RSA: Security vendors to build bridges at hot show

Paul Roberts   Today’s Top Stories   or  Other Security Stories  

Web Threats Don't Discriminate The Secure Web Gateway. Mission Critical For Business Dynamic Data Center and Virtualization Drives Operational Excellence at Emory Healthcare Learn How to Think Ahead of Attacks and Protect your Data For the Future IronPort Web Reputation Filters Tech Note IronPort Encryption Technology: Safeguarding Business Email Compterworld Technology Briefing: Intelligent Users Use Business Intelligence Computerworld Report- Large Enterprises Pay More for IPAM An Apple for Your Enterprise? Sign up to receive Security Resource Alerts

February 23, 2004 (IDG News Service) -- Security is a hot topic in technology circles these days. For proof of that statement, one need look no further than the buzz surrounding this year's RSA Conference in San Francisco, an annual gathering focused on IT security.
Once the exclusive province of cryptographers, the annual conference has grown and diversified in recent years along with the IT security industry itself. This year's conference will reflect heady times for that industry, with a high-profile keynote address by Microsoft Corp. Chairman and Chief Software Architect Bill Gates, swollen attendance figures and a gaggle of product news from companies looking to build bridges between their products and those of competitors.
Weary after a year punctuated by major outbreaks of worms such as Blaster, Sobig and MyDoom, more than 10,000 visitors are expected to visit San Francisco's Moscone Center this week, where more than 250 exhibitors are displaying technology to stop malicious hackers, viruses and other online scourges, according to Sandra LaPedis, area vice president and general manager of RSA Conferences, a division of Bedford, Mass.-based RSA Security Inc.
Attendance at this year's show is expected to be up by about 20% over 2003, due in part to Gates' appearance, an improving economy and a sustained interest among companies and the public in computer security topics such as viruses, spam and identity theft, LaPedis said.
Conference organizers have also changed tactics to broaden the show's appeal, adding a separate discussion track on identity and access management and a private Executive Security Action Forum for Fortune 500 CIOs and chief information security officers today, she said.
Dozens of companies, large and small, are planning announcements to coincide with the conference, with the need for better security management a dominant theme.

VeriSign Inc., IBM and others are backing a new program to develop an open standard for strong, multifactor authentication that can be used across the Internet.
Mountain View, Calif.-based VeriSign today announced an initiative called the Open Authentication Reference Architecture, or Oath, which is intended to replace the patchwork of proprietary user-authentication products and allow users to seamlessly access services on corporate networks and the Web, VeriSign executives said. IBM said its Tivoli Identity Management product will support the new architecture.
Sun Microsystems Inc. plans to announce at the RSA Conference changes to its product line that are intended to make network security easier to manage.
Calling its new security model "Infinite Access," Sun plans to announce the integration of its Java Card technology with a wide range of the company's other software products. The closer integration will provide strong, multifactor authentication "out of the box" (without requiring custom integration) for customers who use Sun's Java Desktop System, its alternative to Windows, said Rama Moorthy, manager of the Security Marketing and Strategy group at Sun.
The idea is to make security ubiquitous, invisible to users and easy for businesses to use, Moorthy said.
Sun also plans to announce closer integration of its identity management product, the Java System Identity Server, with Microsoft's Active Directory Server. A new version of the Java System Identity Server that incorporates technology acquired with Sun's purchase of Waveset Technologies Inc. features improved life-cycle management for user accounts and will allow customers to directly manage accounts within Active Directory Server using the Java System Identity Server, she said.

Companies such as Qualys Inc. and Tripwire Inc. plan to use the conference to announce versions of their products that work better with other security management technologies.
Redwood City, Calif.-based Qualys plans to announce integration between its QualysGuard vulnerability testing service and security event management products from ArcSight Inc., GuardedNet Inc. and Network Intelligence Corp. The integration will allow customers using those products to correlate vulnerability information from QualysGuard with intrusion-detection systems (IDS) and firewalls to provide a single view of network security, a Qualys spokeswoman said.
Portland, Ore.-based Tripwire Inc., which makes software to monitor changes in computer configurations, plans to announce an upgrade to its server management product. Tripwire Manager 4.1 will be easier to use with other enterprise management software such as Hewlett-Packard Co.'s OpenView and IBM's Tivoli, the company said.
Sensing an opportunity, a new company, Skybox Security Inc. of Menlo Park, Calif., will use the RSA Conference to unveil its product, called Skybox View, which is described as an enterprise risk management platform. Based on attack simulation technology developed by company co-founders Gidi Cohen, CEO, and Moshe Meiseles, CTO, Skybox View creates an integrated security model of an organization's network that maps network scanners, firewalls and routers, as well as considering management systems and security policies. The product then launches simulated attacks against them to identify likely access paths for attackers, the company said.
Also on the management front, firewall maker Zone Labs Inc. plans to announce a new version of its Integrity security policy enforcement product, Zone Labs Integrity 5.0. The new integrated firewall and security policy management product features tighter integration with Check Point Software Technologies Ltd.'s firewalls and virtual private network products so companies can limit network access to machines that comply with security policies regarding antivirus updates, systems configuration and patch level, Zone Labs said.

Finally, the Organization for the Advancement of Structured Information Standards (OASIS) plans to announce growing support for its emerging AVDL (Application Vulnerability Description Language) standard, which allows security products from different vendors to share data about software vulnerabilities.
A host of security technology companies, along with the U.S. Department of Energy Computer Incident Advisory Capability organization, have announced support for the nascent standard.
The OASIS AVDL Technical Committee has completed the first specification for the standard and will submit it to OASIS for approval in March, according to Brian Cohen, CEO of SPI Dynamics Inc. in Atlanta and a member of the AVDL Working Group.
AVDL will be a common language among disparate security products and, when widely adopted, will set the stage for a closer integration between vulnerability-detection systems and automated patching and remediation products, said Wes Wasson, vice president of marketing at NetContinuum Inc. in Santa Clara, Calif., and another AVDL Working Group member.
"These devices need to start communicating in intelligent ways," said Pete Lindstrom, research director at Spire Security LLC, a market research and analysis company. "It doesn't mean you go bonkers with automation overnight, but we need to slowly get comfortable with things like dynamic reconfigurations [of network devices] in our environments."
Eventually, closer links between vulnerability assessment products and technology such as firewalls and IDS are needed, he said.

Continued...
1 | 2 | NEXT  

Reprinted with permission from

IDG.net
Story copyright 2008 International Data Group. All rights reserved.

Print this Story

Send Us Feedback

E-mail this Story

Digg this Story

Slashdot this Story

RSA: Security vendors to build bridges at hot show Gates promotes Microsoft's security efforts at RSA show

Microsoft to make Longhorn vulnerability-aware Crypto stars sound off on e-voting, digital rights management

"The recent attacks in Mumbai were carried out by assailants using high tech methods. It’s just another way in which..." Read more... Read more Security posts or See all Blogs

Virtually every Windows PC at risk, says Secunia License server glitch exposes SonicWall users to e-mail security threats Too good to ignore: 6 alternative browsers More top stories...

Clues point to Jan. 13 release of Windows 7 beta Microsoft releases Vista SP2 beta Feds nab more members of alleged identity theft gang

Review: The new MacBook Air, now with extra SSD goodness Thin as ever, the latest Air offers up to twice the storage and snappy performance. Cool Stuff: Your 2008 Holiday Gift Guide We've got an array of economical, expensive, and just plain weird tech gifts for your friends and family. Massive botnet returns from the dead, starts spamming The spam-spewing 'Srizbi' botnet that was shut down two weeks ago has been resurrected and is again under criminal control, say security researchers. Elgan: Why you can't trust 'friends' on Facebook Facebook is popular and growing -- especially with criminals. Here's why they love it. Windows 7 Get the latest news, reviews and more about Microsoft's newest desktop operating system More Continuing Coverage Windows 7 Voting Technology Google's Chrome browser Economy in turmoil: Latest news and tips iPhone 3G Bill Gates moves on Windows Vista A to Z Mac A to Z 2008 Salary Survey Find wage data for 50 IT job titles. More Special Reports 2008 Premier 100 IT Leaders 2007 Premier 100 IT Leaders 2008 Best Places to Work in IT 2007 Best Places to Work in IT 2008 Salary Survey 2007 Salary Survey 2006 Salary Survey 2008 IT Forecast 2007 IT Forecast 40 Years of Computerworld Top 12 Green-IT Users The FAQs About Going Green IT Schools to Watch iPhone: One Year Later Global Mobile Your Next Data Center Management: Reinventing IT Stop Data Leaks Web 2.0 Security Surviving Disasters Managing Storage Virtualization The Lean Storage Machine Storage on Trial Can Web 2.0 Save BI? Bypass These BI Potholes All Zones Business Continuity Zone The File Data Management Zone Security Management Zone The SAS Zone Business Intelligence and Analytics Zone The Enterprise Search Zone Software as a Service Zone The Security Zone See your link here

Moving to Windows Vista: The Promise, The Reality Moving to Windows Vista: The Promise, The Reality View this exclusive webcast today! Go to the webcast  Computerworld Executive Bulletin: Building a Robust Antivirus Defense Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs. (Source: MessageLabs) Antivirus software alone isn't enough to prevent today's speedy, sophisticated virus attacks. Security managers should consider multitiered approaches that include behavior scanning, appliances that check e-mail for worms, and restricting user access to dangerous Web sites. Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs, to learn more. Download this executive briefing  Record Capacity for Microsoft� Exchange 2007 With VMware and IBM System x3850 M2 Download this white paper today! (Source: VMware) The more that e-mail becomes an entrenched IT infrastructure application, the more that messaging administrators face numerous--sometimes conflicting--demands in the categories of availability, flexibility and cost. Employing a virtual solution can help avoid expensive over-provisioning of server computing resources, while improving management and disaster recovery. And ultimately, it can more than double the number of supportable Exchange 2007 users, as compared to a non-virtualized environment. This whitepaper explains how to break down the scalability barrier and respond faster to your mail system needs. Download this white paper  White Papers Read up on the latest ideas and technologies from companies that sell hardware, software and services. The Importance of Application Management Dell Client Migration and Deployment Services A Synergistic Relationship: Marrying E Family Hardware and Windows Vista� View more whitepapers

• RSA: Security vendors to build bridges at hot show
• Microsoft to make Longhorn vulnerability-aware
• Gates promotes Microsoft's security efforts at RSA show
• Crypto stars sound off on e-voting, digital rights management

• Virtually every Windows PC at risk, says Secunia
• Clues point to Jan. 13 release of Windows 7 beta
• License server glitch exposes SonicWall users to e-mail security threats
• More top stories 

The Security Zone With the mobility of employees and the ease with which external devices can be brought in and out of a network, continuing to build your security plan for network servers and clients is a must. Fortunately, there is much that organizations can do to protect themselves from attacks - internal and external. Having the right policies, procedures and server configurations is critical... Learn more in The Security Zone See All Zones

Fired up about IT? Join Sharkbait and share your true tales of IT. SharkBait is the place for you to sound off about everything IT – the good, the bad, and the rest of the weird stuff you deal with every day. New baits

"Turning information into a Competitive Advantage" Companies today are realizing that competitive advantage is harder to sustain when based solely on gains in productivity and cost efficiency. The focus is shifting to invest more in business optimization initiatives which rely on trusted information to develop new insights that deliver better business results. But how can this be done efficiently in a business environment across multiple applications and processes. The answer is an Information Agenda - an innovative approach to transforming business information into a strategic asset for competitive advantage. View this webcast now!  See more Webcasts

Dan Tynan Today's Internet has been brought to you by porn YouTube and Ning are trying to shed adult-oriented content to appeal to mainstream advertisers. Will it work? ... [more]