- New program offers key partnerships with WhiteHat Security and NetOptics
Imperva, the leader in data security, last week announced the new PartnerSphere Technology Alliance (link), a technology ecosystem dedicated to data security and compliance. The PartnerSphere Technology Alliance offers organizations an end-to-end blueprint for data security, providing best-of-breed products that complement and extend Imperva SecureSphere Web Application, Database, and File Security Solutions.
“Our partner ecosystem is growing rapidly as the demand for a data security strategy increases,” said Imperva VP of Business Development, Farzad Tari. “Our program recognizes the reality of today’s IT security landscape by partnering with leading technology providers in a formal, cohesive fashion, creating a partner ecosystem to protect structured and unstructured data.”
Imperva has partnered with industry-leading vendors in several categories including Vulnerability Assessment, SIEM, Business Software, Platform, Application Delivery, Identity Management, and Masking and Encryption. Together, Imperva and its technology partners offer fully complete solutions that address organizations’ top data security challenges.
With the creation of the PartnerSphere Technology Alliance, Imperva also announces two new partnerships with WhiteHat Security and NetOptics:
Imperva WAF Quick Start Program including WhiteHat Sentinel Website Vulnerability Management:
Imperva and WhiteHat Security have joined forces to offer a closed-loop process to identify and mitigate website vulnerabilities. Beginning today, Imperva’s Web Application Firewall Quick Start Program, a packaged professional services engagement for initial product installation and configuration, will include one WhiteHat Sentinel vulnerability assessment. As part of the Quick Start Program, WhiteHat Sentinel will conduct a website vulnerability assessment. All results are verified for accuracy, eliminating false positives. Then an Imperva professional services consultant will import the verified WhiteHat assessment results into SecureSphere Web Application Firewalls to instantly remediate discovered vulnerabilities.
The Quick Start Program now allows customers to leverage the full benefits of the Imperva SecureSphere and WhiteHat Sentinel integration. Customers can immediately mitigate Web application vulnerabilities, eliminating the window of exposure inherent with manual remediation. Virtual patching also allows customers to design and implement code fixes on their schedule, avoiding emergency fix and test cycles.
“The combined Imperva and WhiteHat solution effectively detects vulnerabilities and protects against website attacks. This integration provides a complete and automated way for organizations to simplify the management of the Web application security lifecycle,” said Bill Pennington, Chief Strategy Officer, WhiteHat Security. “WhiteHat Sentinel delivers ongoing accurate website vulnerability data that enables Imperva SecureSphere customers to deploy virtual patching with confidence. Organizations can design and implement application code fixes on their schedule, without rushing to fix and test patches, eliminating disruption in their development cycle. This allows businesses to freedom to decide how and when to mitigate web application security vulnerabilities in production.”
Partnership with Net Optics provides unparalleled performance, visibility, and scalability to protect network and web applications in the demanding 10G environment
Net Optics brings to the partnership a record of proven leadership in intelligent monitoring access by providing a fault tolerant architecture with high-speed intelligent load balancing. The company’s growing suite of innovative solutions enables customers to meet the challenge of monitoring, troubleshooting, and securing high volumes of network traffic, bandwidth-intensive applications, and cloud deployments. SecureSphere Stack, powered by Net Optics, provides a scalable, high-performance data security solution for up to 10Gbps of network traffic.
The new offering will employ the unique capabilities of Net Optics Director Pro™ Data Monitoring Platform to control, filter, and dynamically load balance traffic sent to monitoring appliances. Engineered for extremely high, business-critical traffic levels, Director Pro enables deep packet exploration at full 10Gbps wire speed and provides 24/7 passive network access without introducing a point of failure. The robust Director Pro works in conjunction with up to five SecureSphere X6500 appliances to maximize Web, Database, and File Security for the most demanding applications without affecting performance and availability. Director Pro not only reduces the complexity of managing an integrated network fabric, it streamlines scaling within the customer deployment and contributes the key capability of connecting inline to a 10G network.
“Imperva’s selection of Net Optics will help customers overcome their toughest monitoring challenges in an ultra-high performance environment where security is critical,” said Bob Shaw, CEO, Net Optics. “The Imperva-Net Optics 10G solution will enable high availability, cost-effectiveness, and the enhanced security that’s vital to any organization and cloud service provider.”
Imperva: Oracle Patching needs fixing
- Severe vulnerabilities leave production environment Applications without a work-around
Amichai Shulman, CTO, Imperva, a web and database security company has reviewed the Oracle Critical Patch Update which was released last week and provides the following analysis:
On the Oracle Patch process:
“Oracle patching needs fixing. In the past, Oracle provided a solid process of receiving reports, validating and scheduling fixes. Oracle had a lot of momentum around fixing database vulnerabilities. However, the quarterly patch cycle has seen a slow down in fixing database vulnerabilities since the acquisition and incorporation of so many companies and products during the past year. I can’t believe there is only one database fix quarter-to-quarter when there must be dozens or even hundreds of vulnerabilities.
“In the past, when Oracle had far fewer products, they would patch 100 database vulnerabilities at a time. One would assume that more products require more fixes, yet we are seeing smaller patches with less fixes for more products.
“Additionally troubling is that Oracle gives no clear indication of what the vulnerabilities involve, citing concerns that hackers would transform these vulnerabilities into exploits. Unfortunately, hackers will already reverse engineer this patch to determine these vulnerabilities, leaving Oracle customers as the only party without insight into what is happening.
“Without such insight, Oracle customers cannot develop a work-around for their production application and I find it hard to believe a company would patch critical applications without months of testing. This lack of transparency is outrageous behavior. Vendors expect researchers to shares details with them responsibly, yet they fail to do the same with security vendors and their customers.
On today’s patch:
“As for the patch, there are four vulnerabilities rated 10 for severity. We are seeing fixes for remote execution without authentication, which is very severe. For example, the Audit Vault vulnerability allows an attacker to bypass authentication and act as a remote administrator to execute any command on a server installed with Audit Vault agent.
“Within the database products, only six vulnerabilities are fixed. Two are remotely exploitable without authentication, yet the highest severity is only 7.5. It is also interesting to note only two vulnerabilities were fixed in the EBS suite. People soft and JDEdwards have 12 fixes. The primary exploit across the patch seems to be SQL injection in various modules.
“Exploits may emerge over the next few days, but we’ll have to wait and see. Unfortunately, it will likely take much longer for companies to test and implement this patch into their production environment.”
- Latest Opera vulnerability proves that all Web browsers should be viewed as potentially insecure says Idappcom.
Reports that the Opera Web browser has been hit by a zero-day vulnerability highlights the fact that all Web browser clients are, by their very nature, insecure, says Idappcom, the data traffic analysis and security specialist.
According to Anthony Haywood, the firm's chief technology officer, Opera is popular amongst users of smartphones and netbooks, owing to its relatively small footprint.
"Ironically, it's also been gaining traction on account of its less-than-mainstream status, which some experts have observed means that the software is less of a target by hackers and cybercriminals," he said.
"This reasoning appears quite sound, until you realise the world's Internet browser user base is now measured in hundreds of millions, which means that a client that accounts for a fraction of a percentage still means there are millions of users out there in cyberspace," he added.
Idappcom's CTO went on to say that the very fact a browser is low profile and has a select user base can actually make it attractive in the eyes of cybercriminals, as hackers can start exploring what appears to be virgin territory as far as vulnerabilities are concerned.
The most important thing to realise about Web browser client software, he says, is that it is designed to access a variety of Web sites, typically using Port 80 for regular HTTP access, and Port 443 for HTTPS access.
With so many IP ports available, this might sound a small IP profile to deal with from a security perspective, but the problem is that there are a growing number of non-standard applications that use Port 80 across the Internet, meaning that a Web browser client must be able to support these features, he explained.
Haywood says that this latest vulnerability - which some sources are reporting as a zero-day issue - allows potential attackers to execute arbitrary code remotely.
The flaw was discovered by French security researcher Jordi Chancel who disclosed it on his blog earlier this month, and classified the problem as an integer truncation error.
"Although technically complex, the flaw can cause Opera to crash, although the potentially silver lining here is that the address of the memory violation is reported to be unpredictable. This makes the vulnerability less easy to exploit from a hacking perspective," he said.
"Is Opera less or more secure than the other mainstream browsers? That depends on your perspective. The reality is that any software that uses Port 80 across the Internet has to be viewed as a potential security issue and users - especially IT managers - need to be aware of this fact," he added.
The bottom line to this latest browser flaw is that Internet software users need to install multiple layers of security defence, and ensure their software - and their security knowledge - is as up to date as possible."