Secure customer support
map
contact
home
bandeau.gauche.jpg
i.watch.jpg
 
 SECURITY FEED
 

 

• The depressing future of the Internet
A brief overview of how the Internet came about: some years ago, some military boffs thought it'd be awesome if computers could talk to each other, so the US could nuke the hell out of other countries without actually being near there. A smart professor from England then came up...

 

• Codename of the day: Nitrogen
The Microsoft codename contest continues. Today's entry is Nitrogen, which is the next version of Microsoft's ISA Server. by Mary Jo Foley

 

• Taiwan busts hacking ring, 50 million personal records compromised
Taiwan's Criminal Investigation Bureau CIB has successfully tracked down and arrested six people in what the CIB believes to be the biggest personal data breach in Taiwan to date. Apparently, the group also managed to obtain personal data on Taiwan's current and former presidents : "The suspects are believed...

 

• The Gammima Strain
Photo: NASA Is the International Space Station just another bot in a botnet? Are criminal hackers tapping away in some dark warehouse now in control of critical command-and-control systems on board? No, that would make a good Michael Crichton novel, though. It seems some...

 

• Worst news for McCain is not from Denver
The news is that even a milder form of McCain's skin cancer puts patients at increased risk, not just for more skin cancers, but for other cancers as well. by Dana Blankenhorn

 

• Virtualization software revives dumb terminals, cuts IT costs
With computers growing smarter by the day, why would anyone want to step back more than a decade and fill office cubicles with dumb terminals? The answer is simple - to keep cubicle computers in service longer, uncluttered and free of malware, viruses and hacking programs. At...

 

• Has Firefox already matched IE privacy features?
Perspectives, hatched at Carnegie Mellon, thwarts so-called "Man in the Middle" attacks on SSH secure sites by creating a virtual notary that can check the validity of an unsigned security certificate. by Dana Blankenhorn

 

• Major security hole found in iPhone
Gizmodo has unearthed a security flaw in the iPhone OS and boy is it a doozy. According to the post it's simple to access a locked iPhone's address book, Mail, SMS, Contacts, and Safari. The vulnerability works like this on a password protected and locked iPhone: ...

 

• Google Suggest goes live, will people like it?
Google Suggest is a feature that gives you automatic recommendations when you begin to search for something -- it's eluded the official Google homepage for several years, but today it has finally found it's way there. The question now, as Philipp Lenssen puts it, is weather it will be...

 

• Feel like taunting an identity thief? Don't.
The next time you get the urge to enter angry messages to phishers on fake malicious Web sites, stop and consider this discovery by researcher Joe Stewart. The identity thieves behind the Asprox botnet have built extra logic into phishing sites to detect taunts and subject those...

 

• Malware detected at the International Space Station
Malware is reaching new heights, and going into Space through a removable media carrying the W32.Gammima.AG password stealing malware to the International Space Station. According to SpaceRef.com : "W32.Gammima.AG worm is a level 0 gaming virus intended to gather personal information. Virus was never a threat to any of...

 

• Linux under attack: Compromised SSH keys lead to rootkit
The U.S. Computer Emergency Readiness Team CERT has issued a warning for what it calls "active attacks" against Linux-based computing infrastructures using compromised SSH keys. The attack appears to initially use stolen SSH keys to gain access to a system, and then uses local kernel exploits to...

 

• Go ahead...bring in your laptop
There is a growing controversy in our district over the use of personal laptops and other computing devices that can access our wireless or wired networks. A significant majority, myself included, believe that, aside from WPA and a strong password for the routers, teachers and students should be able...

 

• A (Microsoft) Codename a day: Geneva
Today's codename-contest submission is "Geneva," one of a growing number of Swiss codenames in the Microsoft family. Geneva is related to Zermatt, a previously disclosed Redmond name and, like Zermatt, has to do with federated identity. by Mary Jo Foley

 

• Patch issued for Ubuntu security flaw
Canonical has warned users of all machines running recent versions of Ubuntu to patch their systems and shut an open door for hackers. Canonical is the latest Linux vendor to patch a vulnerability in the open-source operating system's kernel that could have left the door open for hackers to...
 
i-Watch

i-Watch – Application Attack & Vulnerability Sensor

Understanding your applications
As the strategic roles that web applications play grow in importance, the benefits for any organisation are many: agility, reactivity, performance. But this dynamic trend also keeps IT departments busy with the management and security issues related to applications of which they often only have partial knowledge. Factors contributing to the shortcomings are differences in jobs, culture and objectives as well as outsourced development. To address these issues the two primary requirements are knowledge and understanding. When it comes to application security, what are the issues at stake? Where and why do sensitive areas exist? And what are your options when dealing with them?
Organisations have to consider these questions in order to find bespoke solutions for each application, and not just apply theoretical and general technologies. In short, your application security policy has to be progressively tailored to your needs.

Continuous and dynamic assessment
Quick and easy to deploy because it is a traffic monitoring tool, i-Watch identifies, assesses and classifies the varied information running through applications. It not only informs but also advises; incorporated into the solution, the knowledge centre contains valuable explanations on potential risks, enabling i-Watch to recommend different remedial measures to the application administrator.
i-Watch possesses a technological edge as the first truly dynamic and continuous web application monitor, suited to the ever-changing web environment. Throughout the life cycle of the application, from preproduction to post-deployment, it automatically highlights structural changes and reports on any sensitive or weak resources from web traffic and also, uniquely, on anomalous traffic behaviour.
i-Watch, business confidence through trusted application delivery.

 

i-Watch Logo

Features

Qualification

- Application discovery
- Resource identification
- Sensitive script detection
- Sensitive spplication detection
- Ambiguous resource detection
- Unnecessary artefact detection

Monitoring

- Support for several traffic capture modes:
Real Time using transparent sniffer
Web server log file
TCP dump file
i-Sentry and i-Trust logs

Attack detection

- Automated Process Detection

Risk Assessment

- Weak and sensitive resource analysis
- Incriminated parameter identification
- Potential risk measurement

 

Download the datasheet

View i-Watch Flash Demo 

 
  © Bee Ware - legal notice
French
English