Okena Technologies and Kavado Inc. introduced products on Tuesday designed to safeguard applications from complex computer attacks that can run roughshod over firewall and intrusion detection systems.
Kavado introduced ScanDo, a Web application vulnerability scanner, as the newest addition to its Web application protection product line. Featuring a three-step scanning process, ScanDo is constructed to emulate a hacker's bag of tricks to determine a Web application's potential exposed holes, said Tal Gilat, CEO of New York-based Kavado.
Meanwhile, Okena announced StormSystem on Tuesday, its integrated series of products that provide intrusion prevention for applications without relying on signature-based techniques. StormSystem offers enterprises an underlying security infrastructure tied together by a common agent, said Dave Hammond, director of marketing communications for Waltham, Mass.-based Okena.
Following a series of high-profile break-ins of its applications and operating systems during the last six months, Microsoft has sworn to dedicate a greater effort to incorporate stronger security features into its products. Until results of that pledge come to pass, users must depend on security vendors to provide protection without affecting application performance, said Michael Rasmussen, senior industry analyst at Cambridge, Mass.-based Giga Information Group Inc.
"[Application defense] is a big deal. We have a lot of vulnerabilities in OS and applications are being exposed to them," Rasmussen said. "Firewalls and IDS [intrusion detection systems] are going to fail. You need the process and suite of products to protect [applications]. You need to protect the host behind the firewall."
Rasmussen said an effective intrusion management process should stem the flow of network problems or downtime associated with buffer overflows and poorly written application code lacking security considerations.
Noting a weakness on the part of Okena and its competitor Entercept in the past of having to "break things before you can fix it," Rasmussen said that Okena's improved character application solution's ability to determine normal behavior and set policies without shutting down applications should be welcome by customers.
StormSystem consists of StormWatch, which delivers agents to provide intrusion prevention for host systems, and StormFront, which determines how an application behaves and analyzes that data to create operating polices and application control. Hammond said Okena has plans to release StormTrack, which will identify and seal-off vulnerable components of an IT infrastructure, later in 2002.
Kavado's ScanDo vulnerability scanning product first examines every component a Web application is running, such as cookies and passwords, and records its makeup and contents. Secondly, it probes the application to uncover possible susceptibility to random security breaches or targeted attacks. A user can configure ScanDo to create and mimic an attack through Visual Basic scripts to compare results, Gilat said. Finally, ScanDo offers standard or customized graphical and textual reports on its complete findings.
ScanDo, which can be updated to incorporate the newest security tools from Kavado, is complementary to Kavado's InterDo product. InterDo deflects attacks against Web applications, said Gilat.
ScanDo runs on Windows NT and 2000, with a Solaris version planned for the second quarter of 2002. ScanDo costs US$15,000 per year, as a subscription, and is available immediately.