forensic
analysis and regulatory compliance for their Web Services infrastructures.
The new joint offering will ensure substantially greater levels of security
and availability for Windows-based Internet Information Services (IIS) servers
from unknown attacks, as well as delivering forensic and compliance reporting
capabilities for identifying the source of potential and attempted security
breaches.
"Service Integrity and Sana Security have developed a unique, new security
solution to meet critical requirements within the enterprise. It is a first in
that it allows customers to understand in real time what areas of the
enterprise attackers are targeting and to do that with unprecedented
granularity," said M. Greg Shanton, chief technology officer of the Enterprise
Security Group at CGI-AMS Inc.
According to market analyst firm ZapThink Research, the Web services market is
growing -- from an estimated $12 billion in 2004 to $43 billion by 2010.
Meanwhile, Gartner Inc predicts that by 2006, all major off-the-shelf
enterprise applications that provide Web services interfaces will suffer from
the regular discovery of significant security vulnerabilities and from
numerous automated attacks.
"The open and automated nature of Web Services infrastructures makes
enterprises especially vulnerable to malicious attack," said Ray Wagner, vice
president and research director at Gartner. "Real-time monitoring and
malicious attack prevention mechanisms will strengthen the security profile of
Web services deployments."
Applicable to a wide range of customers, infrastructure and security
scenarios, the alliance combines Sana's Primary Response HIPS product with
Service Integrity's SIFT software, offering value to large organizations in
financial services, healthcare and government. The monitoring and security
solution is designed to help enterprises prevent intrusions, protect sensitive
data and provide complete visibility into underlying XML-based application,
server and network interactions related to security events.
Both Sana and Service Integrity have entered into this alliance to pair the
technical interoperability of each other's products with the support and
expertise of sales engineers, channel partners and systems integrators in
order to offer customers:
- The highest level of host-based intrusion prevention of both known and
unknown threats for standard and custom applications.
- Monitoring, logging and reporting of actionable information on security
events.
- Auditable records of intended targets, scope and business impact of
attacks.
As a result, organizations will benefit from:
- Continuity of services; zero downtime upgrades.
- Reduced cost of business operations, security deployment and management.
- Compliance with regulations and auditing requirements concerning privacy
and information integrity such as HIPAA, Sarbanes-Oxley and the California
Senate Bill 1386.
Automated Attack Prevention, Awareness And Compliance
Both SIFT and Primary Response correlate business events to security events,
providing quantified, deep visibility into the intended target, scope and
impact of attempted attacks at the application layer. Sana's Primary Response
monitors host servers and applications using its unique Sana Adaptive
Profiling Technology (SanAPT) to proactively block malicious code attempting
unauthorized access or activity. Primary Response provides the most accurate,
automated and effective detection and prevention of known and unknown attacks
for standard, complex and custom server applications on major software
platforms.
Service Integrity's SIFT software uses real-time visibility to turn XML
application data flows, into actionable information about the performance and
availability of business processes and cycles, necessary to pinpoint problems,
enhance performance and plan capacity. In working with Sana's Primary
Response, SIFT provides enterprises with visibility into underlying Web
Services activity related to security events, proactively alerting IT staff
while preserving the privacy and integrity of sensitive data or customer
information.
"Signature-based security solutions and traditional network firewalls have
little chance of defending host servers used in Web Services against unknown
and emerging attacks," said John Zicker, CEO of Sana Security Inc.
"Enterprises are demanding best-of-breed solutions that can thwart anomalous
behavior, protect sensitive data while giving total visibility into security
events across the Web Services infrastructure. Our partnership with Service
Integrity allows us to bring a unique and differentiated solution to serve
large enterprises that must maintain security and compliance for their Web
Services deployments."
SIFT's real-time monitoring and logging software keeps a concise record of
activity or impact of security events and makes this information automatically
available for post-attack forensics and regulatory compliance auditing.
"We look forward to working with Sana to provide our customers with deep
visibility into attempted security breaches of their IIS enterprise servers.
Our new joint offering will greatly enhance security for enterprise customers
enabling real-time analysis to help pinpoint the nature and source of
attempted breaches. This joint solution is the type of unique and highly
beneficial use of the SIFT software that we are developing with partners
across numerous vertical markets," said Jothy Rosenberg, CTO of Service
Integrity.
|