July 2009 Archives

Sourcefire, a Qualys Solution Partner, has integrated the Sourcefire 3D System with QualysGuard. The combination of Sourcefire and Qualys enables organizations to further reduce the number of actionable network threats by leveraging Sourcefire Defense Center to correlate threats detected by Sourcefire's intrusion prevention system against host vulnerabilities identified by QualysGuard. With Sourcefire and Qualys working in tandem, the number of actionable network threats detected by the Sourcefire IPS can be vastly reduced, leading to increased security and lower total cost of ownership (TCO).

"Through our innovative partnership with Sourcefire, customers are able to gain increased insight into the relevancy of attacks, so that they can focus on those threats that matter most," said Wolfgang Kandek, CTO at Qualys.

This integration provides customers with the ability to import QualysGuard scan data into the Sourcefire RNA (Real-time Network Awareness) host database, combining real-time network discovery information with active vulnerability scan data. This enables users to quickly determine if a host is actually vulnerable to a given exploit, saving valuable analysis time.

"Organizations waste a lot of time addressing threats that actually have no impact to their networks," said Martin Roesch, Founder and CTO at Sourcefire. "By combining RNA's real-time network intelligence with Qualys' active scan data, the Sourcefire 3D System can now reduce the number of actionable alerts and allows the customer to focus on the ones that actually impact their environment."

Read More

Keeping organizational IT security risks low requires careful planning, diligence, continuous execution of a risk management program, and the support of every employee. One of the most important aspects of ING Singapore's security management program has everything to do with keeping every employee informed, through an ambitious security awareness program.  ING Singapore invests significant effort to make sure its networks and systems are configured properly and protected by various layers of defenses, which include anti-virus applications, intrusion detection and prevention systems, and data leakage applications.

"Vulnerability assessment is an important activity within our security management framework," says Mangaraja Saut Martua, Manager, Information Protection and Business Continuity Management for ING Singapore. "It's how we find systems that are not in policy, locate those that need software patches, and then verify that our patches have been installed properly." For ING Singapore, with 1,000 systems, that's no small task. For vulnerability assessments, Martua uses QualysGuard, from Qualys Inc. "QualysGuard provides us with very precise reports on which we can act quickly."

Click here to read more about how ING Singapore assesses its vulnerabilities with QualysGuard.

With more than 900 staff, and a production cycle that sees plays staged across three theatres, the National Theatre has a demanding audience to please. But while the quality of its productions is the key to attracting customers, National Theatre bosses are aware that with £18m coming in through online ticket sales each year, processing those transactions securely is vital to maintaining its reputation.

To comply with the payment card industry data security standards (PCI DSS), the National Theatre recently decided to deploy Qualys' on-demand security suite, QualysGuard. Previously, the National Theatre had tried to achieve compliance by employing external penetration (pen) testers and auditing companies.

"When you examine the amount of man hours QualysGuard saves us in our own manual scans and the cost of hiring external third parties, the return on investment is clear," says Richard Bevan, the National Theatre's IT security manager. The National Theatre has about 60 servers, 1,000 networked workstations, its own datacentre and disaster recovery site, and hosts and manages its own web site. The use of on-demand security systems has made it easier to secure the infrastructure when changes are made. "[QualysGuard PCI] is also used to check the security of its web applications, along with testing third-party code. For our own peace of mind, we also use web application firewalls. From my point of view, the fact that Qualys is always updating the functionality of the system is another significant plus point, so you're always getting new features," adds Bevan.

Read More

In the dark ages of vulnerability assessment and system security, rating the risks associated with software vulnerabilities and evaluating secure system configurations were largely subjective endeavors. Essentially, every enterprise was forced to rely on the vague risk rankings of software makers as to how severely a software flaw truly would jeopardize the security of the IT infrastructure. Additionally, when it came to hardening servers, endpoints and application implementations, many organizations created their own security checklists to harden desktops and servers -- pulling the information, the best they could, from various sources such as industry practices and vendor guides.

To bring some objectivity and standardization to the process, the National Institute of Standards and Technology (NIST) recently released its first draft of the Security Content Automation Protocol (SCAP). SCAP, as NIST explains, is a standards-based method to enable automated vulnerability management, measurement and policy compliance evaluation. SCAP is based on a number of existing, well-used, open standards that itemize software flaws, security configurations, and various product names. When brought together, these standards make it possible to rank security flaws, as well as security configurations, so that the impact of security vulnerabilities and misconfigured systems can be measured. To do so, SCAP leverages the following standards:

  - Common Vulnerabilities and Exposures (CVE)
  - Common Configuration Enumeration (CCE)
  - Common Platform Enumeration (CPE)
  - Common Vulnerability Scoring System (CVSS)

As more security vendors embrace SCAP, expect the adoption of SCAP to broaden throughout the commercial sector as the interoperability benefits grow -- and subjective security makes way for a more measured risk posture.

Read Full Article

VeriSign and Qualys have formed a strategic relationship to integrate iDefense intelligence with scanning data from QualysGuard Vulnerability Management (VM). This integration drives immediate availability of two new services that combine advanced, in-depth security threat intelligence and vulnerability scanning data, which enables enterprises to protect critical IT assets from compromise or attack, particularly against zero-day threats and vulnerabilities. Zero-day threats are exploitable security vulnerabilities in software that are discovered before the software vendor has identified them and begun a process for patching.

IDC Security Services analyst, Irida Xheneti commented "As security threats and vulnerabilities continue to evolve, organizations are increasingly looking for tools and solutions that will enable them to proactively prioritize and respond to security attacks in a cost-effective way. Through the integration of the VeriSign iDefense security intelligence with the QualysGuard Vulnerability Management solution, organizations will be able to leverage deep security analysis of their respective environment, security intelligence of current threats and vulnerabilities combined with the ability to prioritize actions to vulnerabilities based on asset criticality."

Read More